From 8ff1e146d21554e5ece236efcadff34719d7f071 Mon Sep 17 00:00:00 2001
From: dg <dg@51575b47-30f0-44d4-a5cc-537603b46e54>
Date: Thu, 30 May 2013 21:48:27 +0000
Subject: [PATCH] fix a buffer overflow in FOV

Fixed traps in immediate melee mode


git-svn-id: http://svn.net-core.org/repos/t-engine4@6808 51575b47-30f0-44d4-a5cc-537603b46e54
---
 src/fov/fov.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/fov/fov.c b/src/fov/fov.c
index d0010f952b..833ef528b9 100644
--- a/src/fov/fov.c
+++ b/src/fov/fov.c
@@ -577,9 +577,14 @@ FOV_DEFINE_OCTANT(-,-,y,x,m,m,y)
 */
 #define GET_BUFFER(target, buffer_data, len)                                                      \
     /* hurray, no branching, modulus, or malloc! */                                               \
+    {                                                                                             \
+    int overrun = (buffer_data->index + buffer_data->prev_len + len) & (FOV_BUFFER_SIZE - 1);     \
     buffer_data->index = (buffer_data->index + buffer_data->prev_len) & (FOV_BUFFER_SIZE - 1);    \
+    if (overrun < buffer_data->index)                                                             \
+        buffer_data->index = 0;                                                                   \
     buffer_data->prev_len = len;                                                                  \
-    target = buffer_data->buffer + buffer_data->index;
+    target = buffer_data->buffer + buffer_data->index;                                            \
+    }
 
 /* Conveniences for code clarity */
 #define X 0
-- 
GitLab