From 924692c1dddfe0fed1f7576bb86dfa3898bae319 Mon Sep 17 00:00:00 2001 From: Celtic Minstrel Date: Wed, 18 Jan 2023 09:56:14 -0500 Subject: [PATCH] Fix possible buffer overreach when selecting a shop item Thanks to @fosnola for the fix. --- src/game/boe.dlgutil.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/game/boe.dlgutil.cpp b/src/game/boe.dlgutil.cpp index df587e76..f0724e16 100644 --- a/src/game/boe.dlgutil.cpp +++ b/src/game/boe.dlgutil.cpp @@ -220,7 +220,9 @@ void handle_shop_event(location p) { } for(short i = 0; i < 8; i++) { - unsigned long what_picked = shop_array[i + shop_sbar->getPosition()]; + auto shop_i = i + shop_sbar->getPosition(); + if(shop_i >= shop_array.size()) break; + unsigned long what_picked = shop_array[shop_i]; if(what_picked >= active_shop.size()) break; if(active_shop.getItem(what_picked).type == eShopItemType::EMPTY) break;