|
From: <fa...@us...> - 2024-12-26 13:53:31
|
Revision: 45432
http://sourceforge.net/p/vice-emu/code/45432
Author: fabbo
Date: 2024-12-26 13:53:29 +0000 (Thu, 26 Dec 2024)
Log Message:
-----------
Address the segmentation fault reported by timothylegg in the mailing list, when the monitor tried to write 256 or more bytes in one command. The variable data_buf, statically allocated 256 bytes, was overflowing
Modified Paths:
--------------
trunk/vice/src/monitor/monitor.c
Modified: trunk/vice/src/monitor/monitor.c
===================================================================
--- trunk/vice/src/monitor/monitor.c 2024-12-24 19:35:00 UTC (rev 45431)
+++ trunk/vice/src/monitor/monitor.c 2024-12-26 13:53:29 UTC (rev 45432)
@@ -190,8 +190,9 @@
monitor_interface_t *mon_interfaces[NUM_MEMSPACES];
MON_ADDR dot_addr[NUM_MEMSPACES];
-unsigned char data_buf[256];
-unsigned char data_mask_buf[256];
+#define DATA_BUF_SIZE 256
+unsigned char data_buf[DATA_BUF_SIZE];
+unsigned char data_mask_buf[DATA_BUF_SIZE];
unsigned int data_buf_len;
bool asm_mode;
MON_ADDR asm_mode_addr;
@@ -1076,6 +1077,11 @@
void mon_add_number_to_buffer(int number)
{
+ int bytes_now = number > 0xff ? 2 : 1;
+ if (data_buf_len + bytes_now >= DATA_BUF_SIZE) {
+ mon_out("Trying to write more bytes than the buffer fits, ignoring\n");
+ return;
+ }
unsigned int i = data_buf_len;
data_buf[data_buf_len++] = (number & 0xff);
if (number > 0xff) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|