Mirror/GodMode9
1
0
Fork 1
mirror of https://github.com/d0k3/GodMode9.git synced 2025-06-26 05:32:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix sprintf format vulnerability

Browse Source
This commit is contained in:
windows-server-2003 2018-05-12 08:47:06 +09:00 committed by d0k3
parent 5b413a9eb3
commit 46f67e1d18
11 changed files with 25 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -30,7 +30,7 @@ export INCLUDE := -I"$(shell pwd)/common"
export ASFLAGS := -g -x assembler-with-cpp $(INCLUDE) export ASFLAGS := -g -x assembler-with-cpp $(INCLUDE)
export CFLAGS := -DDBUILTS="\"$(DBUILTS)\"" -DDBUILTL="\"$(DBUILTL)\"" -DVERSION="\"$(VERSION)\"" -DFLAVOR="\"$(FLAVOR)\"" \ export CFLAGS := -DDBUILTS="\"$(DBUILTS)\"" -DDBUILTL="\"$(DBUILTL)\"" -DVERSION="\"$(VERSION)\"" -DFLAVOR="\"$(FLAVOR)\"" \
-g -O2 -Wall -Wextra -Wpedantic -Wcast-align -Wno-main \ -g -O2 -Wall -Wextra -Wpedantic -Wcast-align -Wformat=2 -Wno-main \
-fomit-frame-pointer -ffast-math -std=gnu11 \ -fomit-frame-pointer -ffast-math -std=gnu11 \
-Wno-unused-function $(INCLUDE) -ffunction-sections -fdata-sections -Wno-unused-function $(INCLUDE) -ffunction-sections -fdata-sections
export LDFLAGS := -Tlink.ld -nostartfiles -Wl,--gc-sections,-z,max-page-size=512 export LDFLAGS := -Tlink.ld -nostartfiles -Wl,--gc-sections,-z,max-page-size=512

4
arm9/source/common/ui.c
View File

@ -346,9 +346,9 @@ void TruncateString(char* dest, const char* orig, int nsize, int tpos) {
if (nsize < 0) { if (nsize < 0) {
return; return;
} else if (nsize <= 3) { } else if (nsize <= 3) {
snprintf(dest, nsize, orig); snprintf(dest, nsize, "%s", orig);
} else if (nsize >= osize) { } else if (nsize >= osize) {
snprintf(dest, nsize + 1, orig); snprintf(dest, nsize + 1, "%s", orig);
} else { } else {
if (tpos + 3 > nsize) tpos = nsize - 3; if (tpos + 3 > nsize) tpos = nsize - 3;
snprintf(dest, nsize + 1, "%-.*s...%-.*s", tpos, orig, nsize - (3 + tpos), orig + osize - (nsize - (3 + tpos))); snprintf(dest, nsize + 1, "%-.*s...%-.*s", tpos, orig, nsize - (3 + tpos), orig + osize - (nsize - (3 + tpos)));

2
arm9/source/filesys/fsdrive.c
View File

@ -89,7 +89,7 @@ bool GetRootDirContentsWorker(DirStruct* contents) {
DirEntry* entry = &(contents->entry[n_entries]); DirEntry* entry = &(contents->entry[n_entries]);
if (!DriveType(drvnum[i])) continue; // drive not available if (!DriveType(drvnum[i])) continue; // drive not available
memset(entry->path, 0x00, 64); memset(entry->path, 0x00, 64);
snprintf(entry->path + 0, 4, drvnum[i]); snprintf(entry->path + 0, 4, "%s", drvnum[i]);
if ((*(drvnum[i]) >= '7') && (*(drvnum[i]) <= '9') && !(GetMountState() & IMG_NAND)) // Drive 7...9 handling if ((*(drvnum[i]) >= '7') && (*(drvnum[i]) <= '9') && !(GetMountState() & IMG_NAND)) // Drive 7...9 handling
snprintf(entry->path + 4, 32, "[%s] %s", drvnum[i], snprintf(entry->path + 4, 32, "[%s] %s", drvnum[i],
(*(drvnum[i]) == '7') ? "FAT IMAGE" : (*(drvnum[i]) == '7') ? "FAT IMAGE" :

4
arm9/source/filesys/fsutil.c
View File

@ -808,7 +808,7 @@ bool FileSelectorWorker(char* result, const char* text, const char* path, const
} }
char temp_str[256]; char temp_str[256];
snprintf(temp_str, 256, entry->name); snprintf(temp_str, 256, "%s", entry->name);
if (hide_ext && (entry->type == T_FILE)) { if (hide_ext && (entry->type == T_FILE)) {
char* dot = strrchr(temp_str, '.'); char* dot = strrchr(temp_str, '.');
if (dot) *dot = '\0'; if (dot) *dot = '\0';
@ -823,7 +823,7 @@ bool FileSelectorWorker(char* result, const char* text, const char* path, const
const char* optionstr[_MAX_FS_OPT+1] = { NULL }; const char* optionstr[_MAX_FS_OPT+1] = { NULL };
for (u32 i = 0; i <= _MAX_FS_OPT; i++) optionstr[i] = opt_names[i]; for (u32 i = 0; i <= _MAX_FS_OPT; i++) optionstr[i] = opt_names[i];
u32 user_select = ShowSelectPrompt(n_opt, optionstr, text); u32 user_select = ShowSelectPrompt(n_opt, optionstr, "%s", text);
if (!user_select) return false; if (!user_select) return false;
DirEntry* res_local = res_entry[user_select-1]; DirEntry* res_local = res_entry[user_select-1];
if (res_local && (res_local->type == T_DIR)) { // selected dir if (res_local && (res_local->type == T_DIR)) { // selected dir

18
arm9/source/godmode.c
View File

@ -161,7 +161,7 @@ void DrawTopBar(const char* curr_path) {
DrawRectangle(TOP_SCREEN, 0, 0, SCREEN_WIDTH_TOP, 12, COLOR_TOP_BAR); DrawRectangle(TOP_SCREEN, 0, 0, SCREEN_WIDTH_TOP, 12, COLOR_TOP_BAR);
if (*curr_path) TruncateString(tempstr, curr_path, len_path / FONT_WIDTH_EXT, 8); if (*curr_path) TruncateString(tempstr, curr_path, len_path / FONT_WIDTH_EXT, 8);
else snprintf(tempstr, 16, "[root]"); else snprintf(tempstr, 16, "[root]");
DrawStringF(TOP_SCREEN, bartxt_x, bartxt_start, COLOR_STD_BG, COLOR_TOP_BAR, tempstr); DrawStringF(TOP_SCREEN, bartxt_x, bartxt_start, COLOR_STD_BG, COLOR_TOP_BAR, "%s", tempstr);
bool show_time = true; bool show_time = true;
#ifdef SHOW_FREE #ifdef SHOW_FREE
@ -261,10 +261,10 @@ void DrawUserInterface(const char* curr_path, DirEntry* curr_entry, u32 curr_pan
strncpy(dirstr, curr_entry->path, 256); strncpy(dirstr, curr_entry->path, 256);
*(strrchr(dirstr, '/')+1) = '\0'; *(strrchr(dirstr, '/')+1) = '\0';
ResizeString(tempstr, dirstr, len_info / FONT_WIDTH_EXT, 8, false); ResizeString(tempstr, dirstr, len_info / FONT_WIDTH_EXT, 8, false);
DrawStringF(MAIN_SCREEN, 4, info_start + 12 + 10 + 10, color_current, COLOR_STD_BG, tempstr); DrawStringF(MAIN_SCREEN, 4, info_start + 12 + 10 + 10, color_current, COLOR_STD_BG, "%s", tempstr);
} else { } else {
ResizeString(tempstr, "", len_info / FONT_WIDTH_EXT, 8, false); ResizeString(tempstr, "", len_info / FONT_WIDTH_EXT, 8, false);
DrawStringF(MAIN_SCREEN, 4, info_start + 12 + 10 + 10, color_current, COLOR_STD_BG, tempstr); DrawStringF(MAIN_SCREEN, 4, info_start + 12 + 10 + 10, color_current, COLOR_STD_BG, "%s", tempstr);
} }
// right top - clipboard // right top - clipboard
@ -273,7 +273,7 @@ void DrawUserInterface(const char* curr_path, DirEntry* curr_entry, u32 curr_pan
for (u32 c = 0; c < n_cb_show; c++) { for (u32 c = 0; c < n_cb_show; c++) {
u32 color_cb = COLOR_ENTRY(&(clipboard->entry[c])); u32 color_cb = COLOR_ENTRY(&(clipboard->entry[c]));
ResizeString(tempstr, (clipboard->n_entries > c) ? clipboard->entry[c].name : "", len_info / FONT_WIDTH_EXT, 8, true); ResizeString(tempstr, (clipboard->n_entries > c) ? clipboard->entry[c].name : "", len_info / FONT_WIDTH_EXT, 8, true);
DrawStringF(MAIN_SCREEN, SCREEN_WIDTH_MAIN - len_info - 4, info_start + 12 + (c*10), color_cb, COLOR_STD_BG, tempstr); DrawStringF(MAIN_SCREEN, SCREEN_WIDTH_MAIN - len_info - 4, info_start + 12 + (c*10), color_cb, COLOR_STD_BG, "%s", tempstr);
} }
*tempstr = '\0'; *tempstr = '\0';
if (clipboard->n_entries > n_cb_show) snprintf(tempstr, 60, "+ %lu more", clipboard->n_entries - n_cb_show); if (clipboard->n_entries > n_cb_show) snprintf(tempstr, 60, "+ %lu more", clipboard->n_entries - n_cb_show);
@ -1567,7 +1567,7 @@ u32 FileHandlerMenu(char* current_path, u32* cursor, u32* scroll, PaneData** pan
optionstr[n_opt] = "EmuNAND H&S inject"; optionstr[n_opt] = "EmuNAND H&S inject";
destdrv[n_opt++] = "4:"; destdrv[n_opt++] = "4:";
} }
user_select = (n_opt > 1) ? (int) ShowSelectPrompt(n_opt, optionstr, pathstr) : n_opt; user_select = (n_opt > 1) ? (int) ShowSelectPrompt(n_opt, optionstr, "%s", pathstr) : n_opt;
if (user_select) { if (user_select) {
ShowPrompt(false, "%s\nH&S inject %s", pathstr, ShowPrompt(false, "%s\nH&S inject %s", pathstr,
(InjectHealthAndSafety(file_path, destdrv[user_select-1]) == 0) ? "success" : "failed"); (InjectHealthAndSafety(file_path, destdrv[user_select-1]) == 0) ? "success" : "failed");
@ -1633,7 +1633,7 @@ u32 FileHandlerMenu(char* current_path, u32* cursor, u32* scroll, PaneData** pan
destdrv[n_opt++] = "4:"; destdrv[n_opt++] = "4:";
} }
if (n_opt) { if (n_opt) {
user_select = (n_opt > 1) ? (int) ShowSelectPrompt(n_opt, optionstr, pathstr) : 1; user_select = (n_opt > 1) ? (int) ShowSelectPrompt(n_opt, optionstr, "%s", pathstr) : 1;
if (user_select) { if (user_select) {
ShowPrompt(false, "%s\nCTRNAND transfer %s", pathstr, ShowPrompt(false, "%s\nCTRNAND transfer %s", pathstr,
(TransferCtrNandImage(file_path, destdrv[user_select-1]) == 0) ? "success" : "failed"); (TransferCtrNandImage(file_path, destdrv[user_select-1]) == 0) ? "success" : "failed");
@ -2157,7 +2157,7 @@ u32 GodMode(int entrypoint) {
const char* optionstr[2] = { "Open this folder", "Open containing folder" }; const char* optionstr[2] = { "Open this folder", "Open containing folder" };
char pathstr[32 + 1]; char pathstr[32 + 1];
TruncateString(pathstr, curr_entry->path, 32, 8); TruncateString(pathstr, curr_entry->path, 32, 8);
user_select = ShowSelectPrompt(2, optionstr, pathstr); user_select = ShowSelectPrompt(2, optionstr, "%s", pathstr);
} }
if (user_select) { if (user_select) {
strncpy(current_path, curr_entry->path, 256); strncpy(current_path, curr_entry->path, 256);
@ -2323,7 +2323,7 @@ u32 GodMode(int entrypoint) {
snprintf(promptstr, 64, "Paste \"%s\" here?", namestr); snprintf(promptstr, 64, "Paste \"%s\" here?", namestr);
} else snprintf(promptstr, 64, "Paste %lu paths here?", clipboard->n_entries); } else snprintf(promptstr, 64, "Paste %lu paths here?", clipboard->n_entries);
user_select = ((DriveType(clipboard->entry[0].path) & curr_drvtype & DRV_STDFAT)) ? user_select = ((DriveType(clipboard->entry[0].path) & curr_drvtype & DRV_STDFAT)) ?
ShowSelectPrompt(2, optionstr, promptstr) : (ShowPrompt(true, promptstr) ? 1 : 0); ShowSelectPrompt(2, optionstr, "%s", promptstr) : (ShowPrompt(true, "%s", promptstr) ? 1 : 0);
if (user_select) { if (user_select) {
for (u32 c = 0; c < clipboard->n_entries; c++) { for (u32 c = 0; c < clipboard->n_entries; c++) {
char namestr[36+1]; char namestr[36+1];
@ -2354,7 +2354,7 @@ u32 GodMode(int entrypoint) {
char newname[256]; char newname[256];
char namestr[20+1]; char namestr[20+1];
TruncateString(namestr, curr_entry->name, 20, 12); TruncateString(namestr, curr_entry->name, 20, 12);
snprintf(newname, 255, curr_entry->name); snprintf(newname, 255, "%s", curr_entry->name);
if (ShowStringPrompt(newname, 256, "Rename %s?\nEnter new name below.", namestr)) { if (ShowStringPrompt(newname, 256, "Rename %s?\nEnter new name below.", namestr)) {
if (!PathRename(curr_entry->path, newname)) if (!PathRename(curr_entry->path, newname))
ShowPrompt(false, "Failed renaming path:\n%s", namestr); ShowPrompt(false, "Failed renaming path:\n%s", namestr);

2
arm9/source/nand/sdmmc.c
View File

@ -497,4 +497,4 @@ u32 sdmmc_sdcard_init()
if(Nand_Init() != 0) ret &= 1; if(Nand_Init() != 0) ret &= 1;
if(SD_Init() != 0) ret &= 2; if(SD_Init() != 0) ret &= 2;
return ret; return ret;
} }

2
arm9/source/nand/sdmmc.h
View File

@ -99,4 +99,4 @@ int sdmmc_sdcard_writesectors(u32 sector_no, u32 numsectors, const u8 *in);
int sdmmc_nand_readsectors(u32 sector_no, u32 numsectors, u8 *out); int sdmmc_nand_readsectors(u32 sector_no, u32 numsectors, u8 *out);
int sdmmc_nand_writesectors(u32 sector_no, u32 numsectors, const u8 *in); int sdmmc_nand_writesectors(u32 sector_no, u32 numsectors, const u8 *in);
void sdmmc_get_cid(bool isNand, u32 *info); void sdmmc_get_cid(bool isNand, u32 *info);
mmcdevice *getMMCDevice(int drive); mmcdevice *getMMCDevice(int drive);

2
arm9/source/system/bps.c
View File

@ -432,4 +432,4 @@ int ApplyBPMPatch(const char* patchName, const char* sourcePath, const char* tar
fvx_close(&patchFile); fvx_close(&patchFile);
return BEAT_SUCCESS; return BEAT_SUCCESS;
} }

2
arm9/source/system/ips.c
View File

@ -196,4 +196,4 @@ int ApplyIPSPatch(const char* patchName, const char* inName, const char* outName
fvx_lseek(&outFile, outSize); fvx_lseek(&outFile, outSize);
f_truncate(&outFile); f_truncate(&outFile);
return ret(error); return ret(error);
} }

2
arm9/source/system/ips.h
View File

@ -4,4 +4,4 @@
#pragma once #pragma once
int ApplyIPSPatch(const char* patchName, const char* sourceName, const char* targetName); int ApplyIPSPatch(const char* patchName, const char* sourceName, const char* targetName);

10
arm9/source/utils/scripting.c
View File

@ -718,8 +718,8 @@ bool for_handler(char* path, const char* dir, const char* pattern, bool recursiv
} }
if (dir) { // open a dir if (dir) { // open a dir
snprintf(lpattern, 64, pattern); snprintf(lpattern, 64, "%s", pattern);
snprintf(ldir, 256, dir); snprintf(ldir, 256, "%s", dir);
if (dp) return false; // <- this should never happen if (dp) return false; // <- this should never happen
if (fvx_opendir(&fdir[0], dir) != FR_OK) if (fvx_opendir(&fdir[0], dir) != FR_OK)
return false; return false;
@ -1805,7 +1805,7 @@ bool ExecuteGM9Script(const char* path_script) {
free(bitmap); free(bitmap);
} else { } else {
if (strncmp(preview_str, "off", _VAR_CNT_LEN) == 0) preview_str = "(preview disabled)"; if (strncmp(preview_str, "off", _VAR_CNT_LEN) == 0) preview_str = "(preview disabled)";
DrawStringCenter(TOP_SCREEN, COLOR_STD_FONT, COLOR_STD_BG, preview_str); DrawStringCenter(TOP_SCREEN, COLOR_STD_FONT, COLOR_STD_BG, "%s", preview_str);
} }
preview_mode = 0; preview_mode = 0;
@ -1874,7 +1874,7 @@ bool ExecuteGM9Script(const char* path_script) {
if (!(flags & _FLG('s'))) { // not silent if (!(flags & _FLG('s'))) { // not silent
if (!*err_str) { if (!*err_str) {
char* msg_fail = get_var("ERRORMSG", NULL); char* msg_fail = get_var("ERRORMSG", NULL);
if (msg_fail && *msg_fail) ShowPrompt(false, msg_fail); if (msg_fail && *msg_fail) ShowPrompt(false, "%s", msg_fail);
else snprintf(err_str, _ERR_STR_LEN, "error message fail"); else snprintf(err_str, _ERR_STR_LEN, "error message fail");
} }
if (*err_str) { if (*err_str) {
@ -1926,7 +1926,7 @@ bool ExecuteGM9Script(const char* path_script) {
if (result) { // success message if applicable if (result) { // success message if applicable
char* msg_okay = get_var("SUCCESSMSG", NULL); char* msg_okay = get_var("SUCCESSMSG", NULL);
if (msg_okay && *msg_okay) ShowPrompt(false, msg_okay); if (msg_okay && *msg_okay) ShowPrompt(false, "%s", msg_okay);
} }