From d5e3262a7471e7429d03870808fe990286e15980 Mon Sep 17 00:00:00 2001
From: hendricks266 <hendricks266@1a8010ca-5511-0410-912e-c29ae57300e0>
Date: Sun, 29 Mar 2015 02:40:27 +0000
Subject: [PATCH] Avoid reading or writing savegame specdata arrays when the
 pointer to one is NULL or their count is zero.

git-svn-id: https://svn.eduke32.com/eduke32@5112 1a8010ca-5511-0410-912e-c29ae57300e0
---
 polymer/eduke32/source/savegame.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/polymer/eduke32/source/savegame.c b/polymer/eduke32/source/savegame.c
index bec58a714..44da42f12 100644
--- a/polymer/eduke32/source/savegame.c
+++ b/polymer/eduke32/source/savegame.c
@@ -579,6 +579,9 @@ static uint8_t *writespecdata(const dataspec_t *spec, FILE *fil, uint8_t *dump)
         ds_get(sp, &ptr, &cnt);
         if (cnt < 0) { OSD_Printf("wsd: cnt=%d, f=0x%x.\n",cnt,sp->flags); continue; }
 
+        if (!ptr || !cnt)
+            continue;
+
         if (fil)
         {
             if (((sp->flags&DS_CNTMASK)==0 && sp->size*cnt<=savegame_comprthres)
@@ -644,6 +647,9 @@ static int32_t readspecdata(const dataspec_t *spec, int32_t fil, uint8_t **dumpv
         ds_get(sp, &ptr, &cnt);
         if (cnt < 0) { OSD_Printf("rsd: cnt<0... wtf?\n"); return -1; }
 
+        if (!ptr || !cnt)
+            continue;
+
         if (fil>=0)
         {
             mem = (dump && (sp->flags&DS_NOCHK)==0) ? dump : (uint8_t *)ptr;