From 9b1b1f12ae384d12c4d0067a3e9b1e25f9f1d27b Mon Sep 17 00:00:00 2001 From: ctrl256 <260746593+ctrl256@users.noreply.github.com> Date: Wed, 11 Mar 2026 02:58:58 +0300 Subject: [PATCH 1/3] Prevent potential out-of-bounds write --- src/xrCore/FileSystem.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/xrCore/FileSystem.cpp b/src/xrCore/FileSystem.cpp index 062bb67f1c5..36fc57f9d97 100644 --- a/src/xrCore/FileSystem.cpp +++ b/src/xrCore/FileSystem.cpp @@ -99,7 +99,8 @@ void MakeFilter(string1024& dest, pcstr info, pcstr ext) } xr_strcpy(dest, res.c_str()); - for (size_t i = 0; i < res.size(); ++i) + const auto bound = res.size() > sizeof(dest) ? sizeof(dest) : res.size(); + for (size_t i = 0; i < bound; ++i) { if (res[i] == '|') dest[i] = '\0'; From 0a2d48342615e30ce18209085bb360385566124b Mon Sep 17 00:00:00 2001 From: ctrl256 <260746593+ctrl256@users.noreply.github.com> Date: Wed, 11 Mar 2026 03:03:27 +0300 Subject: [PATCH 2/3] Remove duplicated flag --- src/xrCore/FileSystem.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/xrCore/FileSystem.cpp b/src/xrCore/FileSystem.cpp index 36fc57f9d97..289842ac106 100644 --- a/src/xrCore/FileSystem.cpp +++ b/src/xrCore/FileSystem.cpp @@ -159,7 +159,7 @@ bool EFS_Utils::GetOpenNameInternal( string512 path; xr_strcpy(path, (offset && offset[0]) ? offset : P.m_Path); ofn.lpstrInitialDir = path; - ofn.Flags = OFN_PATHMUSTEXIST | OFN_FILEMUSTEXIST | OFN_HIDEREADONLY | OFN_FILEMUSTEXIST | OFN_NOCHANGEDIR | + ofn.Flags = OFN_PATHMUSTEXIST | OFN_FILEMUSTEXIST | OFN_HIDEREADONLY | OFN_NOCHANGEDIR | (bMulti ? OFN_ALLOWMULTISELECT | OFN_EXPLORER : 0); ofn.FlagsEx = OFN_EX_NOPLACESBAR; From ee69f86c2b3f9155fae36295470a95c82b680451 Mon Sep 17 00:00:00 2001 From: ctrl256 <260746593+ctrl256@users.noreply.github.com> Date: Wed, 11 Mar 2026 03:07:28 +0300 Subject: [PATCH 3/3] Fix typo --- src/xrGame/ai/stalker/ai_stalker.h | 2 +- src/xrGame/ai_stalker_alife.cpp | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/xrGame/ai/stalker/ai_stalker.h b/src/xrGame/ai/stalker/ai_stalker.h index 1813769bb16..2c6a997acdc 100644 --- a/src/xrGame/ai/stalker/ai_stalker.h +++ b/src/xrGame/ai/stalker/ai_stalker.h @@ -347,7 +347,7 @@ class CAI_Stalker : public CCustomMonster, public CObjectHandler, public CAI_Phr bool non_conflicted(const CInventoryItem* item, const CWeapon* new_weapon) const; bool enough_ammo(const CWeapon* new_weapon) const; bool conflicted( - const CInventoryItem* item, const CWeapon* new_weapon, bool new_wepon_enough_ammo, int new_weapon_rank) const; + const CInventoryItem* item, const CWeapon* new_weapon, bool new_weapon_enough_ammo, int new_weapon_rank) const; void update_conflicted(CInventoryItem* item, const CWeapon* new_weapon); void remove_personal_only_ammo(const CInventoryItem* item); void on_after_take(const CGameObject* object); diff --git a/src/xrGame/ai_stalker_alife.cpp b/src/xrGame/ai_stalker_alife.cpp index 127b00d32a5..31b5fc1663a 100644 --- a/src/xrGame/ai_stalker_alife.cpp +++ b/src/xrGame/ai_stalker_alife.cpp @@ -317,7 +317,7 @@ bool CAI_Stalker::enough_ammo(const CWeapon* new_weapon) const } bool CAI_Stalker::conflicted( - const CInventoryItem* item, const CWeapon* new_weapon, bool new_wepon_enough_ammo, int new_weapon_rank) const + const CInventoryItem* item, const CWeapon* new_weapon, bool new_weapon_enough_ammo, int new_weapon_rank) const { if (non_conflicted(item, new_weapon)) return (false); @@ -326,10 +326,10 @@ bool CAI_Stalker::conflicted( VERIFY(weapon); bool current_weapon_enough_ammo = enough_ammo(weapon); - if (current_weapon_enough_ammo && !new_wepon_enough_ammo) + if (current_weapon_enough_ammo && !new_weapon_enough_ammo) return (true); - if (!current_weapon_enough_ammo && new_wepon_enough_ammo) + if (!current_weapon_enough_ammo && new_weapon_enough_ammo) return (false); if (!fsimilar(weapon->GetCondition(), new_weapon->GetCondition(), .05f))