From 5f65583a3a4e434c693f251585764a05162e3165 Mon Sep 17 00:00:00 2001
From: jvoisin <julien.voisin@dustri.org>
Date: Fri, 30 Apr 2021 12:04:41 +0000
Subject: [PATCH] Fix a heap overflow in loadpgrd.cpp

---
 components/esm/loadpgrd.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/components/esm/loadpgrd.cpp b/components/esm/loadpgrd.cpp
index 708685e72..9abeba260 100644
--- a/components/esm/loadpgrd.cpp
+++ b/components/esm/loadpgrd.cpp
@@ -100,6 +100,8 @@ namespace ESM
                         for(PointList::const_iterator it = mPoints.begin(); it != mPoints.end(); ++it, ++pointIndex)
                         {
                             unsigned char connectionNum = (*it).mConnectionNum;
+                            if (rawConnections.end() - rawIt < connectionNum)
+                                esm.fail("Not enough connections");
                             for (int i = 0; i < connectionNum; ++i) {
                                 Edge edge;
                                 edge.mV0 = pointIndex;