From 4576956ca650eec4cd4c1ea9d79bd68bebe483c0 Mon Sep 17 00:00:00 2001
From: James R <justsomejames2@gmail.com>
Date: Sat, 27 Jan 2024 01:11:48 -0800
Subject: [PATCH] Got_Cheat/CHEAT_GIVEPOWERUP: avoid reading out of bounds

---
 src/d_netcmd.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/d_netcmd.c b/src/d_netcmd.c
index 14f581a97..34c42718b 100644
--- a/src/d_netcmd.c
+++ b/src/d_netcmd.c
@@ -6069,6 +6069,8 @@ static void Got_Cheat(UINT8 **cp, INT32 playernum)
 			UINT8 powerup = READUINT8(*cp);
 			UINT16 time = READUINT16(*cp);
 
+			powerup = min(powerup, LASTPOWERUP);
+
 			// FIXME: we should have actual KITEM_ name array
 			const char *powerupname = cv_kartdebugitem.PossibleValue[
 				1 + NUMKARTITEMS + (powerup - FIRSTPOWERUP)].strvalue;