diff options
| author | Ben Harris <bjh21@bjh21.me.uk> | 2023-02-26 23:18:44 +0000 |
|---|---|---|
| committer | Ben Harris <bjh21@bjh21.me.uk> | 2023-02-26 23:18:44 +0000 |
| commit | 5a491c5ad333ef34c1e7713f920f51cbb205af60 (patch) | |
| tree | e389f33a08a9e58e4f561e86dba2f1eda9e3a516 | |
| parent | 6ee62a43abe7d7e77226415b21d1cbf16dbda85a (diff) | |
| download | puzzles-5a491c5ad333ef34c1e7713f920f51cbb205af60.zip puzzles-5a491c5ad333ef34c1e7713f920f51cbb205af60.tar.gz puzzles-5a491c5ad333ef34c1e7713f920f51cbb205af60.tar.bz2 puzzles-5a491c5ad333ef34c1e7713f920f51cbb205af60.tar.xz | |
Inertia: insist that solutions must be non-empty
Any solution actually generated by the solver will contain at least one
move, because it refuses to solve games that are already solved.
However, a save file might contain an empty "solve" move. This causes
an uninitialised read when execute_move() then tries to check if the
next move is in accordance with the solution, because the check for
running off the end of the solution happens after that.
We now avoid this by treating a zero-length "solution" as an invalid
move.
| -rw-r--r-- | inertia.c | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -1697,6 +1697,7 @@ static game_state *execute_move(const game_state *state, const char *move) * This is a solve move, so we don't actually _change_ the * grid but merely set up a stored solution path. */ + if (move[1] == '\0') return NULL; /* Solution must be non-empty. */ ret = dup_game(state); install_new_solution(ret, move); return ret; |