Changes

Jump to navigation Jump to search

3DS Userland Flaws (edit)

Revision as of 18:56, 29 May 2017

517 bytes added ,  18:56, 29 May 2017
Pokemon Picross
Line 142: Line 142:  
| February, 2017
 
| February, 2017
 
| [[User:Nba_Yoh|MrNbaYoh]]
 
| [[User:Nba_Yoh|MrNbaYoh]]
 
+
|-
 +
| Pokemon Picross
 +
| Arbitrary memcpy via unchecked size
 +
| When reading the savefile, the game handles some lists of buffers that are copied to memory. These buffers should always be 0x14-bytes long but the game uses the size provided in the savefile to copy them. These buffers are copied in some structs and thus with a big enough length value, one can overwrite the next struct which contains a size and a destination address for a memcpy.
 +
| None?
 +
| App: ?
 +
| May 29, 2017
 +
| June, 2016
 +
| [[User:Nba_Yoh|MrNbaYoh]]
 
|}
 
|}
  
Nba Yoh
28

edits

Retrieved from "https://www.3dbrew.org/wiki/Special:MobileDiff/20051"

Navigation menu