diff --git a/build/libraries_sysmenu/dht/common/src/dht.c b/build/libraries_sysmenu/dht/common/src/dht.c index 6da8cd33..9affd8db 100644 --- a/build/libraries_sysmenu/dht/common/src/dht.c +++ b/build/libraries_sysmenu/dht/common/src/dht.c @@ -159,7 +159,7 @@ static BOOL DHT_CheckDatabase(const DHTFile* pDHT) return TRUE; } -BOOL DHT_PrepareDatabase(DHTFile* pDHT, FSFile* fp) +BOOL DHT_PrepareDatabase(DHTFile* pDHT, FSFile* fp, s32 maxLength) { s32 result; s32 length; @@ -177,12 +177,18 @@ BOOL DHT_PrepareDatabase(DHTFile* pDHT, FSFile* fp) } // データベース読み込み PROFILE_COUNT(); - length = (s32)DHT_GetDatabaseLength(pDHT) - (s32)sizeof(DHTHeader); // ヘッダを除く - if ( length < 0 ) + length = (s32)DHT_GetDatabaseLength(pDHT); + if ( length < sizeof(DHTHeader) ) { OS_TPrintf("Invalid DHT header.\n"); return FALSE; } + if ( length > maxLength ) + { + OS_TPrintf("Too large size specified in the header.\n"); + return FALSE; + } + length -= (s32)sizeof(DHTHeader); // ヘッダを除く result = FS_ReadFile(fp, pDHT->database, length); if ( result != length ) { @@ -265,7 +271,7 @@ static BOOL DHT_CheckDatabaseEx(const DHTFileEx* pDHT) return TRUE; } -BOOL DHT_PrepareDatabaseEx(DHTFileEx* pDHT, FSFile* fp) +BOOL DHT_PrepareDatabaseEx(DHTFileEx* pDHT, FSFile* fp, s32 maxLength) { s32 result; s32 length; @@ -283,12 +289,18 @@ BOOL DHT_PrepareDatabaseEx(DHTFileEx* pDHT, FSFile* fp) } // 拡張データベース読み込み PROFILE_COUNT(); - length = (s32)DHT_GetDatabaseExLength(pDHT) - (s32)sizeof(DHTHeader); // ヘッダを除く - if ( length < 0 ) + length = (s32)DHT_GetDatabaseExLength(pDHT); + if ( length < sizeof(DHTHeader) ) { OS_TPrintf("Invalid DHT header. [EX]\n"); return FALSE; } + if ( length > maxLength ) + { + OS_TPrintf("Too large size specified in the header.\n"); + return FALSE; + } + length -= (s32)sizeof(DHTHeader); // ヘッダを除く result = FS_ReadFile(fp, pDHT->database, length); if ( result != length ) { @@ -371,7 +383,7 @@ static BOOL DHT_CheckDatabaseAdHoc(const DHTFileAdHoc* pDHT) return TRUE; } -BOOL DHT_PrepareDatabaseAdHoc(DHTFileAdHoc* pDHT, FSFile* fp) +BOOL DHT_PrepareDatabaseAdHoc(DHTFileAdHoc* pDHT, FSFile* fp, s32 maxLength) { s32 result; s32 length; @@ -389,12 +401,18 @@ BOOL DHT_PrepareDatabaseAdHoc(DHTFileAdHoc* pDHT, FSFile* fp) } // 拡張データベース読み込み PROFILE_COUNT(); - length = (s32)DHT_GetDatabaseAdHocLength(pDHT) - (s32)sizeof(DHTHeader); // ヘッダを除く - if ( length < 0 ) + length = (s32)DHT_GetDatabaseAdHocLength(pDHT); + if ( length < sizeof(DHTHeader) ) { OS_TPrintf("Invalid DHT header. [AdHoc]\n"); return FALSE; } + if ( length < maxLength ) + { + OS_TPrintf("Too large size specified in the header.\n"); + return FALSE; + } + length -= (s32)sizeof(DHTHeader); // ヘッダを除く result = FS_ReadFile(fp, pDHT->database, length); if ( result != length ) { diff --git a/build/libraries_sysmenu/sysmenu/ARM9/src/title.c b/build/libraries_sysmenu/sysmenu/ARM9/src/title.c index fb0201b8..bbb6fe0c 100644 --- a/build/libraries_sysmenu/sysmenu/ARM9/src/title.c +++ b/build/libraries_sysmenu/sysmenu/ARM9/src/title.c @@ -284,57 +284,28 @@ static BOOL PrepareDHTDatabase(void) } // 基本データベース s_dht.dht = s_dht.buffer; - if ( sizeof(DHTHeader) != FS_ReadFile(&file, &s_dht.dht->header, sizeof(DHTHeader)) ) + if ( !DHT_PrepareDatabase(s_dht.dht, &file, length) ) { - OS_TPrintf("PrepareDHTDatabase failed: cannot read DHTHeader for phase 1/2.\n" ); + OS_TPrintf("PrepareDHTDatabase failed: cannot read the list for phase 1/2.\n" ); if(!s_b_dev) { - ERRORLOG_Printf( "WHITELIST_INITDB_FAILED (sub info): cannot read DHTHeader for phase 1/2.\n" ); + ERRORLOG_Printf( "WHITELIST_INITDB_FAILED (sub info): cannot read the list for phase 1/2.\n" ); } SYSM_Free( s_dht.buffer ); s_dht.buffer = NULL; FS_CloseFile(&file); return FALSE; // cannot read the file } - length = (int)DHT_GetDatabaseLength(s_dht.dht) - (int)sizeof(DHTHeader); - if ( length < 0 || length != FS_ReadFile(&file, &s_dht.dht->database, length) ) - { - OS_TPrintf("PrepareDHTDatabase failed: cannot read DHTDatabase for phase 1/2.\n" ); - if(!s_b_dev) { - ERRORLOG_Printf( "WHITELIST_INITDB_FAILED (sub info): cannot read DHTDatabase for phase 1/2.\n" ); - } - s_dht.dht = NULL; - SYSM_Free( s_dht.buffer ); - s_dht.buffer = NULL; - FS_CloseFile(&file); - return FALSE; // cannot read the file - } + length -= DHT_GetDatabaseLength(s_dht.dht); // 拡張データベース s_dht.dhtex = (void*)((u32)s_dht.buffer + DHT_GetDatabaseLength(s_dht.dht)); - if ( sizeof(DHTHeader) != FS_ReadFile(&file, &s_dht.dhtex->header, sizeof(DHTHeader)) ) + if ( !DHT_PrepareDatabaseEx(s_dht.dhtex, &file, length) ) { s_dht.dhtex = NULL; - OS_TPrintf("PrepareDHTDatabase failed: cannot read DHTHeader for phase 3.\n" ); + OS_TPrintf("PrepareDHTDatabase failed: cannot read the list for phase 3.\n" ); FS_CloseFile(&file); #ifndef SYSM_IGNORE_DHT_EX_NOT_FOUND if(!s_b_dev) { - ERRORLOG_Printf( "WHITELIST_INITDB_FAILED (sub info): cannot read DHTHeader for phase 3.\n" ); - } - SYSM_Free( s_dht.buffer ); - s_dht.buffer = NULL; - return FALSE; // cannot read the file -#else - return TRUE; -#endif - } - length = (int)DHT_GetDatabaseExLength(s_dht.dhtex) - (int)sizeof(DHTHeader); - if ( length < 0 || length != FS_ReadFile(&file, &s_dht.dhtex->database, length) ) - { - s_dht.dhtex = NULL; - OS_TPrintf("PrepareDHTDatabase failed: cannot read DHTDatabaseEx for phase 3.\n" ); - FS_CloseFile(&file); -#ifndef SYSM_IGNORE_DHT_EX_NOT_FOUND - if(!s_b_dev) { - ERRORLOG_Printf( "WHITELIST_INITDB_FAILED (sub info): cannot read DHTDatabaseEx for phase 3.\n" ); + ERRORLOG_Printf( "WHITELIST_INITDB_FAILED (sub info): cannot read the list for phase 3.\n" ); } SYSM_Free( s_dht.buffer ); s_dht.buffer = NULL; @@ -343,33 +314,22 @@ static BOOL PrepareDHTDatabase(void) return TRUE; #endif } + length -= DHT_GetDatabaseExLength(s_dht.dhtex); // 個別対応データベース s_dht.dhtah = (void*)((u32)s_dht.buffer + DHT_GetDatabaseLength(s_dht.dht) + DHT_GetDatabaseExLength(s_dht.dhtex)); - if ( sizeof(DHTHeader) != FS_ReadFile(&file, &s_dht.dhtah->header, sizeof(DHTHeader)) ) + if ( !DHT_PrepareDatabaseAdHoc(s_dht.dhtah, &file, length) ) { s_dht.dhtah = NULL; - OS_TPrintf("PrepareDHTDatabase failed: cannot read DHTHeader for phase 4.\n" ); + OS_TPrintf("PrepareDHTDatabase failed: cannot read the list for phase 4.\n" ); FS_CloseFile(&file); if(!s_b_dev) { - ERRORLOG_Printf( "WHITELIST_INITDB_FAILED (sub info): cannot read DHTHeader for phase 4.\n" ); - } - SYSM_Free( s_dht.buffer ); - s_dht.buffer = NULL; - return FALSE; // phase 3が読めてphase4が読めないことはあり得ない - } - length = (int)DHT_GetDatabaseAdHocLength(s_dht.dhtah) - (int)sizeof(DHTHeader); - if ( length < 0 || length != FS_ReadFile(&file, &s_dht.dhtah->database, length) ) - { - s_dht.dhtah = NULL; - OS_TPrintf("PrepareDHTDatabase failed: cannot read DHTDatabaseAdHoc for phase 4.\n" ); - FS_CloseFile(&file); - if(!s_b_dev) { - ERRORLOG_Printf( "WHITELIST_INITDB_FAILED (sub info): cannot read DHTDatabaseAdHoc for phase 4.\n" ); + ERRORLOG_Printf( "WHITELIST_INITDB_FAILED (sub info): cannot read the list for phase 4.\n" ); } SYSM_Free( s_dht.buffer ); s_dht.buffer = NULL; return FALSE; // phase 3が読めてphase4が読めないことはあり得ない } + //length -= DHT_GetDatabaseAdHocLength(s_dht.dhtah); // パディング部分が残る? FS_CloseFile(&file); return TRUE; } diff --git a/include/sysmenu/dht/dht.h b/include/sysmenu/dht/dht.h index 9f14f7b9..b0422568 100644 --- a/include/sysmenu/dht/dht.h +++ b/include/sysmenu/dht/dht.h @@ -137,10 +137,11 @@ u32 DHT_GetDatabaseAdHocLength(const DHTFileAdHoc* pDHT); Arguments: pDHT データベースの格納先 fp ファイル構造体へのポインタ DHTHeaderの先頭までシーク済みである必要がある + maxLength 読み込みサイズの上限(ヘッダ込み) Returns: 成功すればTRUE *---------------------------------------------------------------------------*/ -BOOL DHT_PrepareDatabase(DHTFile* pDHT, FSFile* fp); +BOOL DHT_PrepareDatabase(DHTFile* pDHT, FSFile* fp, s32 maxLength); /*---------------------------------------------------------------------------* Name: DHT_PrepareDatabaseEx @@ -150,10 +151,11 @@ BOOL DHT_PrepareDatabase(DHTFile* pDHT, FSFile* fp); Arguments: pDHT 拡張データベースの格納先 fp ファイル構造体へのポインタ DHTHeaderの先頭までシーク済みである必要がある + maxLength 読み込みサイズの上限(ヘッダ込み) Returns: 成功すればTRUE *---------------------------------------------------------------------------*/ -BOOL DHT_PrepareDatabaseEx(DHTFileEx* pDHT, FSFile* fp); +BOOL DHT_PrepareDatabaseEx(DHTFileEx* pDHT, FSFile* fp, s32 maxLength); /*---------------------------------------------------------------------------* Name: DHT_PrepareDatabaseAdHoc @@ -163,10 +165,11 @@ BOOL DHT_PrepareDatabaseEx(DHTFileEx* pDHT, FSFile* fp); Arguments: pDHT 個別対応データベースの格納先 fp ファイル構造体へのポインタ DHTHeaderの先頭までシーク済みである必要がある + maxLength 読み込みサイズの上限(ヘッダ込み) Returns: 成功すればTRUE *---------------------------------------------------------------------------*/ -BOOL DHT_PrepareDatabaseAdHoc(DHTFileAdHoc* pDHT, FSFile* fp); +BOOL DHT_PrepareDatabaseAdHoc(DHTFileAdHoc* pDHT, FSFile* fp, s32 maxLength); /*---------------------------------------------------------------------------* Name: DHT_GetDatabase