From: simon <simon@cda61777-01e9-0310-a592-d414129be87e>
Date: Mon, 10 Oct 2005 16:29:58 +0000 (+0000)
Subject: Richard Earnshaw points out that if you enter an out-of-range number
X-Git-Url: https://git.distorted.org.uk/~mdw/sgt/puzzles/commitdiff_plain/d0ed57cd5049dfe5cb1bb158cc6c48cd7ad9965b

Richard Earnshaw points out that if you enter an out-of-range number
in the game description, the solver will fail to notice it and
overrun an array leading to assertion failure, silent wrong answers
or (in extreme cases) segfaults. Hence, validate_desc() now spots
them and kicks them out.


git-svn-id: svn://svn.tartarus.org/sgt/puzzles@6383 cda61777-01e9-0310-a592-d414129be87e
---

diff --git a/solo.c b/solo.c
index cb9ac7f..2079da9 100644
--- a/solo.c
+++ b/solo.c
@@ -2293,6 +2293,9 @@ static char *validate_desc(game_params *params, char *desc)
         } else if (n == '_') {
             /* do nothing */;
         } else if (n > '0' && n <= '9') {
+            int val = atoi(desc-1);
+            if (val < 1 || val > params->c * params->r)
+                return "Out-of-range number in game description";
             squares++;
             while (*desc >= '0' && *desc <= '9')
                 desc++;