From a5df985a05c064353b0e934b95f3045e0e5d298c Mon Sep 17 00:00:00 2001
From: Tomas Dittmann <chaosmeist3r@gmail.com>
Date: Tue, 1 Aug 2017 00:20:37 +0200
Subject: [PATCH 1/2] prevent infinite loop while fixing invalid research items

research_remove() does not expect any items between RESEARCHED_ITEMS_END & RESEARCHED_ITEMS_END_2, so make sure, the next item is RESEARCHED_ITEMS_END_2
fix infinite loop while loading the save file RR_60glitch.zip from #5311
---
 src/openrct2/game.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/openrct2/game.c b/src/openrct2/game.c
index 8f402dadcd..15cf73c874 100644
--- a/src/openrct2/game.c
+++ b/src/openrct2/game.c
@@ -1072,7 +1072,12 @@ void game_fix_save_vars()
     for (sint32 i = 0; i < MAX_RESEARCH_ITEMS; i++) {
         rct_research_item *researchItem = &gResearchItems[i];
         if (researchItem->entryIndex == RESEARCHED_ITEMS_SEPARATOR) continue;
-        if (researchItem->entryIndex == RESEARCHED_ITEMS_END) continue;
+        if (researchItem->entryIndex == RESEARCHED_ITEMS_END)
+        {
+            assert(i < (MAX_RESEARCH_ITEMS - 1));
+            (researchItem+1)->entryIndex = RESEARCHED_ITEMS_END_2;
+            continue;
+        }
         if (researchItem->entryIndex == RESEARCHED_ITEMS_END_2) break;
         if (researchItem->entryIndex & 0x10000) {
             uint8 entryIndex = researchItem->entryIndex & 0xFF;
@@ -1096,7 +1101,6 @@ void game_fix_save_vars()
 
     // Fix invalid vehicle sprite sizes, thus preventing visual corruption of sprites
     fix_invalid_vehicle_sprite_sizes();
-
 }
 
 /**

From b330c4032fe7288e16038fdfe91bc2ab0da4927a Mon Sep 17 00:00:00 2001
From: Tomas Dittmann <chaosmeist3r@gmail.com>
Date: Tue, 1 Aug 2017 21:45:04 +0200
Subject: [PATCH 2/2] ensure validity instead of asserting invalidity.

---
 src/openrct2/game.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/openrct2/game.c b/src/openrct2/game.c
index 15cf73c874..8ad2440d1d 100644
--- a/src/openrct2/game.c
+++ b/src/openrct2/game.c
@@ -1074,9 +1074,12 @@ void game_fix_save_vars()
         if (researchItem->entryIndex == RESEARCHED_ITEMS_SEPARATOR) continue;
         if (researchItem->entryIndex == RESEARCHED_ITEMS_END)
         {
-            assert(i < (MAX_RESEARCH_ITEMS - 1));
-            (researchItem+1)->entryIndex = RESEARCHED_ITEMS_END_2;
-            continue;
+            if (i == MAX_RESEARCH_ITEMS - 1)
+            {
+                (--researchItem)->entryIndex = RESEARCHED_ITEMS_END;
+            }
+            (++researchItem)->entryIndex = RESEARCHED_ITEMS_END_2;
+            break;
         }
         if (researchItem->entryIndex == RESEARCHED_ITEMS_END_2) break;
         if (researchItem->entryIndex & 0x10000) {