From cd90fdec5d33e9e17849f95a9647722bb3ff230a Mon Sep 17 00:00:00 2001
From: Philipp AUER <SBird1337@users.noreply.github.com>
Date: Thu, 17 Aug 2023 02:21:16 +0200
Subject: [PATCH] [Critical] fix memory corruption when handling trigger
 sprites (#3238)

Co-authored-by: sbird <sbird@no.tld>
---
 src/battle_interface.c | 9 ++++-----
 src/battle_z_move.c    | 7 +++++--
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/src/battle_interface.c b/src/battle_interface.c
index 3e6029ab7..196e6050f 100644
--- a/src/battle_interface.c
+++ b/src/battle_interface.c
@@ -1409,11 +1409,10 @@ bool32 IsMegaTriggerSpriteActive(void)
 
 void HideMegaTriggerSprite(void)
 {
-    if (gBattleStruct->mega.triggerSpriteId != 0xFF)
-    {
-        ChangeMegaTriggerSprite(gBattleStruct->mega.triggerSpriteId, 0);
-        gSprites[gBattleStruct->mega.triggerSpriteId].tHide = TRUE;
-    }
+    if (gBattleStruct->mega.triggerSpriteId >= MAX_SPRITES)
+        return;
+    ChangeMegaTriggerSprite(gBattleStruct->mega.triggerSpriteId, 0);
+    gSprites[gBattleStruct->mega.triggerSpriteId].tHide = TRUE;
 }
 
 void HideTriggerSprites(void)
diff --git a/src/battle_z_move.c b/src/battle_z_move.c
index a24ad8f38..f17de921d 100644
--- a/src/battle_z_move.c
+++ b/src/battle_z_move.c
@@ -345,9 +345,12 @@ bool32 IsZMoveTriggerSpriteActive(void)
 
 void HideZMoveTriggerSprite(void)
 {
-    struct Sprite *sprite = &gSprites[gBattleStruct->zmove.triggerSpriteId];
-    sprite->tHide = TRUE;
+    struct Sprite *sprite;
     gBattleStruct->zmove.viable = FALSE;
+    if (gBattleStruct->zmove.triggerSpriteId >= MAX_SPRITES)
+        return;
+    sprite = &gSprites[gBattleStruct->zmove.triggerSpriteId];
+    sprite->tHide = TRUE;
 }
 
 static void ShowZMoveTriggerSprite(u8 battlerId)