From 510a8e59cf364d0588442782f8736fe6707fc18e Mon Sep 17 00:00:00 2001
From: sephiroth99 <sephiroth99@gmail.com>
Date: Thu, 30 Jul 2015 02:27:55 -0400
Subject: [PATCH] memory: fix out of bounds access in BaseHeap::AllocRange

Prevent out of bounds access of page_table_ by making sure the requested
page count fits in the requested page range.
---
 src/xenia/memory.cc | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/xenia/memory.cc b/src/xenia/memory.cc
index 44a67c4be..2593bd146 100644
--- a/src/xenia/memory.cc
+++ b/src/xenia/memory.cc
@@ -615,6 +615,11 @@ bool BaseHeap::AllocRange(uint32_t low_address, uint32_t high_address,
   high_page_number =
       std::min(uint32_t(page_table_.size()) - 1, high_page_number);
 
+  if (page_count > (high_page_number - low_page_number)) {
+    XELOGE("BaseHeap::Alloc page count too big for requested range");
+    return false;
+  }
+
   std::lock_guard<xe::recursive_mutex> lock(heap_mutex_);
 
   // Find a free page range.