From 6fb36934a82842c7ea1334714c9f5a746c12a8ab Mon Sep 17 00:00:00 2001 From: Darkvater Date: Thu, 26 Jan 2006 18:45:04 +0000 Subject: (svn r3446) - Fix: incorrect validating of tree-planting command which can allow a buffer-overflow (Tron) --- tree_cmd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tree_cmd.c b/tree_cmd.c index ed207f4c7..51a5cfe06 100644 --- a/tree_cmd.c +++ b/tree_cmd.c @@ -139,7 +139,7 @@ int32 CmdPlantTree(int ex, int ey, uint32 flags, uint32 p1, uint32 p2) int32 cost; int sx, sy, x, y; - if (p2 > MapSize()) return CMD_ERROR; + if (p2 >= MapSize()) return CMD_ERROR; /* Check the tree type. It can be random or some valid value within the current climate */ if (p1 != (uint)-1 && p1 - _tree_base_by_landscape[_opt.landscape] >= _tree_count_by_landscape[_opt.landscape]) return CMD_ERROR; -- cgit v1.2.3-70-g09d2