From 952ef8ca565d803da1134466358bd85683a489a3 Mon Sep 17 00:00:00 2001
From: Ben Harris <bjh21@bjh21.me.uk>
Date: Sat, 7 Jan 2023 23:44:31 +0000
Subject: Undead: fix buffer overrun in "M" command

The guessable squares are numbered up to num_total, not "wh".  The
latter includes mirror squares that aren't included in the various
arrays describing the game state.

To reproduce the problem, build Undead with AddressSanitizer and press
"M".
---
 undead.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/undead.c b/undead.c
index ef3827b..9c6b6fb 100644
--- a/undead.c
+++ b/undead.c
@@ -2103,7 +2103,7 @@ static game_state *execute_move(const game_state *state, const char *move)
              * approach of starting off in that state and eliminating
              * things.
              */
-            for (i = 0; i < ret->common->wh; i++)
+            for (i = 0; i < ret->common->num_total; i++)
                 if (ret->guess[i] == 7)
                     ret->pencils[i] = 7;
             move++;
-- 
cgit v1.1