(svn r26062) -Fix: beef up checks against invalid data in highscore and language files

src/highscore.cpp

@@ -165,7 +165,7 @@ void LoadFromHighScore()
 			for (hs = _highscore_table[i]; hs != endof(_highscore_table[i]); hs++) {
 				byte length;
 				if (fread(&length, sizeof(length), 1, fp)                              !=  1 ||
-						fread(hs->company, length, 1, fp)           >   1 || // Yes... could be 0 bytes too
+						fread(hs->company, min<int>(lengthof(hs->company), length), 1, fp) >   1 || // Yes... could be 0 bytes too
 						fread(&hs->score, sizeof(hs->score), 1, fp)                        !=  1 ||
 						fseek(fp, 2, SEEK_CUR)                                             == -1) { // XXX - placeholder for hs->title, not saved anymore; compatibility
 					DEBUG(misc, 1, "Highscore corrupted");

src/strings.cpp

@@ -1763,7 +1763,12 @@ bool ReadLanguagePack(const LanguageMetadata *lang)
 
 	uint count = 0;
 	for (uint i = 0; i < TAB_COUNT; i++) {
-		uint num = lang_pack->offsets[i];
+		uint16 num = lang_pack->offsets[i];
+		if (num > TAB_SIZE) {
+				free(lang_pack);
+				return false;
+		}
+
 		_langtab_start[i] = count;
 		_langtab_num[i] = num;
 		count += num;