From e5cdb7751b74ee453394da69b517d49b899961e1 Mon Sep 17 00:00:00 2001
From: Connor McLaughlin <stenzek@gmail.com>
Date: Wed, 14 Oct 2020 18:58:42 +1000
Subject: [PATCH] Android: Prevent OOM when importing invalid BIOSes

---
 .../com/github/stenzek/duckstation/MainActivity.java  | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/android/app/src/main/java/com/github/stenzek/duckstation/MainActivity.java b/android/app/src/main/java/com/github/stenzek/duckstation/MainActivity.java
index 789d297e9..afee15fcf 100644
--- a/android/app/src/main/java/com/github/stenzek/duckstation/MainActivity.java
+++ b/android/app/src/main/java/com/github/stenzek/duckstation/MainActivity.java
@@ -292,6 +292,9 @@ public class MainActivity extends AppCompatActivity {
     }
 
     private void onImportBIOSImageResult(Uri uri) {
+        // This should really be 512K but just in case we wanted to support the other BIOSes in the future...
+        final int MAX_BIOS_SIZE = 2 * 1024 * 1024;
+
         InputStream stream = null;
         try {
             stream = getContentResolver().openInputStream(uri);
@@ -304,10 +307,14 @@ public class MainActivity extends AppCompatActivity {
         try {
             byte[] buffer = new byte[512 * 1024];
             int len;
-            while ((len = stream.read(buffer)) > 0)
+            while ((len = stream.read(buffer)) > 0) {
                 os.write(buffer, 0, len);
+                if (os.size() > MAX_BIOS_SIZE) {
+                    throw new IOException("BIOS image is too large.");
+                }
+            }
         } catch (IOException e) {
-            Toast.makeText(this, "Failed to read BIOS image.", Toast.LENGTH_LONG);
+            Toast.makeText(this, "Failed to read BIOS image: " + e.getMessage(), Toast.LENGTH_LONG);
             return;
         }