From f3b9ecd791a88267f7c3350b5659848f69f02b0a Mon Sep 17 00:00:00 2001
From: Gent S <gentsemaj@live.com>
Date: Sun, 25 Oct 2020 18:33:02 -0400
Subject: [PATCH] Add missing sanity checks to quitTask and useItem

---
 src/ItemManager.cpp    | 4 ++--
 src/MissionManager.cpp | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/ItemManager.cpp b/src/ItemManager.cpp
index 09ccaa2..82d7b0e 100644
--- a/src/ItemManager.cpp
+++ b/src/ItemManager.cpp
@@ -233,8 +233,8 @@ void ItemManager::itemUseHandler(CNSocket* sock, CNPacketData* data) {
     sP_CL2FE_REQ_ITEM_USE* request = (sP_CL2FE_REQ_ITEM_USE*)data->buf;
     Player* player = PlayerManager::getPlayer(sock);
 
-    if (player == nullptr)
-        return;
+    if (player == nullptr || request->iSlotNum < 0 || request->iSlotNum >= AINVEN_COUNT)
+        return; // sanity check
 
     // gumball can only be used from inventory, so we ignore eIL
     sItemBase gumball = player->Inven[request->iSlotNum];
diff --git a/src/MissionManager.cpp b/src/MissionManager.cpp
index c905195..99ddb3c 100644
--- a/src/MissionManager.cpp
+++ b/src/MissionManager.cpp
@@ -229,8 +229,8 @@ void MissionManager::quitMission(CNSocket* sock, CNPacketData* data) {
 void MissionManager::quitTask(CNSocket* sock, int32_t taskNum, bool manual) {
     Player* plr = PlayerManager::getPlayer(sock);
 
-    if (plr == nullptr)
-        return;
+    if (plr == nullptr || Tasks.find(taskNum) == Tasks.end())
+        return; // sanity check
 
     // update player
     int i;