shithub: puzzles

Download patch

ref: d422dd6009f3e48e13d5f7f162813537902e125c
parent: b3f3345764b0808a7a97b9c3a2a1888fd62383a0
author: Ben Harris <[email protected]>
date: Tue Jan 10 15:53:07 EST 2023

Last-ditch grid-size limit for Galaxies

At least prevent integer overflow when constructing the grid.

--- a/galaxies.c
+++ b/galaxies.c
@@ -42,6 +42,7 @@
 #include <string.h>
 #include <assert.h>
 #include <ctype.h>
+#include <limits.h>
 #include <math.h>
 
 #include "puzzles.h"
@@ -282,6 +283,10 @@
 {
     if (params->w < 3 || params->h < 3)
         return "Width and height must both be at least 3";
+    if (params->w > INT_MAX / 2 || params->h > INT_MAX / 2 ||
+        params->w > (INT_MAX - params->w*2 - params->h*2 - 1) / 4 / params->h)
+        return "Width times height must not be unreasonably large";
+
     /*
      * This shouldn't be able to happen at all, since decode_params
      * and custom_params will never generate anything that isn't