From e4112b322e299a461ddc46daee741c73733e186d Mon Sep 17 00:00:00 2001 From: Ben Harris Date: Sat, 28 Jan 2023 19:06:24 +0000 Subject: [PATCH] Cleanly reject ill-formed solve moves in Flood A solve move containing characters other than digits and commas would cause an assertion failure, "*p == ','", in execute_move(). Such a move can't as far as I know be generated in play, but can be read from a corrupt save file. Here's a sample of such a save file: SAVEFILE:41:Simon Tatham's Portable Puzzle Collection VERSION :1:1 GAME :5:Flood PARAMS :7:3x3c6m5 CPARAMS :7:3x3c6m5 DESC :12:403011503,10 NSTATES :1:2 STATEPOS:1:2 SOLVE :2:SA --- flood.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/flood.c b/flood.c index 08410ba..c015c7e 100644 --- a/flood.c +++ b/flood.c @@ -942,7 +942,11 @@ static game_state *execute_move(const game_state *state, const char *move) sol->moves[i] = atoi(p); p += strspn(p, "0123456789"); if (*p) { - assert(*p == ','); + if (*p != ',') { + sfree(sol->moves); + sfree(sol); + return NULL; + } p++; } }