forked from suyu/suyu
core: reduce TOCTTOU memory access
This commit is contained in:
parent
d144168442
commit
9f3f615e05
3 changed files with 11 additions and 20 deletions
|
@ -261,10 +261,8 @@ void GDBStub::ExecuteCommand(std::string_view packet, std::vector<DebuggerAction
|
||||||
const size_t addr{static_cast<size_t>(strtoll(command.data(), nullptr, 16))};
|
const size_t addr{static_cast<size_t>(strtoll(command.data(), nullptr, 16))};
|
||||||
const size_t size{static_cast<size_t>(strtoll(command.data() + sep, nullptr, 16))};
|
const size_t size{static_cast<size_t>(strtoll(command.data() + sep, nullptr, 16))};
|
||||||
|
|
||||||
if (system.ApplicationMemory().IsValidVirtualAddressRange(addr, size)) {
|
std::vector<u8> mem(size);
|
||||||
std::vector<u8> mem(size);
|
if (system.ApplicationMemory().ReadBlock(addr, mem.data(), size)) {
|
||||||
system.ApplicationMemory().ReadBlock(addr, mem.data(), size);
|
|
||||||
|
|
||||||
SendReply(Common::HexToString(mem));
|
SendReply(Common::HexToString(mem));
|
||||||
} else {
|
} else {
|
||||||
SendReply(GDB_STUB_REPLY_ERR);
|
SendReply(GDB_STUB_REPLY_ERR);
|
||||||
|
@ -281,8 +279,7 @@ void GDBStub::ExecuteCommand(std::string_view packet, std::vector<DebuggerAction
|
||||||
const auto mem_substr{std::string_view(command).substr(mem_sep)};
|
const auto mem_substr{std::string_view(command).substr(mem_sep)};
|
||||||
const auto mem{Common::HexStringToVector(mem_substr, false)};
|
const auto mem{Common::HexStringToVector(mem_substr, false)};
|
||||||
|
|
||||||
if (system.ApplicationMemory().IsValidVirtualAddressRange(addr, size)) {
|
if (system.ApplicationMemory().WriteBlock(addr, mem.data(), size)) {
|
||||||
system.ApplicationMemory().WriteBlock(addr, mem.data(), size);
|
|
||||||
system.InvalidateCpuInstructionCacheRange(addr, size);
|
system.InvalidateCpuInstructionCacheRange(addr, size);
|
||||||
SendReply(GDB_STUB_REPLY_OK);
|
SendReply(GDB_STUB_REPLY_OK);
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -8,6 +8,7 @@
|
||||||
#include "core/hle/kernel/k_process.h"
|
#include "core/hle/kernel/k_process.h"
|
||||||
#include "core/hle/kernel/k_server_session.h"
|
#include "core/hle/kernel/k_server_session.h"
|
||||||
#include "core/hle/kernel/svc.h"
|
#include "core/hle/kernel/svc.h"
|
||||||
|
#include "core/hle/kernel/svc_results.h"
|
||||||
|
|
||||||
namespace Kernel::Svc {
|
namespace Kernel::Svc {
|
||||||
|
|
||||||
|
@ -49,14 +50,10 @@ Result ReplyAndReceive(Core::System& system, s32* out_index, uint64_t handles_ad
|
||||||
|
|
||||||
// Copy user handles.
|
// Copy user handles.
|
||||||
if (num_handles > 0) {
|
if (num_handles > 0) {
|
||||||
// Ensure we can try to get the handles.
|
|
||||||
R_UNLESS(GetCurrentMemory(kernel).IsValidVirtualAddressRange(
|
|
||||||
handles_addr, static_cast<u64>(sizeof(Handle) * num_handles)),
|
|
||||||
ResultInvalidPointer);
|
|
||||||
|
|
||||||
// Get the handles.
|
// Get the handles.
|
||||||
GetCurrentMemory(kernel).ReadBlock(handles_addr, handles.data(),
|
R_UNLESS(GetCurrentMemory(kernel).ReadBlock(handles_addr, handles.data(),
|
||||||
sizeof(Handle) * num_handles);
|
sizeof(Handle) * num_handles),
|
||||||
|
ResultInvalidPointer);
|
||||||
|
|
||||||
// Convert the handles to objects.
|
// Convert the handles to objects.
|
||||||
R_UNLESS(handle_table.GetMultipleObjects<KSynchronizationObject>(
|
R_UNLESS(handle_table.GetMultipleObjects<KSynchronizationObject>(
|
||||||
|
|
|
@ -7,6 +7,7 @@
|
||||||
#include "core/hle/kernel/k_process.h"
|
#include "core/hle/kernel/k_process.h"
|
||||||
#include "core/hle/kernel/k_readable_event.h"
|
#include "core/hle/kernel/k_readable_event.h"
|
||||||
#include "core/hle/kernel/svc.h"
|
#include "core/hle/kernel/svc.h"
|
||||||
|
#include "core/hle/kernel/svc_results.h"
|
||||||
|
|
||||||
namespace Kernel::Svc {
|
namespace Kernel::Svc {
|
||||||
|
|
||||||
|
@ -64,14 +65,10 @@ Result WaitSynchronization(Core::System& system, int32_t* out_index, u64 user_ha
|
||||||
|
|
||||||
// Copy user handles.
|
// Copy user handles.
|
||||||
if (num_handles > 0) {
|
if (num_handles > 0) {
|
||||||
// Ensure we can try to get the handles.
|
|
||||||
R_UNLESS(GetCurrentMemory(kernel).IsValidVirtualAddressRange(
|
|
||||||
user_handles, static_cast<u64>(sizeof(Handle) * num_handles)),
|
|
||||||
ResultInvalidPointer);
|
|
||||||
|
|
||||||
// Get the handles.
|
// Get the handles.
|
||||||
GetCurrentMemory(kernel).ReadBlock(user_handles, handles.data(),
|
R_UNLESS(GetCurrentMemory(kernel).ReadBlock(user_handles, handles.data(),
|
||||||
sizeof(Handle) * num_handles);
|
sizeof(Handle) * num_handles),
|
||||||
|
ResultInvalidPointer);
|
||||||
|
|
||||||
// Convert the handles to objects.
|
// Convert the handles to objects.
|
||||||
R_UNLESS(handle_table.GetMultipleObjects<KSynchronizationObject>(
|
R_UNLESS(handle_table.GetMultipleObjects<KSynchronizationObject>(
|
||||||
|
|
Loading…
Reference in a new issue