If I ends up greater than 0xfff, then the memory array can be indexed out-of-bounds. This is a security vulnerability. A malicious ROM can leverage this to escape the emulator, and execute arbitrary native code on the host system.
Interestingly, the original CHIP-8 interpreter for COSMAC VIP had this same problem, so it is arguably "correct" behaviour - but I think it's potentially unsafe in today's computing landscape. I haven't yet investigated what the effects of out-of-bounds accesses would be on a COSMAC VIP - perhaps either open-bus, or wraparound (due to mirroring), or something else entirely.
I think the simplest and "cheapest" way to fix this is to always mask the memory index with 0xFFF, effectively implementing wraparound - which is what this PR does. I'm not aware of any existing ROMs that this would affect, in any practical sense.
If
Iends up greater than 0xfff, then the memory array can be indexed out-of-bounds. This is a security vulnerability. A malicious ROM can leverage this to escape the emulator, and execute arbitrary native code on the host system.Interestingly, the original CHIP-8 interpreter for COSMAC VIP had this same problem, so it is arguably "correct" behaviour - but I think it's potentially unsafe in today's computing landscape. I haven't yet investigated what the effects of out-of-bounds accesses would be on a COSMAC VIP - perhaps either open-bus, or wraparound (due to mirroring), or something else entirely.
I think the simplest and "cheapest" way to fix this is to always mask the memory index with 0xFFF, effectively implementing wraparound - which is what this PR does. I'm not aware of any existing ROMs that this would affect, in any practical sense.