From a252b33fb5850b2eaca92755cbe73350fbc99952 Mon Sep 17 00:00:00 2001 From: Yuvia Date: Sun, 7 Sep 2025 21:06:35 +0000 Subject: [PATCH] add some bounds checking to openprog() for some absurd reason (none), there was no bounds check anywhere preceding the memmove of prog into mem. ADD THIS --- scemu.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scemu.c b/scemu.c index bd0f26f..c94a53e 100644 --- a/scemu.c +++ b/scemu.c @@ -43,6 +43,8 @@ openprog(char *f, vlong *progsiz) if(fd < 0) return; d = dirfstat(fd); + if(d->length > 32768) + sysfatal("bad program: bigger than 32K, please shrink it"); *progsiz = d->length; free(d); prog = malloc(*progsiz);