ref: 952ef8ca565d803da1134466358bd85683a489a3
parent: a02c55b0492453ea7ca4e4ae63cb90ba4c93a3a5
author: Ben Harris <bjh21@bjh21.me.uk>
date: Sat Jan 7 18:44:31 EST 2023
Undead: fix buffer overrun in "M" command The guessable squares are numbered up to num_total, not "wh". The latter includes mirror squares that aren't included in the various arrays describing the game state. To reproduce the problem, build Undead with AddressSanitizer and press "M".
--- a/undead.c
+++ b/undead.c
@@ -2103,7 +2103,7 @@
* approach of starting off in that state and eliminating
* things.
*/
- for (i = 0; i < ret->common->wh; i++)
+ for (i = 0; i < ret->common->num_total; i++)
if (ret->guess[i] == 7)
ret->pencils[i] = 7;
move++;