summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorbunnei <bunneidev@gmail.com>2019-04-05 23:35:06 -0400
committerGitHub <noreply@github.com>2019-04-05 23:35:06 -0400
commit854ac468b9cdc16296bb78de22b459118706bbde (patch)
treeecf16bdfe7c64015c32bb74a011b111172aa6b8a /src
parent150a3c08908382bcaa891c16855a5b8c57d1e4dc (diff)
parentc39c8e69824af03799b0903f218eac81eba80751 (diff)
Merge pull request #2329 from lioncash/sanitize
kernel/svc: Properly sanitize mutex address in WaitProcessWideKeyAtomic
Diffstat (limited to 'src')
-rw-r--r--src/core/hle/kernel/svc.cpp14
1 files changed, 14 insertions, 0 deletions
diff --git a/src/core/hle/kernel/svc.cpp b/src/core/hle/kernel/svc.cpp
index ab10db3df..2fd07ab34 100644
--- a/src/core/hle/kernel/svc.cpp
+++ b/src/core/hle/kernel/svc.cpp
@@ -1339,6 +1339,20 @@ static ResultCode WaitProcessWideKeyAtomic(VAddr mutex_addr, VAddr condition_var
"called mutex_addr={:X}, condition_variable_addr={:X}, thread_handle=0x{:08X}, timeout={}",
mutex_addr, condition_variable_addr, thread_handle, nano_seconds);
+ if (Memory::IsKernelVirtualAddress(mutex_addr)) {
+ LOG_ERROR(
+ Kernel_SVC,
+ "Given mutex address must not be within the kernel address space. address=0x{:016X}",
+ mutex_addr);
+ return ERR_INVALID_ADDRESS_STATE;
+ }
+
+ if (!Common::IsWordAligned(mutex_addr)) {
+ LOG_ERROR(Kernel_SVC, "Given mutex address must be word-aligned. address=0x{:016X}",
+ mutex_addr);
+ return ERR_INVALID_ADDRESS;
+ }
+
auto* const current_process = Core::System::GetInstance().Kernel().CurrentProcess();
const auto& handle_table = current_process->GetHandleTable();
SharedPtr<Thread> thread = handle_table.Get<Thread>(thread_handle);
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-30 09:05:45 +0000