From fc6c1c03a6b01e9ef2c70ae5f84eddf39960f48b Mon Sep 17 00:00:00 2001
From: Ico Doornekamp <ico@zevv.nl>
Date: Sun, 2 Apr 2023 08:57:23 +0200
Subject: [PATCH] Fixed potental out of bound memory access in example linux
 PEEK syscall. Thanks cde!

---
 src/linux/main.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/linux/main.c b/src/linux/main.c
index 778ee9a..93703bd 100644
--- a/src/linux/main.c
+++ b/src/linux/main.c
@@ -129,7 +129,11 @@ zf_input_state zf_host_sys(zf_syscall_id id, const char *input)
 
 		case ZF_SYSCALL_TELL: {
 			zf_cell len = zf_pop();
-			void *buf = (uint8_t *)zf_dump(NULL) + (int)zf_pop();
+			zf_cell addr = zf_pop();
+			if(addr >= ZF_DICT_SIZE - len) {
+				zf_abort(ZF_ABORT_OUTSIDE_MEM);
+			}
+			void *buf = (uint8_t *)zf_dump(NULL) + (int)addr;
 			(void)fwrite(buf, 1, len, stdout);
 			fflush(stdout); }
 			break;