From 1cb86192bb145ecaab1b7378feb11d59d8e5cd20 Mon Sep 17 00:00:00 2001
From: asasas9500 <asasas9500@gmail.com>
Date: Sun, 12 Jan 2020 12:58:50 -0300
Subject: [PATCH] Fix buffer overflow

---
 TR5Main/Game/healt.cpp | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/TR5Main/Game/healt.cpp b/TR5Main/Game/healt.cpp
index 9030d57d1..d12a86d7d 100644
--- a/TR5Main/Game/healt.cpp
+++ b/TR5Main/Game/healt.cpp
@@ -184,17 +184,16 @@ int DrawAllPickups()
 	}
 
 	int pickupIndex = CurrentPickup;
-	int i = 0;
-	do
+	int i;
+	for (i = 0; i < NUM_PICKUPS; ++i)
 	{
 		if (Pickups[pickupIndex].life > 0)
 			break;
-		pickupIndex = (pickupIndex + 1) & 7;
-		i++;
-	} while (i < 8);
+		pickupIndex = pickupIndex + 1 & NUM_PICKUPS - 1;
+	}
 
 	CurrentPickup = pickupIndex;
-	if (i != 8)
+	if (i != NUM_PICKUPS)
 		return g_Renderer->DrawPickup(Pickups[CurrentPickup].objectNumber);
 
 	CurrentPickup = 0;
@@ -223,7 +222,7 @@ void AddDisplayPickup(short objectNumber)
 
 void InitialisePickupDisplay()
 {
-	for (int i = 0; i < 8; i++)
+	for (int i = 0; i < NUM_PICKUPS; i++)
 	{
 		DISPLAY_PICKUP* pickup = &Pickups[i];
 		pickup->life = -1;