From 5a86041302cb362c768bf60e5291e4e43b8f52b8 Mon Sep 17 00:00:00 2001
From: James R <justsomejames2@gmail.com>
Date: Mon, 29 Jan 2024 02:24:55 -0800
Subject: [PATCH] G_WriteAllGhostTics: check buffer size after each player's
 ghost data

Instead of checking it after ALL player ghost data. This
is less likely to write past the end of the demo buffer.
---
 src/g_demo.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/g_demo.c b/src/g_demo.c
index 231a43b19..dc3682000 100644
--- a/src/g_demo.c
+++ b/src/g_demo.c
@@ -734,6 +734,7 @@ void G_GhostAddHit(INT32 playernum, mobj_t *victim)
 
 void G_WriteAllGhostTics(void)
 {
+	boolean toobig = false;
 	INT32 i, counter = leveltime;
 	for (i = 0; i < MAXPLAYERS; i++)
 	{
@@ -750,12 +751,18 @@ void G_WriteAllGhostTics(void)
 
 		WRITEUINT8(demobuf.p, i);
 		G_WriteGhostTic(players[i].mo, i);
+
+		// attention here for the ticcmd size!
+		// latest demos with mouse aiming byte in ticcmd
+		if (demobuf.p >= demobuf.end - (13 + 9 + 9))
+		{
+			toobig = true;
+			break;
+		}
 	}
 	WRITEUINT8(demobuf.p, 0xFF);
 
-	// attention here for the ticcmd size!
-	// latest demos with mouse aiming byte in ticcmd
-	if (demobuf.p >= demobuf.end - (13 + 9 + 9))
+	if (toobig)
 	{
 		G_CheckDemoStatus(); // no more space
 		return;