diff options
author | liamwhite <liamwhite@users.noreply.github.com> | 2023-07-24 19:47:11 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-07-24 19:47:11 +0200 |
commit | 18000df5e968af0aa9784f398a97da2733262126 (patch) | |
tree | 731480485f1d42ebc9945ce42351dd5340a4f889 /src/core/hle | |
parent | Merge pull request #11135 from liamwhite/getaddrinfo (diff) | |
parent | core: reduce TOCTTOU memory access (diff) | |
download | yuzu-18000df5e968af0aa9784f398a97da2733262126.tar yuzu-18000df5e968af0aa9784f398a97da2733262126.tar.gz yuzu-18000df5e968af0aa9784f398a97da2733262126.tar.bz2 yuzu-18000df5e968af0aa9784f398a97da2733262126.tar.lz yuzu-18000df5e968af0aa9784f398a97da2733262126.tar.xz yuzu-18000df5e968af0aa9784f398a97da2733262126.tar.zst yuzu-18000df5e968af0aa9784f398a97da2733262126.zip |
Diffstat (limited to 'src/core/hle')
-rw-r--r-- | src/core/hle/kernel/svc/svc_ipc.cpp | 11 | ||||
-rw-r--r-- | src/core/hle/kernel/svc/svc_synchronization.cpp | 11 |
2 files changed, 8 insertions, 14 deletions
diff --git a/src/core/hle/kernel/svc/svc_ipc.cpp b/src/core/hle/kernel/svc/svc_ipc.cpp index bb94f6934..373ae7c8d 100644 --- a/src/core/hle/kernel/svc/svc_ipc.cpp +++ b/src/core/hle/kernel/svc/svc_ipc.cpp @@ -8,6 +8,7 @@ #include "core/hle/kernel/k_process.h" #include "core/hle/kernel/k_server_session.h" #include "core/hle/kernel/svc.h" +#include "core/hle/kernel/svc_results.h" namespace Kernel::Svc { @@ -49,14 +50,10 @@ Result ReplyAndReceive(Core::System& system, s32* out_index, uint64_t handles_ad // Copy user handles. if (num_handles > 0) { - // Ensure we can try to get the handles. - R_UNLESS(GetCurrentMemory(kernel).IsValidVirtualAddressRange( - handles_addr, static_cast<u64>(sizeof(Handle) * num_handles)), - ResultInvalidPointer); - // Get the handles. - GetCurrentMemory(kernel).ReadBlock(handles_addr, handles.data(), - sizeof(Handle) * num_handles); + R_UNLESS(GetCurrentMemory(kernel).ReadBlock(handles_addr, handles.data(), + sizeof(Handle) * num_handles), + ResultInvalidPointer); // Convert the handles to objects. R_UNLESS(handle_table.GetMultipleObjects<KSynchronizationObject>( diff --git a/src/core/hle/kernel/svc/svc_synchronization.cpp b/src/core/hle/kernel/svc/svc_synchronization.cpp index f02d03f30..366e8ed4a 100644 --- a/src/core/hle/kernel/svc/svc_synchronization.cpp +++ b/src/core/hle/kernel/svc/svc_synchronization.cpp @@ -7,6 +7,7 @@ #include "core/hle/kernel/k_process.h" #include "core/hle/kernel/k_readable_event.h" #include "core/hle/kernel/svc.h" +#include "core/hle/kernel/svc_results.h" namespace Kernel::Svc { @@ -64,14 +65,10 @@ Result WaitSynchronization(Core::System& system, int32_t* out_index, u64 user_ha // Copy user handles. if (num_handles > 0) { - // Ensure we can try to get the handles. - R_UNLESS(GetCurrentMemory(kernel).IsValidVirtualAddressRange( - user_handles, static_cast<u64>(sizeof(Handle) * num_handles)), - ResultInvalidPointer); - // Get the handles. - GetCurrentMemory(kernel).ReadBlock(user_handles, handles.data(), - sizeof(Handle) * num_handles); + R_UNLESS(GetCurrentMemory(kernel).ReadBlock(user_handles, handles.data(), + sizeof(Handle) * num_handles), + ResultInvalidPointer); // Convert the handles to objects. R_UNLESS(handle_table.GetMultipleObjects<KSynchronizationObject>( |