diff options
| author |  bunnei | 2018-10-19 22:58:57 -0400 |
|---|---|---|
| committer |  GitHub | 2018-10-19 22:58:57 -0400 |
| commit | 60317e630619ff5942fcb4b16cf1b3a0b2791cc2 (patch) | |
| tree | 5fb63e418bc7af69c9d06f7fc4ae3980e7d60aee /src/core/hle/kernel/svc.cpp | |
| parent | Merge pull request #1517 from bunnei/dma (diff) | |
| parent | svc: Add missing sanitizing checks for MapSharedMemory/UnmapSharedMemory (diff) | |
| download | yuzu-60317e630619ff5942fcb4b16cf1b3a0b2791cc2.tar.gz yuzu-60317e630619ff5942fcb4b16cf1b3a0b2791cc2.tar.xz yuzu-60317e630619ff5942fcb4b16cf1b3a0b2791cc2.zip | |
Merge pull request #1520 from lioncash/san
svc: Add missing sanitizing checks for MapSharedMemory/UnmapSharedMemory
Diffstat (limited to 'src/core/hle/kernel/svc.cpp')
| -rw-r--r-- | src/core/hle/kernel/svc.cpp | 30 |
1 files changed, 27 insertions, 3 deletions
diff --git a/src/core/hle/kernel/svc.cpp b/src/core/hle/kernel/svc.cpp index d3c9d50b5..3b8a2e230 100644 --- a/src/core/hle/kernel/svc.cpp +++ b/src/core/hle/kernel/svc.cpp | |||
| @@ -584,6 +584,10 @@ static ResultCode MapSharedMemory(Handle shared_memory_handle, VAddr addr, u64 s | |||
| 584 | return ERR_INVALID_SIZE; | 584 | return ERR_INVALID_SIZE; |
| 585 | } | 585 | } |
| 586 | 586 | ||
| 587 | if (!IsValidAddressRange(addr, size)) { | ||
| 588 | return ERR_INVALID_ADDRESS_STATE; | ||
| 589 | } | ||
| 590 | |||
| 587 | const auto permissions_type = static_cast<MemoryPermission>(permissions); | 591 | const auto permissions_type = static_cast<MemoryPermission>(permissions); |
| 588 | if (permissions_type != MemoryPermission::Read && | 592 | if (permissions_type != MemoryPermission::Read && |
| 589 | permissions_type != MemoryPermission::ReadWrite) { | 593 | permissions_type != MemoryPermission::ReadWrite) { |
| @@ -597,8 +601,14 @@ static ResultCode MapSharedMemory(Handle shared_memory_handle, VAddr addr, u64 s | |||
| 597 | return ERR_INVALID_HANDLE; | 601 | return ERR_INVALID_HANDLE; |
| 598 | } | 602 | } |
| 599 | 603 | ||
| 600 | return shared_memory->Map(Core::CurrentProcess(), addr, permissions_type, | 604 | auto* const current_process = Core::CurrentProcess(); |
| 601 | MemoryPermission::DontCare); | 605 | const auto& vm_manager = current_process->VMManager(); |
| 606 | |||
| 607 | if (!vm_manager.IsWithinASLRRegion(addr, size)) { | ||
| 608 | return ERR_INVALID_MEMORY_RANGE; | ||
| 609 | } | ||
| 610 | |||
| 611 | return shared_memory->Map(current_process, addr, permissions_type, MemoryPermission::DontCare); | ||
| 602 | } | 612 | } |
| 603 | 613 | ||
| 604 | static ResultCode UnmapSharedMemory(Handle shared_memory_handle, VAddr addr, u64 size) { | 614 | static ResultCode UnmapSharedMemory(Handle shared_memory_handle, VAddr addr, u64 size) { |
| @@ -613,10 +623,24 @@ static ResultCode UnmapSharedMemory(Handle shared_memory_handle, VAddr addr, u64 | |||
| 613 | return ERR_INVALID_SIZE; | 623 | return ERR_INVALID_SIZE; |
| 614 | } | 624 | } |
| 615 | 625 | ||
| 626 | if (!IsValidAddressRange(addr, size)) { | ||
| 627 | return ERR_INVALID_ADDRESS_STATE; | ||
| 628 | } | ||
| 629 | |||
| 616 | auto& kernel = Core::System::GetInstance().Kernel(); | 630 | auto& kernel = Core::System::GetInstance().Kernel(); |
| 617 | auto shared_memory = kernel.HandleTable().Get<SharedMemory>(shared_memory_handle); | 631 | auto shared_memory = kernel.HandleTable().Get<SharedMemory>(shared_memory_handle); |
| 632 | if (!shared_memory) { | ||
| 633 | return ERR_INVALID_HANDLE; | ||
| 634 | } | ||
| 635 | |||
| 636 | auto* const current_process = Core::CurrentProcess(); | ||
| 637 | const auto& vm_manager = current_process->VMManager(); | ||
| 638 | |||
| 639 | if (!vm_manager.IsWithinASLRRegion(addr, size)) { | ||
| 640 | return ERR_INVALID_MEMORY_RANGE; | ||
| 641 | } | ||
| 618 | 642 | ||
| 619 | return shared_memory->Unmap(Core::CurrentProcess(), addr); | 643 | return shared_memory->Unmap(current_process, addr); |
| 620 | } | 644 | } |
| 621 | 645 | ||
| 622 | /// Query process memory | 646 | /// Query process memory |