From 6e9ebfa5b5ea0fc52b4cdc7b2b28d04fb0f4e84e Mon Sep 17 00:00:00 2001
From: Connor McLaughlin <stenzek@gmail.com>
Date: Sun, 4 Jul 2021 21:40:44 +1000
Subject: [PATCH] GPU/D3D11: Fix possible buffer overwrite when reading back

---
 src/common/d3d11/staging_texture.h | 4 ++--
 src/core/gpu_hw_d3d11.cpp          | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/common/d3d11/staging_texture.h b/src/common/d3d11/staging_texture.h
index cb703d6b0..2c7025102 100644
--- a/src/common/d3d11/staging_texture.h
+++ b/src/common/d3d11/staging_texture.h
@@ -55,7 +55,7 @@ public:
   {
     const u8* src_ptr = static_cast<u8*>(m_map.pData) + (y * m_map.RowPitch) + (x * sizeof(T));
     u8* dst_ptr = reinterpret_cast<u8*>(data);
-    if (m_map.RowPitch != stride)
+    if (m_map.RowPitch != stride || width != m_width || x != 0)
     {
       for (u32 row = 0; row < height; row++)
       {
@@ -89,7 +89,7 @@ public:
   {
     const u8* src_ptr = reinterpret_cast<const u8*>(data);
     u8* dst_ptr = static_cast<u8*>(m_map.pData) + (y * m_map.RowPitch) + (x * sizeof(T));
-    if (m_map.RowPitch != stride)
+    if (m_map.RowPitch != stride || width != m_width || x != 0)
     {
       for (u32 row = 0; row < height; row++)
       {
diff --git a/src/core/gpu_hw_d3d11.cpp b/src/core/gpu_hw_d3d11.cpp
index e8fb14203..2206728db 100644
--- a/src/core/gpu_hw_d3d11.cpp
+++ b/src/core/gpu_hw_d3d11.cpp
@@ -267,9 +267,9 @@ bool GPU_HW_D3D11::CreateFramebuffer()
         ((m_downsample_mode == GPUDownsampleMode::Adaptive) ? VRAM_WIDTH : GPU_MAX_DISPLAY_WIDTH) * m_resolution_scale,
         GPU_MAX_DISPLAY_HEIGHT * m_resolution_scale, 1, 1, texture_format,
         D3D11_BIND_SHADER_RESOURCE | D3D11_BIND_RENDER_TARGET) ||
-      !m_vram_encoding_texture.Create(m_device.Get(), VRAM_WIDTH, VRAM_HEIGHT, 1, 1, texture_format,
+      !m_vram_encoding_texture.Create(m_device.Get(), VRAM_WIDTH / 2, VRAM_HEIGHT, 1, 1, texture_format,
                                       D3D11_BIND_SHADER_RESOURCE | D3D11_BIND_RENDER_TARGET) ||
-      !m_vram_readback_texture.Create(m_device.Get(), VRAM_WIDTH, VRAM_HEIGHT, texture_format, false))
+      !m_vram_readback_texture.Create(m_device.Get(), VRAM_WIDTH / 2, VRAM_HEIGHT, texture_format, false))
   {
     return false;
   }