From 1c8af096dec462d068a6d35aa286cc93b05e43f1 Mon Sep 17 00:00:00 2001
From: WerWolv <werwolv98@gmail.com>
Date: Sat, 11 Nov 2023 23:11:34 +0100
Subject: [PATCH] fix: Out of bounds read with a zero-size file

---
 plugins/builtin/source/content/providers/file_provider.cpp     | 3 ++-
 .../builtin/source/content/providers/memory_file_provider.cpp  | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/plugins/builtin/source/content/providers/file_provider.cpp b/plugins/builtin/source/content/providers/file_provider.cpp
index c813cd56e..754e0b044 100644
--- a/plugins/builtin/source/content/providers/file_provider.cpp
+++ b/plugins/builtin/source/content/providers/file_provider.cpp
@@ -64,7 +64,8 @@ namespace hex::plugin::builtin {
     }
 
     void FileProvider::readRaw(u64 offset, void *buffer, size_t size) {
-        if (offset > (this->getActualSize() - size) || buffer == nullptr || size == 0)
+        auto actualSize = this->getActualSize();
+        if (actualSize == 0 || (offset + size) > actualSize || buffer == nullptr || size == 0)
             return;
 
         std::memcpy(buffer, this->m_file.getMapping() + offset, size);
diff --git a/plugins/builtin/source/content/providers/memory_file_provider.cpp b/plugins/builtin/source/content/providers/memory_file_provider.cpp
index 3f60b9f6c..ba063a57e 100644
--- a/plugins/builtin/source/content/providers/memory_file_provider.cpp
+++ b/plugins/builtin/source/content/providers/memory_file_provider.cpp
@@ -22,7 +22,8 @@ namespace hex::plugin::builtin {
     }
 
     void MemoryFileProvider::readRaw(u64 offset, void *buffer, size_t size) {
-        if ((offset + size) > this->getActualSize() || buffer == nullptr || size == 0)
+        auto actualSize = this->getActualSize();
+        if (actualSize == 0 || (offset + size) > actualSize || buffer == nullptr || size == 0)
             return;
 
         std::memcpy(buffer, &this->m_data.front() + offset, size);