src/TextScr.cpp: Do not crash when TSC files are too big with FIX_BUGS

Signed-off-by: Gabriel Ravier <gabravier@gmail.com>

src/TextScr.cpp

@@ -172,6 +172,11 @@ BOOL LoadTextScript_Stage(const char *name)
 		return FALSE;
 
 	// Read Head.tsc. Note that head_size may exceed the size of 'gTS.data' (TSC_BUFFER_SIZE)
+#ifdef FIX_BUGS
+	if (head_size > TSC_BUFFER_SIZE)	// The original doesn't check for any kind of buffer overflow here, so feeding in a 1 MiB Head.tsc (assuming an unchanged TSC_BUFFER_SIZE) would be sure to crash the game, for example.
+		return FALSE;
+#endif
+
 	fread(gTS.data, 1, head_size, fp);
 	EncryptionBinaryData2((unsigned char*)gTS.data, head_size);
 	gTS.data[head_size] = '\0';
@@ -189,6 +194,11 @@ BOOL LoadTextScript_Stage(const char *name)
 		return FALSE;
 
 	// Read stage's tsc. Note that head_size + body_size may exceed the size of 'gTS.data' (TSC_BUFFER_SIZE)
+#ifdef FIX_BUGS
+	if ((head_size + body_size) > TSC_BUFFER_SIZE)	// Same as above, the original doesn't bother checking and may crash on large enough input
+		return FALSE;
+#endif
+
 	fread(&gTS.data[head_size], 1, body_size, fp);
 	EncryptionBinaryData2((unsigned char*)&gTS.data[head_size], body_size);
 	gTS.data[head_size + body_size] = '\0';