From 5f3e167799655b850fd83d6d21d0c6ba3a44b3d2 Mon Sep 17 00:00:00 2001
From: Alibek Omarov <a1ba.omarov@gmail.com>
Date: Tue, 5 Nov 2024 22:42:46 +0300
Subject: [PATCH] engine: client: prevent possible null dereference with
 malformed consistency info packet

---
 engine/client/cl_parse.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/engine/client/cl_parse.c b/engine/client/cl_parse.c
index 67e48382..cffa9498 100644
--- a/engine/client/cl_parse.c
+++ b/engine/client/cl_parse.c
@@ -1870,6 +1870,12 @@ static void CL_ParseConsistencyInfo( sizebuf_t *msg, connprotocol_t proto )
 	if( !cl.need_force_consistency_response )
 		return;
 
+	if( !pResource )
+	{
+		Host_Error( "%s: malformed consistency info packet (resources needed is NULL)\n", __func__ );
+		return;
+	}
+
 	skip_crc_change = NULL;
 	lastcheck = 0;
 
@@ -1887,6 +1893,12 @@ static void CL_ParseConsistencyInfo( sizebuf_t *msg, connprotocol_t proto )
 			if( pResource != skip_crc_change && Q_strstr( pResource->szFileName, "models/" ))
 				Mod_NeedCRC( pResource->szFileName, false );
 			pResource = pResource->pNext;
+
+			if( !pResource )
+			{
+				Host_Error( "%s: malformed consistency info packet (last check %d, delta %d, position %d)\n", __func__, lastcheck, delta, i );
+				return;
+			}
 		}
 
 		if( cl.num_consistency >= MAX_MODELS )