From 2def086ef3e3f1e083af816bc37e9f711ca46c6f Mon Sep 17 00:00:00 2001
From: Tobias Lindberg <tobias.ehlert@gmail.com>
Date: Tue, 5 May 2026 22:32:40 +0200
Subject: [PATCH] fix: sanitizing user-controlled input in function

---
 src/TibiaDataUtils.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/TibiaDataUtils.go b/src/TibiaDataUtils.go
index 79d35c2..676e2e5 100644
--- a/src/TibiaDataUtils.go
+++ b/src/TibiaDataUtils.go
@@ -130,7 +130,8 @@ func TibiaDataStringToInteger(data string) int {
 	returnData, err := strconv.Atoi(str)
 	if err != nil {
 		if TibiaDataDebug {
-			log.Printf("[warning] TibiaDataStringToInteger: failed to parse '%s' as integer - returning 0", data)
+			sanitized := strings.ReplaceAll(strings.ReplaceAll(data, "\n", "_"), "\r", "_")
+			log.Printf("[warning] TibiaDataStringToInteger: failed to parse '%s' as integer - returning 0", sanitized)
 		}
 		return 0
 	}