From fdb93b51f31a726e36c7bc423e572673c84d407e Mon Sep 17 00:00:00 2001
From: d0k3 <tore.anon@gmail.com>
Date: Sat, 12 Aug 2017 20:44:23 +0200
Subject: [PATCH] Fix FIRM validation before boot

---
 source/game/firm.c | 5 ++---
 source/godmode.c   | 2 +-
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/source/game/firm.c b/source/game/firm.c
index d9c1b3c..ade7d42 100644
--- a/source/game/firm.c
+++ b/source/game/firm.c
@@ -71,12 +71,11 @@ u32 ValidateFirm(void* firm, u32 firm_size) {
         u32 valid_address[] = { FIRM_VALID_ADDRESS };
         FirmSectionHeader* section = header->sections + i;
         if (!section->size) continue;
-        if (sha_cmp(section->hash, (u8*) firm + section->offset, section->size, SHA256_MODE) != 0) {
+        if (sha_cmp(section->hash, ((u8*) firm) + section->offset, section->size, SHA256_MODE) != 0)
             return 1;
-        }
         bool is_valid_address = false;
         for (u32 a = 0; a < sizeof(valid_address) / (2*sizeof(u32)); a++) {
-            if ((valid_address[2*a] >= section->address) && (valid_address[(2*a)+1] <= section->address + section->size))
+            if ((section->address >= valid_address[2*a]) && (section->address + section->size <= valid_address[(2*a)+1]))
                 is_valid_address = true;
         }
         if (!is_valid_address) return 1;
diff --git a/source/godmode.c b/source/godmode.c
index 7992000..4002f5a 100644
--- a/source/godmode.c
+++ b/source/godmode.c
@@ -1423,7 +1423,7 @@ u32 FileHandlerMenu(char* current_path, u32* cursor, u32* scroll, DirStruct* cur
             ShowPrompt(false, "FIRM too big, can't launch"); // unlikely
         } else if (ShowUnlockSequence(3, "%s (%dkB)\nBoot FIRM via chainloader?", pathstr, firm_size / 1024)) {
             if ((FileGetData(curr_entry->path, TEMP_BUFFER, firm_size, 0) == firm_size) &&
-                (ValidateFirm(TEMP_BUFFER, firm_size) != 0)) {
+                (ValidateFirm(TEMP_BUFFER, firm_size) == 0)) {
                 // fix the boot path first ("sdmc"/"nand" for Luma et al, hacky af)
                 const char* bootpath = curr_entry->path;
                 char fixpath[256] = { 0 };