ShuriZma
/
mgba
mirror of https://github.com/mgba-emu/mgba.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Core: Fix integer overflow in ELF loading

This commit is contained in:
Vicki Pfau 2020-02-01 20:49:43 -08:00
parent 56d83bee11
commit ba186f1a78
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGES
View File

@ -17,6 +17,7 @@ Emulation fixes:
Other fixes:
- Core: Fix race condition initializing thread proxy
- Core: Ensure ELF regions can be written before trying
- Core: Fix integer overflow in ELF loading
- Qt: Only dynamically reset video scale if a game is running
- Qt: Fix race condition with proxied video events
- Qt: Force OpenGL paint engine creation thread (fixes mgba.io/i/1642)

2
src/core/core.c
View File

@ -377,7 +377,7 @@ bool mCoreLoadELF(struct mCore* core, struct ELF* elf) {
Elf32_Phdr* phdr = ELFProgramHeadersGetPointer(&ph, i);
void* block = mCoreGetMemoryBlockMasked(core, phdr->p_paddr, &bsize, mCORE_MEMORY_WRITE | mCORE_MEMORY_WORM);
char* bytes = ELFBytes(elf, &esize);
if (block && bsize >= phdr->p_filesz && esize >= phdr->p_filesz + phdr->p_offset) {
if (block && bsize >= phdr->p_filesz && bsize > phdr->p_offset && esize >= phdr->p_filesz + phdr->p_offset) {
memcpy(block, &bytes[phdr->p_offset], phdr->p_filesz);
} else {
return false;