From 80dd794550032b1ac4b0afcf5fb0fcd4de2ac6fd Mon Sep 17 00:00:00 2001
From: sirlemonhead <sirlemonhead@outlook.com>
Date: Wed, 17 Jun 2020 20:27:10 +0100
Subject: [PATCH] PCExhumed: Handle integer overflow in PlotCourseToSprite()

---
 source/exhumed/src/move.cpp | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/source/exhumed/src/move.cpp b/source/exhumed/src/move.cpp
index df8410e48..4569b134b 100644
--- a/source/exhumed/src/move.cpp
+++ b/source/exhumed/src/move.cpp
@@ -677,7 +677,18 @@ int PlotCourseToSprite(int nSprite1, int nSprite2)
 
     sprite[nSprite1].ang = GetMyAngle(x, y);
 
-    return ksqrt(y * y + x * x);
+    uint32_t x2 = klabs(x);
+    uint32_t y2 = klabs(y);
+
+    uint32_t diff = x2 * x2 + y2 * y2;
+
+    if (diff > INT_MAX)
+    {
+        OSD_Printf("%s %d: overflow\n", EDUKE32_FUNCTION, __LINE__);
+        diff = INT_MAX;
+    }
+
+    return ksqrt(diff);
 }
 
 int FindPlayer(int nSprite, int nDistance)