3dbrew

Changes

3DS System Flaws (edit)

Revision as of 21:02, 11 July 2014

498 bytes added ,  21:02, 11 July 2014
→‎ARM11 kernel
Line 30: Line 30:  
!  Description
 
!  Description
 
!  Fixed in system version
 
!  Fixed in system version
 +
|-
 +
|  [[SVC]] table too small
 +
|  The table of function pointers for SVC's only contains entries up to 0x7D, but the biggest allowed SVC for the table is 0x7F. Thus, executing svc7E or svc7F would make the SVC-handler read after the buffer, and interpret some ARM instructions as function pointers.
 +
 +
However this would require patching the kernel .text or modifying SVC-access-control. Even if you could get these to execute, they would still jump to memory that isn't mapped as executable.
 +
|  None
 
|-
 
|-
 
|  [[SVC|svcBackdoor (0x7B)]]
 
|  [[SVC|svcBackdoor (0x7B)]]
Retrieved from "https://www.3dbrew.org/wiki/Special:MobileDiff/9275"