From 53780de6daa18272e238d88a8c72d64fddb90ba8 Mon Sep 17 00:00:00 2001
From: Kelsi <kelsihates2fa@gmail.com>
Date: Wed, 6 May 2026 05:36:20 -0700
Subject: [PATCH] fix(wob): clamp out-of-range group indices + reject absurd
 texture path lengths

Mirrors the WOM index-clamp + texture-path-length guards. Out-of-range
indices into the WMO group's vertex buffer would crash the GPU draw.
Texture path length over 1KB indicates a corrupted/truncated WoB; clamp
to 0 to prevent allocating 65KB-string buffers per bad entry.
---
 src/pipeline/wowee_building.cpp | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/pipeline/wowee_building.cpp b/src/pipeline/wowee_building.cpp
index 404474f1..14e405ca 100644
--- a/src/pipeline/wowee_building.cpp
+++ b/src/pipeline/wowee_building.cpp
@@ -72,10 +72,17 @@ WoweeBuilding WoweeBuildingLoader::load(const std::string& basePath) {
         }
         grp.indices.resize(ic);
         f.read(reinterpret_cast<char*>(grp.indices.data()), ic * 4);
+        // Same out-of-range index clamp as the WOM loader — bad indices
+        // would crash the GPU draw on the WMO group.
+        const uint32_t vMax = vc > 0 ? vc - 1 : 0;
+        for (auto& idx : grp.indices) {
+            if (idx > vMax) idx = 0;
+        }
 
         for (uint32_t ti = 0; ti < tc; ti++) {
             uint16_t tl;
             f.read(reinterpret_cast<char*>(&tl), 2);
+            if (tl > 1024) tl = 0;
             std::string tp(tl, '\0');
             f.read(tp.data(), tl);
             grp.texturePaths.push_back(tp);