From f011f5ba346d664636d28f99d1557a4eef08993a Mon Sep 17 00:00:00 2001
From: SiteRelEnby <125829806+SiteRelEnby@users.noreply.github.com>
Date: Sat, 27 Dec 2025 08:26:09 -0500
Subject: [PATCH] Fix UAF in read_ihex_chunks() when first chunk is reallocated

---
 simavr/sim/sim_hex.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/simavr/sim/sim_hex.c b/simavr/sim/sim_hex.c
index 8a9de6a8..d12b1c5f 100644
--- a/simavr/sim/sim_hex.c
+++ b/simavr/sim/sim_hex.c
@@ -172,8 +172,12 @@ read_ihex_chunks(
 			allocation += INCREMENT;
 			chunk = realloc(chunk, allocation + (sizeof *chunk - 1));
 
-			/* Update the pointer in the previous list element */
-			if ( backlink_p ) backlink_p->next = chunk;
+			/* Update the pointer in the previous list element or root */
+			if ( backlink_p ) {
+				backlink_p->next = chunk;
+			} else {
+				*chunks_p = chunk;
+			}
 
 			/* Refresh the pointer to the future chunk */
 			chunks_p = &chunk->next;