From dd1838a3cbffa59f536f81536689fd2d87b672f4 Mon Sep 17 00:00:00 2001
From: Eugene Sandulenko
Date: Mon, 16 May 2016 10:37:37 +0200
Subject: LURE: Fix potential buffer overrun introduced in 8577606

---
 engines/lure/hotspots.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'engines/lure')

diff --git a/engines/lure/hotspots.cpp b/engines/lure/hotspots.cpp
index a972909b8b..29e5d2832e 100644
--- a/engines/lure/hotspots.cpp
+++ b/engines/lure/hotspots.cpp
@@ -1925,7 +1925,7 @@ void Hotspot::doStatus(HotspotData *hotspot) {
 	if (numGroats > 0) {
 		Common::strlcat(buffer, "\n\n", MAX_DESC_SIZE);
 		Common::strlcat(buffer, stringList.getString(S_YOU_HAVE), MAX_DESC_SIZE);
-		snprintf(buffer + strlen(buffer), MAX_DESC_SIZE, "%d", numGroats);
+		snprintf(buffer + strlen(buffer), MAX_DESC_SIZE - strlen(buffer), "%d", numGroats);
 		Common::strlcat(buffer, " ", MAX_DESC_SIZE);
 		Common::strlcat(buffer, stringList.getString((numGroats == 1) ? S_GROAT : S_GROATS), MAX_DESC_SIZE); // Make sure we're not overrunning
 	}
-- 
cgit v1.2.3