- IGNORE(fread(&save, sizeof(struct save_t), 1, fp));
- fclose(fp);
- if (save.version != VRSION) {
- SETPRM(1,save.version/10,MOD(save.version,10));
- SETPRM(3,VRSION/10,MOD(VRSION,10));
- RSPEAK(VERSION_SKEW);
- } else {
- memcpy(&game, &save.game, sizeof(struct game_t));
- OBJSND[BIRD] = save.bird;
- OBJTXT[OYSTER] = save.bivalve;
- game.zzword=RNDVOC(3,game.zzword);
- }
- return GO_TOP;
+ IGNORE(fread(&save, sizeof(struct save_t), 1, fp));
+ fclose(fp);
+ if (memcmp(save.magic, ADVENT_MAGIC, sizeof(ADVENT_MAGIC)) != 0 ||
+ save.canary != ENDIAN_MAGIC) {
+ rspeak(BAD_SAVE);
+ } else if (save.version != SAVE_VERSION) {
+ rspeak(VERSION_SKEW, save.version / 10, MOD(save.version, 10),
+ SAVE_VERSION / 10, MOD(SAVE_VERSION, 10));
+ } else if (!is_valid(save.game)) {
+ rspeak(SAVE_TAMPERING);
+ exit(EXIT_SUCCESS);
+ } else {
+ game = save.game;
+ }
+ return GO_TOP;
+}
+
+bool is_valid(struct game_t valgame) {
+ /* Save files can be roughly grouped into three groups:
+ * With valid, reachable state, with valid, but unreachable
+ * state and with invalid state. We check that state is
+ * valid: no states are outside minimal or maximal value
+ */
+
+ /* Prevent division by zero */
+ if (valgame.abbnum == 0) {
+ return false; // LCOV_EXCL_LINE
+ }
+
+ /* Check for RNG overflow. Truncate */
+ if (valgame.lcg_x >= LCG_M) {
+ return false;
+ }
+
+ /* Bounds check for locations */
+ if (valgame.chloc < -1 || valgame.chloc > NLOCATIONS ||
+ valgame.chloc2 < -1 || valgame.chloc2 > NLOCATIONS ||
+ valgame.loc < 0 || valgame.loc > NLOCATIONS || valgame.newloc < 0 ||
+ valgame.newloc > NLOCATIONS || valgame.oldloc < 0 ||
+ valgame.oldloc > NLOCATIONS || valgame.oldlc2 < 0 ||
+ valgame.oldlc2 > NLOCATIONS) {
+ return false; // LCOV_EXCL_LINE
+ }
+ /* Bounds check for location arrays */
+ for (int i = 0; i <= NDWARVES; i++) {
+ if (valgame.dwarves[i].loc < -1 ||
+ valgame.dwarves[i].loc > NLOCATIONS ||
+ valgame.dwarves[i].oldloc < -1 ||
+ valgame.dwarves[i].oldloc > NLOCATIONS) {
+ return false; // LCOV_EXCL_LINE
+ }
+ }
+
+ for (int i = 0; i <= NOBJECTS; i++) {
+ if (valgame.objects[i].place < -1 ||
+ valgame.objects[i].place > NLOCATIONS ||
+ valgame.objects[i].fixed < -1 ||
+ valgame.objects[i].fixed > NLOCATIONS) {
+ return false; // LCOV_EXCL_LINE
+ }
+ }
+
+ /* Bounds check for dwarves */
+ if (valgame.dtotal < 0 || valgame.dtotal > NDWARVES ||
+ valgame.dkill < 0 || valgame.dkill > NDWARVES) {
+ return false; // LCOV_EXCL_LINE
+ }
+
+ /* Validate that we didn't die too many times in save */
+ if (valgame.numdie >= NDEATHS) {
+ return false; // LCOV_EXCL_LINE
+ }
+
+ /* Recalculate tally, throw the towel if in disagreement */
+ int temp_tally = 0;
+ for (int treasure = 1; treasure <= NOBJECTS; treasure++) {
+ if (objects[treasure].is_treasure) {
+ if (PROP_IS_NOTFOUND2(valgame, treasure)) {
+ ++temp_tally;
+ }
+ }
+ }
+ if (temp_tally != valgame.tally) {
+ return false; // LCOV_EXCL_LINE
+ }
+
+ /* Check that properties of objects aren't beyond expected */
+ for (obj_t obj = 0; obj <= NOBJECTS; obj++) {
+ if (PROP_IS_INVALID(valgame.objects[obj].prop)) {
+ return false; // LCOV_EXCL_LINE
+ }
+ }
+
+ /* Check that values in linked lists for objects in locations are inside
+ * bounds */
+ for (loc_t loc = LOC_NOWHERE; loc <= NLOCATIONS; loc++) {
+ if (valgame.locs[loc].atloc < NO_OBJECT ||
+ valgame.locs[loc].atloc > NOBJECTS * 2) {
+ return false; // LCOV_EXCL_LINE
+ }
+ }
+ for (obj_t obj = 0; obj <= NOBJECTS * 2; obj++) {
+ if (valgame.link[obj] < NO_OBJECT ||
+ valgame.link[obj] > NOBJECTS * 2) {
+ return false; // LCOV_EXCL_LINE
+ }
+ }
+
+ return true;