Limit width and height to SHRT_MAX in Mines

Mines' "struct set" stores co-ordinates within the grid in a pair of
shorts, which leads to very bad behaviour (including heap-based buffer
overruns) if the grid is bigger than SHRT_MAX in either dimension.  So
now we don't allow that.

The overrun can be demonstrated by loading this save file, though the
precise crash is quite variable.  In particular, you seem to get
better crashes if the file doesn't have a trailing newline.

SAVEFILE:41:Simon Tatham's Portable Puzzle Collection
PARAMS  :5:06000
CPARAMS :7:6x60000
NSTATES :1:3
STATEPOS:1:2
MOVE    :5:C0,00
GAME    :5:Mines
DESC    :22:r8,u,00000000000000000
MOVE    ::

1 files changed, 2 insertions, 0 deletions

diff --git a/mines.c b/mines.c
index 16075aa..c666001 100644
--- a/mines.c
+++ b/mines.c
@@ -263,6 +263,8 @@ static const char *validate_params(const game_params *params, bool full)
 	return "Width and height must both be greater than two";
     if (params->w < 1 || params->h < 1)
 	return "Width and height must both be at least one";
+    if (params->w > SHRT_MAX || params->h > SHRT_MAX)
+        return "Neither width nor height may be unreasonably large";
     if (params->w > INT_MAX / params->h)
         return "Width times height must not be unreasonably large";
     if (params->n < 0)