From dd6e040122a1fe47e43efe4f2431b5cb883aa6cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Janiszewski?= Date: Wed, 26 Apr 2017 22:40:04 +0200 Subject: [PATCH] Prevent access to invalid banner in game command --- src/openrct2/world/map.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/openrct2/world/map.c b/src/openrct2/world/map.c index 391f8aede6..65154f6075 100644 --- a/src/openrct2/world/map.c +++ b/src/openrct2/world/map.c @@ -4424,6 +4424,11 @@ void game_command_set_sign_name(sint32* eax, sint32* ebx, sint32* ecx, sint32* e void game_command_set_sign_style(sint32* eax, sint32* ebx, sint32* ecx, sint32* edx, sint32* esi, sint32* edi, sint32* ebp) { uint8 bannerId = *ecx & 0xFF; + if (bannerId > countof(gBanners)) { + log_warning("Invalid game command for setting sign style, banner id = %d", bannerId); + *ebx = MONEY32_UNDEFINED; + return; + } rct_banner *banner = &gBanners[bannerId]; sint32 x = banner->x << 5; sint32 y = banner->y << 5;