diff options
author | Narr the Reg <juangerman-13@hotmail.com> | 2024-01-01 20:56:06 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-01-01 20:56:06 +0100 |
commit | 4d49f095b3bee2a417b462f675d398d563b5b37d (patch) | |
tree | 719495d487ff3c3d6549a3ae7d2d89d2a485180c /src/core | |
parent | Merge pull request #12513 from liamwhite/jit-fix (diff) | |
parent | ips_layer: prevent out of bounds access with offset exceeding module size (diff) | |
download | yuzu-4d49f095b3bee2a417b462f675d398d563b5b37d.tar yuzu-4d49f095b3bee2a417b462f675d398d563b5b37d.tar.gz yuzu-4d49f095b3bee2a417b462f675d398d563b5b37d.tar.bz2 yuzu-4d49f095b3bee2a417b462f675d398d563b5b37d.tar.lz yuzu-4d49f095b3bee2a417b462f675d398d563b5b37d.tar.xz yuzu-4d49f095b3bee2a417b462f675d398d563b5b37d.tar.zst yuzu-4d49f095b3bee2a417b462f675d398d563b5b37d.zip |
Diffstat (limited to 'src/core')
-rw-r--r-- | src/core/file_sys/ips_layer.cpp | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/core/file_sys/ips_layer.cpp b/src/core/file_sys/ips_layer.cpp index 7be1322cc..31033634c 100644 --- a/src/core/file_sys/ips_layer.cpp +++ b/src/core/file_sys/ips_layer.cpp @@ -73,6 +73,9 @@ VirtualFile PatchIPS(const VirtualFile& in, const VirtualFile& ips) { return nullptr; auto in_data = in->ReadAllBytes(); + if (in_data.size() == 0) { + return nullptr; + } std::vector<u8> temp(type == IPSFileType::IPS ? 3 : 4); u64 offset = 5; // After header @@ -88,6 +91,10 @@ VirtualFile PatchIPS(const VirtualFile& in, const VirtualFile& ips) { else real_offset = (temp[0] << 16) | (temp[1] << 8) | temp[2]; + if (real_offset > in_data.size()) { + return nullptr; + } + u16 data_size{}; if (ips->ReadObject(&data_size, offset) != sizeof(u16)) return nullptr; |