diff options
-rw-r--r-- | engines/pegasus/pegasus.cpp | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/engines/pegasus/pegasus.cpp b/engines/pegasus/pegasus.cpp index 89acac1440..be3fcd5cff 100644 --- a/engines/pegasus/pegasus.cpp +++ b/engines/pegasus/pegasus.cpp @@ -657,7 +657,23 @@ Common::Error PegasusEngine::loadGameState(int slot) { return valid ? Common::kNoError : Common::kUnknownError; } +static bool isValidSaveFileChar(char c) { + // Limit it to letters, digits, and a few other characters that should be safe + return Common::isAlnum(c) || c == ' ' || c == '_' || c == '+' || c == '-' || c == '.'; +} + +static bool isValidSaveFileName(const Common::String &desc) { + for (uint32 i = 0; i < desc.size(); i++) + if (!isValidSaveFileChar(desc[i])) + return false; + + return true; +} + Common::Error PegasusEngine::saveGameState(int slot, const Common::String &desc) { + if (!isValidSaveFileName(desc)) + return Common::Error(Common::kCreatingFileFailed, _("Invalid save file name")); + Common::String output = Common::String::format("pegasus-%s.sav", desc.c_str()); Common::OutSaveFile *saveFile = _saveFileMan->openForSaving(output, false); if (!saveFile) |