From 3c0a3da87346ad3ccb6fed5ae98765be0dff0c8c Mon Sep 17 00:00:00 2001
From: Zephyron <zephyron@citron-emu.org>
Date: Thu, 4 Dec 2025 19:43:55 +1000
Subject: [PATCH] fix(audio): add bounds checking in
 EffectContext::UpdateStateByDspShared

- Calculate max_count to prevent out-of-bounds access
- Validate effect type before calling UpdateResultState
- Add try-catch for exception handling from corrupted effects
- Prevent crashes from invalid effect data

Signed-off-by: Zephyron <zephyron@citron-emu.org>
---
 .../renderer/effect/effect_context.cpp        | 22 +++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/src/audio_core/renderer/effect/effect_context.cpp b/src/audio_core/renderer/effect/effect_context.cpp
index 00f6d7822..ef2bce731 100644
--- a/src/audio_core/renderer/effect/effect_context.cpp
+++ b/src/audio_core/renderer/effect/effect_context.cpp
@@ -33,8 +33,26 @@ u32 EffectContext::GetCount() const {
 }
 
 void EffectContext::UpdateStateByDspShared() {
-    for (size_t i = 0; i < dsp_state_count; i++) {
-        effect_infos[i].UpdateResultState(result_states_cpu[i], result_states_dsp[i]);
+    // Ensure we don't exceed the bounds of any of the spans
+    const size_t max_count = std::min({dsp_state_count,
+                                       static_cast<size_t>(effect_infos.size()),
+                                       static_cast<size_t>(result_states_cpu.size()),
+                                       static_cast<size_t>(result_states_dsp.size())});
+
+    for (size_t i = 0; i < max_count; i++) {
+        try {
+            // Validate effect type before calling virtual function to prevent crashes from corrupted data
+            const auto effect_type = effect_infos[i].GetType();
+            if (effect_type == EffectInfoBase::Type::Invalid) {
+                // Skip invalid effects
+                continue;
+            }
+            effect_infos[i].UpdateResultState(result_states_cpu[i], result_states_dsp[i]);
+        } catch (...) {
+            // If UpdateResultState throws (e.g., due to corrupted effect data), skip this effect
+            // This prevents crashes from corrupted audio effect data
+            continue;
+        }
     }
 }