Project

General

Profile

Actions
Copy link

Emulator Issues #13506

closed

Emulated software can cause out-of-bounds reads and writes from/to Dolphin internal data structures by reading from/writing to SRAM.

Added by ElectrifiedStrawberry about 2 months ago. Updated about 2 months ago.

Status:
Fixed
Priority:
High
Assignee:
-
% Done:

0%

Operating system:
N/A
Issue type:
Bug
Milestone:
Regression:
No
Relates to usability:
No
Relates to performance:
No
Easy:
No
Relates to maintainability:
No
Regression start:
Fixed in:
5.0-21264

Description

Game Name/ID/MD5 Hash?

N/A.

What's the problem? Describe what went wrong.

An out-of-bounds read/write (overwriting part of the Impl data structure) can cause at least a crash in Dolphin from emulated software.

What steps will reproduce the problem?

Attempt to write more than 0x68 bytes to SRAM. Data structures in Dolphin will be clobbered because bounds checking isn't performed.

Is the issue present in the latest development version? For future reference, please also write down the version number of the latest development version.

Yes. 3342. I think?

Is the issue present in the latest stable version?

Almost certainly? It looks like the issue is probably years old.

What are your PC specifications? (CPU, GPU, Operating System, more)

Windows 10, although it doesn't seem to be specific to any operating system.

Is there anything else that can help developers narrow down the issue? (e.g. logs, screenshots,
configuration files, savefiles, savestates)

The check @ EXI_DevieIPL.cpp (L349) is not enough; the IN_RANGE macro is only updated when the command changes.

Actions
Copy link

Also available in: Atom PDF