phaneron/Kelsidavis-WoWee
1
0
Fork 0
mirror of https://github.com/Kelsidavis/WoWee.git synced 2026-03-28 09:33:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

fix: guard spline point loop against unsigned underflow when pointCount==1

Browse source 
The uncompressed spline skip loop used `pointCount - 1` in its bound
without guarding pointCount > 1. While pointCount==0 is already handled
by an early return, pointCount==1 would correctly iterate 0 times, but
the explicit guard makes the intent clearer and prevents future issues
if the early return is ever removed.
This commit is contained in:
Kelsi 2026-03-27 14:20:28 -07:00
parent 6783ead4ba
commit cbb42ac58f
1 changed files with 5 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/game/world_packets.cpp
View file

@ -3167,9 +3167,11 @@ bool MonsterMoveParser::parse(network::Packet& packet, MonsterMoveData& data) {
if (uncompressed) {
// Read last point as destination
// Skip to last point: each point is 12 bytes
for (uint32_t i = 0; i < pointCount - 1; i++) {
if (!packet.hasRemaining(12)) return true;
packet.readFloat(); packet.readFloat(); packet.readFloat();
if (pointCount > 1) {
for (uint32_t i = 0; i < pointCount - 1; i++) {
if (!packet.hasRemaining(12)) return true;
packet.readFloat(); packet.readFloat(); packet.readFloat();
}
}
if (!packet.hasRemaining(12)) return true;
data.destX = packet.readFloat();