From 1bab1d1d2ab472bb8fc7cddfce1d3c37e63a2ed5 Mon Sep 17 00:00:00 2001
From: Ben Harris <bjh21@bjh21.me.uk>
Date: Sun, 16 Oct 2022 19:14:24 +0100
Subject: Correct and enable the range check on statepos when loading

statepos == 0 shouldn't ever occur in a save file because it indicates
an uninitialised midend.  OTOH statepos == nstates is normal.  Also
added an equivalent assertion when saving because Simon and I spent
some time discussing whether it could happen.
---
 midend.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'midend.c')

diff --git a/midend.c b/midend.c
index 10f6810..175b6f1 100644
--- a/midend.c
+++ b/midend.c
@@ -2091,6 +2091,7 @@ void midend_serialise(midend *me,
         char buf[80];
         sprintf(buf, "%d", me->nstates);
         wr("NSTATES", buf);
+        assert(me->statepos >= 1 && me->statepos <= me->nstates);
         sprintf(buf, "%d", me->statepos);
         wr("STATEPOS", buf);
     }
@@ -2345,8 +2346,9 @@ static const char *midend_deserialise_internal(
         ret = "Game private description in save file is invalid";
         goto cleanup;
     }
-    if (data.statepos < 0 || data.statepos >= data.nstates) {
+    if (data.statepos < 1 || data.statepos > data.nstates) {
         ret = "Game position in save file is out of range";
+        goto cleanup;
     }
 
     if (!data.states) {
-- 
cgit v1.1