Add safety check so that we cannot create an entry that is out-of-bounds within a chunk

Author: Mallory Paine

FastImageCache/FICImageTable.m

@@ -487,14 +487,16 @@ - (FICImageTableEntry *)_entryDataAtIndex:(NSInteger)index {
             void *mappedChunkAddress = [chunk bytes];
             void *mappedEntryAddress = mappedChunkAddress + entryOffsetInChunk;
             entryData = [[FICImageTableEntry alloc] initWithImageTableChunk:chunk bytes:mappedEntryAddress length:_entryLength];
-            [entryData setIndex:index];
 
-            [_chunkSet addObject:chunk];
+            if (entryData) {
+                [entryData setIndex:index];
+                [_chunkSet addObject:chunk];
 
-            __weak FICImageTable *weakSelf = self;
-            [entryData executeBlockOnDealloc:^{
-                [weakSelf _entryWasDeallocatedFromChunk:chunk];
-            }];
+                __weak FICImageTable *weakSelf = self;
+                [entryData executeBlockOnDealloc:^{
+                    [weakSelf _entryWasDeallocatedFromChunk:chunk];
+                }];
+            }
         }
     }
 

FastImageCache/FICImageTableEntry.m

@@ -64,10 +64,17 @@ - (id)initWithImageTableChunk:(FICImageTableChunk *)imageTableChunk bytes:(void
     self = [super init];
 
     if (self != nil) {
-        _imageTableChunk = imageTableChunk;
-        _bytes = bytes;
-        _length = length;
-        _deallocBlocks = [[NSMutableArray alloc] init];
+        // Safety check
+        void *entryMax = bytes + length;
+        void *chunkMax = [imageTableChunk bytes] + [imageTableChunk length];
+        if (entryMax > chunkMax) {
+            self = nil;
+        } else {
+            _imageTableChunk = imageTableChunk;
+            _bytes = bytes;
+            _length = length;
+            _deallocBlocks = [[NSMutableArray alloc] init];
+        }
     }
 
     return self;