From 6578cd2cba8e7f9cb4b8dd99b4670aaeccb337a7 Mon Sep 17 00:00:00 2001
From: Christian Heller <c.heller@plomlompom.de>
Date: Wed, 16 Apr 2014 16:08:46 +0200
Subject: [PATCH] Client: Fix crashes happening on navigation in too large
 inventory (string).

---
 TODO                 | 4 ++--
 confserver/world     | 2 +-
 src/client/control.c | 7 +++++--
 3 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/TODO b/TODO
index 9226ff0..5438e49 100644
--- a/TODO
+++ b/TODO
@@ -9,6 +9,8 @@ BOTH SERVER/CLIENT:
 
 - be more strict and humble when allocating memory from the stack
 
+- handle crashes on OS X: <https://github.com/plomlompom/plomrogue/issues/1>
+
 SERVER:
 
 - implement field of view / line of sight and obstacles for those on the map
@@ -23,5 +25,3 @@ CLIENT:
 - enable toggling of window borders
 
 - make log scrollable
-
-- nav_inventory() expects too short inventory string length for i
diff --git a/confserver/world b/confserver/world
index 724d012..f773be2 100644
--- a/confserver/world
+++ b/confserver/world
@@ -27,7 +27,7 @@ EFFORT 45
 OBJECT 0
 NAME HUMAN
 SYMBOL @
-LIFEPOINTS 5
+LIFEPOINTS 255
 CORPSE_ID 5
 CONSUMABLE 0
 START_NUMBER 1
diff --git a/src/client/control.c b/src/client/control.c
index 1961334..d5d8d9e 100644
--- a/src/client/control.c
+++ b/src/client/control.c
@@ -1,9 +1,10 @@
 /* src/client/control.c */
 
 #include "control.h"
-#include <stdint.h> /* uint8_t, uint16_t */
+#include <stdint.h> /* uint8_t, uint16_t, uint32_t, UINT32_MAX */
 #include <stdio.h> /* sprintf() */
 #include <string.h> /* strlen() */
+#include "../common/rexit.h" /* exit_err() */
 #include "interface_conf.h" /* reload_interface_conf(), save_interface_conf() */
 #include "io.h" /* send() */
 #include "keybindings.h" /* get_command_to_keycode(), get_keycode_to_command(),
@@ -54,7 +55,9 @@ static void nav_inventory(char dir)
         return;
     }
     uint8_t n_elems = 0;
-    uint8_t i;
+    uint32_t i;
+    char * err = "Inventory string is too large.";
+    exit_err(UINT32_MAX <= strlen(world.player_inventory), err);
     for (i = 0; '\0' != world.player_inventory[i]; i++)
     {
         n_elems = n_elems + ('\n' == world.player_inventory[i]);
-- 
2.30.2