CCF_100/yuzu-mirror
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #12501 from liamwhite/ips

Browse Source 
ips_layer: prevent out of bounds access with offset exceeding module size
This commit is contained in:
Narr the Reg
2024-01-01 13:56:06 -06:00
committed by GitHub
parent f47d618e54 d1c99c5d52
commit 4d49f095b3
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/core/file_sys/ips_layer.cpp
View File

@@ -73,6 +73,9 @@ VirtualFile PatchIPS(const VirtualFile& in, const VirtualFile& ips) {
return nullptr;
auto in_data = in->ReadAllBytes();
if (in_data.size() == 0) {
return nullptr;
}
std::vector<u8> temp(type == IPSFileType::IPS ? 3 : 4);
u64 offset = 5; // After header
@@ -88,6 +91,10 @@ VirtualFile PatchIPS(const VirtualFile& in, const VirtualFile& ips) {
else
real_offset = (temp[0] << 16) | (temp[1] << 8) | temp[2];
if (real_offset > in_data.size()) {
return nullptr;
}
u16 data_size{};
if (ips->ReadObject(&data_size, offset) != sizeof(u16))
return nullptr;