Merge pull request #279 from bbbradsmith/chr1k_safety

minimum CHRRAMSize allocation for safety < 1k
This commit is contained in:
CaH4e3 2020-12-23 22:42:58 +03:00 committed by GitHub
commit 1b01d03f96
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions

View File

@ -1044,7 +1044,8 @@ static int iNES_Init(int num) {
}
if (CHRRAMSize > 0)
{
if ((UNIFchrrama = VROM = (uint8*)FCEU_dmalloc(CHRRAMSize)) == NULL) return 2;
int mCHRRAMSize = (CHRRAMSize < 1024) ? 1024 : CHRRAMSize; // VPage has a resolution of 1k banks, ensure minimum allocation to prevent malicious access from NES software
if ((UNIFchrrama = VROM = (uint8*)FCEU_dmalloc(mCHRRAMSize)) == NULL) return 2;
FCEU_MemoryRand(VROM, CHRRAMSize);
SetupCartCHRMapping(0, VROM, CHRRAMSize, 1);
AddExState(VROM, CHRRAMSize, 0, "CHRR");