diff --git a/src/api/frontend.c b/src/api/frontend.c index 6f2d267b..e882a201 100644 --- a/src/api/frontend.c +++ b/src/api/frontend.c @@ -181,7 +181,7 @@ EXPORT m64p_error CALL CoreDoCommand(m64p_command Command, int ParamInt, void *P if (g_EmulatorRunning || l_DiskOpen || l_ROMOpen) return M64ERR_INVALID_STATE; // ROM buffer size must be divisible by 4 to avoid out-of-bounds read in swap_copy_rom (v64/n64 formats) - if (ParamPtr == NULL || ParamInt < 4096 || ParamInt > CART_ROM_MAX_SIZE || ParamInt % 4 != 0) + if (ParamPtr == NULL || ParamInt < 4096 || ParamInt > CART_ROM_MAX_SIZE) return M64ERR_INPUT_ASSERT; rval = open_rom((const unsigned char *) ParamPtr, ParamInt); if (rval == M64ERR_SUCCESS) diff --git a/src/main/rom.c b/src/main/rom.c index 6e59cf9b..325c5b6c 100644 --- a/src/main/rom.c +++ b/src/main/rom.c @@ -76,12 +76,12 @@ static const uint8_t Z64_SIGNATURE[4] = { 0x80, 0x37, 0x12, 0x40 }; static const uint8_t V64_SIGNATURE[4] = { 0x37, 0x80, 0x40, 0x12 }; static const uint8_t N64_SIGNATURE[4] = { 0x40, 0x12, 0x37, 0x80 }; -/* Tests if a file is a valid N64 rom by checking the first 4 bytes. */ -static int is_valid_rom(const unsigned char *buffer) +/* Tests if a file is a valid N64 rom by checking the first 4 bytes and size */ +static int is_valid_rom(const unsigned char *buffer, unsigned int size) { - if (memcmp(buffer, Z64_SIGNATURE, sizeof(Z64_SIGNATURE)) == 0 - || memcmp(buffer, V64_SIGNATURE, sizeof(V64_SIGNATURE)) == 0 - || memcmp(buffer, N64_SIGNATURE, sizeof(N64_SIGNATURE)) == 0) + if ((memcmp(buffer, Z64_SIGNATURE, sizeof(Z64_SIGNATURE)) == 0) + || (memcmp(buffer, V64_SIGNATURE, sizeof(V64_SIGNATURE)) == 0 && size % 2 == 0) + || (memcmp(buffer, N64_SIGNATURE, sizeof(N64_SIGNATURE)) == 0 && size % 4 == 0)) return 1; else return 0; @@ -146,7 +146,7 @@ m64p_error open_rom(const unsigned char* romimage, unsigned int size) int i; /* check input requirements */ - if (romimage == NULL || !is_valid_rom(romimage)) + if (romimage == NULL || !is_valid_rom(romimage, size)) { DebugMessage(M64MSG_ERROR, "open_rom(): not a valid ROM image"); return M64ERR_INPUT_INVALID;