ref: e4112b322e299a461ddc46daee741c73733e186d
parent: eb1ae3f3d041f9ff0c11b04613a695be11bda706
author: Ben Harris <bjh21@bjh21.me.uk>
date: Sat Jan 28 14:06:24 EST 2023
Cleanly reject ill-formed solve moves in Flood A solve move containing characters other than digits and commas would cause an assertion failure, "*p == ','", in execute_move(). Such a move can't as far as I know be generated in play, but can be read from a corrupt save file. Here's a sample of such a save file: SAVEFILE:41:Simon Tatham's Portable Puzzle Collection VERSION :1:1 GAME :5:Flood PARAMS :7:3x3c6m5 CPARAMS :7:3x3c6m5 DESC :12:403011503,10 NSTATES :1:2 STATEPOS:1:2 SOLVE :2:SA
--- a/flood.c
+++ b/flood.c
@@ -942,7 +942,11 @@
sol->moves[i] = atoi(p);
p += strspn(p, "0123456789");
if (*p) {- assert(*p == ',');
+ if (*p != ',') {+ sfree(sol->moves);
+ sfree(sol);
+ return NULL;
+ }
p++;
}
}