fix for use after free in case of double unmap

tests/regress/Makefile

@@ -8,6 +8,7 @@ TESTS += ro_mem_test nr_mem_test
 TESTS += timeout_segfault
 TESTS += rep_movsb
 TESTS += mem_unmap
+TESTS += mem_double_unmap
 TESTS += mem_protect
 TESTS += mem_exec
 

tests/regress/mem_double_unmap.c

@@ -0,0 +1,51 @@
+#define __STDC_FORMAT_MACROS
+#include <inttypes.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+
+#include <unicorn/unicorn.h>
+
+int main(int argc, char **argv, char **envp)
+{
+    uc_engine *uc;
+    uc_hook trace1, trace2;
+    uc_err err;
+
+    // Initialize emulator in X86-32bit mode
+    err = uc_open(UC_ARCH_X86, UC_MODE_32, &uc);
+    if (err) {
+        printf("not ok - Failed on uc_open() with error returned: %u\n", err);
+        return;
+    }
+
+    uc_mem_map(uc, 0x1000, 0x1000, UC_PROT_ALL);
+    if (err) {
+        printf("not ok - Failed on uc_mem_map() with error returned: %u\n", err);
+        return;
+    }
+
+    uc_mem_map(uc, 0x4000, 0x1000, UC_PROT_ALL);
+    if (err) {
+        printf("not ok - Failed on uc_mem_map() with error returned: %u\n", err);
+        return;
+    }
+
+    err = uc_mem_unmap(uc, 0x4000, 0x1000);
+    if (err) {
+        printf("not ok - Failed on uc_mem_unmap() with error returned: %u\n", err);
+        return;
+    }
+
+    err = uc_mem_unmap(uc, 0x4000, 0x1000);
+    if (!err) {
+        printf("not ok - second unmap succeeded\n");
+        return 1;
+    }
+
+    printf("Tests OK\n");
+    uc_close(uc);
+    return 0;
+}

uc.c

@@ -814,7 +814,7 @@ MemoryRegion *memory_mapping(struct uc_struct* uc, uint64_t address)
     // try with the cache index first
     i = uc->mapped_block_cache_index;
 
-    if (address >= uc->mapped_blocks[i]->addr && address < uc->mapped_blocks[i]->end)
+    if (i < uc->mapped_block_count && address >= uc->mapped_blocks[i]->addr && address < uc->mapped_blocks[i]->end)
         return uc->mapped_blocks[i];
 
     for(i = 0; i < uc->mapped_block_count; i++) {