From d422dd6009f3e48e13d5f7f162813537902e125c Mon Sep 17 00:00:00 2001
From: Ben Harris <bjh21@bjh21.me.uk>
Date: Tue, 10 Jan 2023 20:53:07 +0000
Subject: [PATCH] Last-ditch grid-size limit for Galaxies

At least prevent integer overflow when constructing the grid.
---
 galaxies.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/galaxies.c b/galaxies.c
index 36845d4..c367b29 100644
--- a/galaxies.c
+++ b/galaxies.c
@@ -42,6 +42,7 @@
 #include <string.h>
 #include <assert.h>
 #include <ctype.h>
+#include <limits.h>
 #include <math.h>
 
 #include "puzzles.h"
@@ -282,6 +283,10 @@ static const char *validate_params(const game_params *params, bool full)
 {
     if (params->w < 3 || params->h < 3)
         return "Width and height must both be at least 3";
+    if (params->w > INT_MAX / 2 || params->h > INT_MAX / 2 ||
+        params->w > (INT_MAX - params->w*2 - params->h*2 - 1) / 4 / params->h)
+        return "Width times height must not be unreasonably large";
+
     /*
      * This shouldn't be able to happen at all, since decode_params
      * and custom_params will never generate anything that isn't