ShuriZma
/
mgba
mirror of https://github.com/mgba-emu/mgba.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Check for some invalid memory regions before performing BIOS decompression routines

This commit is contained in:
Jeffrey Pfau 2013-10-13 20:12:30 -07:00
parent 67007ee002
commit 9430040cb3
1 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/gba/gba-bios.c
View File

@ -245,6 +245,10 @@ void GBASwi16(struct ARMBoard* board, int immediate) {
break; break;
case 0x11: case 0x11:
case 0x12: case 0x12:
if (gba->cpu.gprs[0] < BASE_WORKING_RAM) {
GBALog(gba, GBA_LOG_GAME_ERROR, "Bad LZ77 source");
break;
}
switch (gba->cpu.gprs[1] >> BASE_OFFSET) { switch (gba->cpu.gprs[1] >> BASE_OFFSET) {
case REGION_WORKING_RAM: case REGION_WORKING_RAM:
_unLz77(&gba->memory, gba->cpu.gprs[0], &((uint8_t*) gba->memory.wram)[(gba->cpu.gprs[1] & (SIZE_WORKING_RAM - 1))]); _unLz77(&gba->memory, gba->cpu.gprs[0], &((uint8_t*) gba->memory.wram)[(gba->cpu.gprs[1] & (SIZE_WORKING_RAM - 1))]);
@ -256,11 +260,15 @@ void GBASwi16(struct ARMBoard* board, int immediate) {
_unLz77(&gba->memory, gba->cpu.gprs[0], &((uint8_t*) gba->video.renderer->vram)[(gba->cpu.gprs[1] & 0x0001FFFF)]); _unLz77(&gba->memory, gba->cpu.gprs[0], &((uint8_t*) gba->video.renderer->vram)[(gba->cpu.gprs[1] & 0x0001FFFF)]);
break; break;
default: default:
GBALog(gba, GBA_LOG_WARN, "Bad LZ77 destination"); GBALog(gba, GBA_LOG_GAME_ERROR, "Bad LZ77 destination");
break; break;
} }
break; break;
case 0x13: case 0x13:
if (gba->cpu.gprs[0] < BASE_WORKING_RAM) {
GBALog(gba, GBA_LOG_GAME_ERROR, "Bad Huffman source");
break;
}
switch (gba->cpu.gprs[1] >> BASE_OFFSET) { switch (gba->cpu.gprs[1] >> BASE_OFFSET) {
case REGION_WORKING_RAM: case REGION_WORKING_RAM:
_unHuffman(&gba->memory, gba->cpu.gprs[0], &((uint32_t*) gba->memory.wram)[(gba->cpu.gprs[1] & (SIZE_WORKING_RAM - 3)) >> 2]); _unHuffman(&gba->memory, gba->cpu.gprs[0], &((uint32_t*) gba->memory.wram)[(gba->cpu.gprs[1] & (SIZE_WORKING_RAM - 3)) >> 2]);
@ -272,12 +280,16 @@ void GBASwi16(struct ARMBoard* board, int immediate) {
_unHuffman(&gba->memory, gba->cpu.gprs[0], &((uint32_t*) gba->video.renderer->vram)[(gba->cpu.gprs[1] & 0x0001FFFC) >> 2]); _unHuffman(&gba->memory, gba->cpu.gprs[0], &((uint32_t*) gba->video.renderer->vram)[(gba->cpu.gprs[1] & 0x0001FFFC) >> 2]);
break; break;
default: default:
GBALog(gba, GBA_LOG_WARN, "Bad Huffman destination"); GBALog(gba, GBA_LOG_GAME_ERROR, "Bad Huffman destination");
break; break;
} }
break; break;
case 0x14: case 0x14:
case 0x15: case 0x15:
if (gba->cpu.gprs[0] < BASE_WORKING_RAM) {
GBALog(gba, GBA_LOG_GAME_ERROR, "Bad RL source");
break;
}
switch (gba->cpu.gprs[1] >> BASE_OFFSET) { switch (gba->cpu.gprs[1] >> BASE_OFFSET) {
case REGION_WORKING_RAM: case REGION_WORKING_RAM:
_unRl(&gba->memory, gba->cpu.gprs[0], &((uint8_t*) gba->memory.wram)[(gba->cpu.gprs[1] & (SIZE_WORKING_RAM - 1))]); _unRl(&gba->memory, gba->cpu.gprs[0], &((uint8_t*) gba->memory.wram)[(gba->cpu.gprs[1] & (SIZE_WORKING_RAM - 1))]);
@ -289,7 +301,7 @@ void GBASwi16(struct ARMBoard* board, int immediate) {
_unRl(&gba->memory, gba->cpu.gprs[0], &((uint8_t*) gba->video.renderer->vram)[(gba->cpu.gprs[1] & 0x0001FFFF)]); _unRl(&gba->memory, gba->cpu.gprs[0], &((uint8_t*) gba->video.renderer->vram)[(gba->cpu.gprs[1] & 0x0001FFFF)]);
break; break;
default: default:
GBALog(gba, GBA_LOG_WARN, "Bad RL destination"); GBALog(gba, GBA_LOG_GAME_ERROR, "Bad RL destination");
break; break;
} }
break; break;