Fix RandomPCG::random(int, int) overflow bug

- Use int64_t for subtraction before converting to uint32_t - Don't add one to uint32_t max value for rand() bounds
aaronp64 · Dec 5, 2024 · 1de50ce · 1de50ce
1 parent 1f47e4c
commit 1de50ce
Showing 1 changed file with 11 additions and 1 deletion.
diff --git a/core/math/random_pcg.cpp b/core/math/random_pcg.cpp
@@ -80,5 +80,15 @@ int RandomPCG::random(int p_from, int p_to) {
 	if (p_from == p_to) {
 		return p_from;
 	}
-	return rand(abs(p_from - p_to) + 1) + MIN(p_from, p_to);
+
+	int64_t min = MIN(p_from, p_to);
+	int64_t max = MAX(p_from, p_to);
+	uint32_t diff = static_cast<uint32_t>(max - min);
+
+	if (diff == UINT32_MAX) {
+		// Can't add 1 to max uint32_t value for inclusive range, so call rand without passing bounds.
+		return rand() + min;
+	}
+
+	return rand(diff + 1) + min;
 }