From 10e77f1c2ed8413ae061bd1f0621ead087a37154 Mon Sep 17 00:00:00 2001 From: Kelsi Date: Wed, 6 May 2026 06:54:48 -0700 Subject: [PATCH] fix(npc): guard NpcSpawner::scatter against zero radius and bad inputs A radius of 0 would either throw from the uniform distribution constructor (uniform_real_distribution requires a < b) or divide by zero in the sqrt-based area-uniform sampler. Also reject NaN center, non-positive radius, and absurdly large counts (>10k) which would freeze the editor on placement. --- tools/editor/npc_spawner.cpp | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tools/editor/npc_spawner.cpp b/tools/editor/npc_spawner.cpp index 49d53d3a..0585511f 100644 --- a/tools/editor/npc_spawner.cpp +++ b/tools/editor/npc_spawner.cpp @@ -109,6 +109,15 @@ bool NpcSpawner::saveToFile(const std::string& path) const { void NpcSpawner::scatter(const CreatureSpawn& base, const glm::vec3& center, float radius, int count) { + // Defensive bounds — UI sliders cap these, but the function is also + // callable programmatically. radius<=0 would either throw from the + // uniform distribution constructor or divide by zero on the sqrt + // line; an absurd count would freeze the editor and OOM. + if (count <= 0 || count > 10000) return; + if (!std::isfinite(radius) || radius <= 0.0f) return; + if (!std::isfinite(center.x) || !std::isfinite(center.y) || + !std::isfinite(center.z)) return; + std::mt19937 rng(static_cast(center.x * 100 + center.y * 37)); std::uniform_real_distribution distAngle(0.0f, 6.2831853f); std::uniform_real_distribution distDist(0.0f, radius);