From dd2a1d9b511bdefb063bea6f7ec9afebd5efe314 Mon Sep 17 00:00:00 2001
From: Scott Knight <4534275+knightsc@users.noreply.github.com>
Date: Tue, 27 Nov 2018 17:32:58 -0500
Subject: [PATCH] Fix stack overflow in remoteMemoryRead

When doing a remote memory read the debugger can ask for any size.
The buffer being allocated however was only 1024 bytes long and the
code in remoteMemoryRead also attempts to write a zero byte at the
end of the array. This code will now take the count of bytes the debugger
is trying to read and allocates a buffer that is count * 2 + 1 large. This is large
enough to hold the $02x formatted hex byte for each byte as well as the zero
byte written at the end.
---
 src/gba/remote.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/gba/remote.cpp b/src/gba/remote.cpp
index ca6e3a28d..60124783d 100644
--- a/src/gba/remote.cpp
+++ b/src/gba/remote.cpp
@@ -3684,7 +3684,7 @@ void remoteMemoryRead(char* p)
     sscanf(p, "%x,%x:", &address, &count);
     //  monprintf("Memory read for %08x %d\n", address, count);
 
-    char buffer[1024];
+    char buffer[(count*2)+1];
 
     char* s = buffer;
     for (int i = 0; i < count; i++) {