From 1fa41c3e2ade86a44e658a08a069cc233782e280 Mon Sep 17 00:00:00 2001
From: Michael Scire <SciresM@gmail.com>
Date: Wed, 27 Dec 2023 23:05:10 -0700
Subject: [PATCH] loader/ro: abort if patching would go out of bounds

---
 libraries/libstratosphere/source/patcher/patcher_api.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libraries/libstratosphere/source/patcher/patcher_api.cpp b/libraries/libstratosphere/source/patcher/patcher_api.cpp
index f74259bd0..5d493b3ec 100644
--- a/libraries/libstratosphere/source/patcher/patcher_api.cpp
+++ b/libraries/libstratosphere/source/patcher/patcher_api.cpp
@@ -167,6 +167,7 @@ namespace ams::patcher {
 
                     /* Apply patch. */
                     if (patch_offset + rle_size > mapped_size) {
+                        AMS_ABORT_UNLESS(patch_offset <= mapped_size);
                         rle_size = mapped_size - patch_offset;
                     }
                     std::memset(mapped_module + patch_offset, buffer[0], rle_size);
@@ -190,6 +191,7 @@ namespace ams::patcher {
                     /* Apply patch. */
                     u32 read_size = patch_size;
                     if (patch_offset + read_size > mapped_size) {
+                        AMS_ABORT_UNLESS(patch_offset <= mapped_size);
                         read_size = mapped_size - patch_offset;
                     }
                     {