From d61c48db25c95b18a2d309e3246c8d855dcc4412 Mon Sep 17 00:00:00 2001
From: Edoardo Prezioso <edo88@email.it>
Date: Wed, 4 Mar 2015 20:37:49 +0100
Subject: [PATCH] - Fixed imprecise bound checking in ACS code.

It was possible to access 'playeringame[8]', outside the [0:7] buffer range. Discovered with GCC 4.9 + Address Sanitizer.
---
 src/p_acs.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/p_acs.cpp b/src/p_acs.cpp
index 912cdaa01d..1296ae3c10 100644
--- a/src/p_acs.cpp
+++ b/src/p_acs.cpp
@@ -8790,7 +8790,7 @@ scriptwait:
 			break;
 
 		case PCD_PLAYERINGAME:
-			if (STACK(1) < 0 || STACK(1) > MAXPLAYERS)
+			if (STACK(1) < 0 || STACK(1) >= MAXPLAYERS)
 			{
 				STACK(1) = false;
 			}
@@ -8801,7 +8801,7 @@ scriptwait:
 			break;
 
 		case PCD_PLAYERISBOT:
-			if (STACK(1) < 0 || STACK(1) > MAXPLAYERS || !playeringame[STACK(1)])
+			if (STACK(1) < 0 || STACK(1) >= MAXPLAYERS || !playeringame[STACK(1)])
 			{
 				STACK(1) = false;
 			}