From 41e348ce650f0c574b399b569ee3973179ed945f Mon Sep 17 00:00:00 2001
From: turleypol <turley@polserver.com>
Date: Fri, 29 Dec 2023 11:43:43 +0100
Subject: [PATCH] use correct upperlimit for sellhandlers (#586)

---
 pol-core/pol/module/uomod2.cpp | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/pol-core/pol/module/uomod2.cpp b/pol-core/pol/module/uomod2.cpp
index bc9ad821de..31494ba926 100644
--- a/pol-core/pol/module/uomod2.cpp
+++ b/pol-core/pol/module/uomod2.cpp
@@ -50,6 +50,7 @@
 #include "../../clib/passert.h"
 #include "../../clib/rawtypes.h"
 #include "../../clib/refptr.h"
+#include "../../clib/stlutil.h"
 #include "../../plib/pkg.h"
 #include "../../plib/staticblock.h"
 #include "../../plib/systemstate.h"
@@ -809,10 +810,10 @@ void oldSellHandler( Client* client, PKTIN_9F* msg )
   }
 
   unsigned int cost = 0;
-  int num_items = cfBEu16( msg->num_items );
-  Clib::sanitize_upperlimit( &num_items, ( 0xFFFF - 9 ) / 6 );
+  size_t num_items = cfBEu16( msg->num_items );
+  Clib::sanitize_upperlimit( &num_items, Clib::arsize( msg->items ) );
 
-  for ( int i = 0; i < num_items; ++i )
+  for ( size_t i = 0; i < num_items; ++i )
   {
     u32 serial = cfBEu32( msg->items[i].serial );
     u16 amount = cfBEu16( msg->items[i].amount );
@@ -922,10 +923,10 @@ void sellhandler( Client* client, PKTIN_9F* msg )
     return;
   }
 
-  int num_items = cfBEu16( msg->num_items );
+  size_t num_items = cfBEu16( msg->num_items );
   std::unique_ptr<ObjArray> items_sold( new ObjArray );
-  Clib::sanitize_upperlimit( &num_items, ( 0xFFFF - 9 ) / 6 );
-  for ( int i = 0; i < num_items; ++i )
+  Clib::sanitize_upperlimit( &num_items, Clib::arsize( msg->items ) );
+  for ( size_t i = 0; i < num_items; ++i )
   {
     u32 serial = cfBEu32( msg->items[i].serial );
     u32 amount = cfBEu16( msg->items[i].amount );