Fix sloppy sanity check for mobility going negative in transport
authorMarkus Armbruster <armbru@pond.sub.org>
Thu, 31 Dec 2009 10:27:48 +0000 (11:27 +0100)
committerMarkus Armbruster <armbru@pond.sub.org>
Tue, 19 Jan 2010 07:37:05 +0000 (08:37 +0100)
Assignment to sct_mobil was vulnerable to integer underflow.  Should
not happen, as move_ground() never returns a cost exceeding available
mobility.

src/lib/commands/tran.c

index cbb27bc1ba9a332068db5ce1ad56c6e4614f2cae..a3335ed5057fb2611df4060bb7a8dbe6c7397035 100644 (file)
@@ -134,8 +134,9 @@ tran_nuke(void)
     else
        pr("No mobility used\n");
     getsect(srcx, srcy, &sect);
-    sect.sct_mobil -= mcost;
-    if (sect.sct_mobil < 0)
+    if (sect.sct_mobil >= mcost)
+       sect.sct_mobil -= mcost;
+    else
        sect.sct_mobil = 0;
     putsect(&sect);
     return RET_OK;
@@ -229,8 +230,9 @@ tran_plane(void)
     else
        pr("No mobility used\n");
     getsect(srcx, srcy, &sect);
-    sect.sct_mobil -= mcost;
-    if (sect.sct_mobil < 0)
+    if (sect.sct_mobil >= mcost)
+       sect.sct_mobil -= mcost;
+    else
        sect.sct_mobil = 0;
     putsect(&sect);
     return RET_OK;