From 4d30333099d84dc9266bd6cc3febbdb559e7a5e6 Mon Sep 17 00:00:00 2001
From: bbbradsmith <bbbradsmith@users.noreply.github.com>
Date: Sun, 19 Feb 2023 05:31:46 -0500
Subject: [PATCH] sim65 path length safety for PVOpen

---
 src/sim65/paravirt.c | 13 ++++++++++---
 src/sim65/paravirt.h |  3 +++
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/sim65/paravirt.c b/src/sim65/paravirt.c
index db4120326..9e5c28432 100644
--- a/src/sim65/paravirt.c
+++ b/src/sim65/paravirt.c
@@ -63,6 +63,7 @@
 
 /* sim65 */
 #include "6502.h"
+#include "error.h"
 #include "memory.h"
 #include "paravirt.h"
 
@@ -166,7 +167,7 @@ static void PVArgs (CPURegs* Regs)
 
 static void PVOpen (CPURegs* Regs)
 {
-    char Path[1024];
+    char Path[PVOPEN_PATH_SIZE];
     int OFlag = O_INITIAL;
     int OMode = 0;
     unsigned RetVal, I = 0;
@@ -183,9 +184,15 @@ static void PVOpen (CPURegs* Regs)
     }
 
     do {
-        Path[I] = MemReadByte (Name++);
+        if (!(Path[I] = MemReadByte ((Name + I) & 0xFFFF))) {
+            break;
+        }
+        ++I;
+        if (I >= PVOPEN_PATH_SIZE) {
+            Error("PVOpen path too long at address $%04X",Name);
+        }
     }
-    while (Path[I++]);
+    while (1);
 
     Print (stderr, 2, "PVOpen (\"%s\", $%04X)\n", Path, Flags);
 
diff --git a/src/sim65/paravirt.h b/src/sim65/paravirt.h
index bfa38e047..3badb50ea 100644
--- a/src/sim65/paravirt.h
+++ b/src/sim65/paravirt.h
@@ -47,6 +47,9 @@
 #define PARAVIRT_BASE        0xFFF4
 /* Lowest address used by a paravirtualization hook */
 
+#define PVOPEN_PATH_SIZE       1024
+/* Maximum path size supported by PVOpen */
+
 
 
 /*****************************************************************************/