Difference between revisions of "DSi system flaws"
Jump to navigation
Jump to search
Hallowizer (talk | contribs) (Overlay bug) |
Hallowizer (talk | contribs) m (→Nintendo SDK: typo) |
||
| Line 18: | Line 18: | ||
== Nintendo SDK == | == Nintendo SDK == | ||
| − | Note that this refers to the common code in every game, NOT any leaked contents. Please keep leaked contents off this | + | Note that this refers to the common code in every game, NOT any leaked contents. Please keep leaked contents off this wiki. |
{| class="wikitable sortable" border="1" | {| class="wikitable sortable" border="1" | ||
Revision as of 23:12, 18 August 2021
boot1
| Summary | Description | Successful exploitation result | Fixed in boot1 version | Discovered | Discovered by |
|---|---|---|---|---|---|
| Poor System Menu TMD size check | boot1 loads the System Menu's TMD for verification and loading, and it attempts to check the size. However, instead of checking if size > capacity, it checks if size > size, which is always false, resulting in a buffer overflow.
|
Code execution under boot1 | Unfixed | August 2017 | Nocash |
Nintendo SDK
Note that this refers to the common code in every game, NOT any leaked contents. Please keep leaked contents off this wiki.
| Summary | Description | Successful exploitation result | Discovered | Discovered by |
|---|---|---|---|---|
| Overlays are not verified when they are loaded. | While the System Menu checks all cartridge overlays to prevent unauthorized software, no such check exists when the overlays are actually loaded. By changing the overlay after it is checked, it is possible to run arbitrary code. | Code execution under any cart game with overlays. | January 2010 | Datel, blasty (by reverse engineering Action Replay) |