From 329b77bd82619c489744a75cda5751b28ebed7d2 Mon Sep 17 00:00:00 2001
From: Scott Percival <code@moral.net.au>
Date: Fri, 17 Jan 2020 20:36:21 +0800
Subject: [PATCH] DIRECTOR: LINGO: Fix constant size check

---
 engines/director/lingo/lingo-bytecode.cpp | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/engines/director/lingo/lingo-bytecode.cpp b/engines/director/lingo/lingo-bytecode.cpp
index cb60347aa4c..833c40e5c22 100644
--- a/engines/director/lingo/lingo-bytecode.cpp
+++ b/engines/director/lingo/lingo-bytecode.cpp
@@ -494,14 +494,14 @@ void Lingo::addCodeV4(Common::SeekableSubReadStreamEndian &stream, ScriptType ty
 				constant.type = STRING;
 				constant.u.s = new Common::String();
 				uint32 pointer = value;
-				if (pointer + 4 >= constsStoreSize) {
+				if (pointer + 4 > constsStoreSize) {
 					error("Constant string is too small");
 					break;
 				}
 				uint32 length = READ_BE_UINT32(&constsStore[pointer]);
 				pointer += 4;
 				uint32 end = pointer + length;
-				if (end >= constsStoreSize) {
+				if (end > constsStoreSize) {
 					error("Constant string is too large");
 					break;
 				}
@@ -515,7 +515,7 @@ void Lingo::addCodeV4(Common::SeekableSubReadStreamEndian &stream, ScriptType ty
 					}
 					pointer += 1;
 				}
-				if (pointer >= constsStoreSize) {
+				if (pointer > constsStoreSize) {
 					warning("Constant string has no null terminator");
 					break;
 				}