DSiBrew

DSiWare VulnList: Difference between revisions

← Older editNewer edit →
No edit summary
Line 9: Line 9:
! Status
! Status
!  Description
!  Description
|-
|  Dracula
|  No manual input
|  Started, checksum broken
|  Savedata contains ASCII high-scores from DSi username, and ASCII perks/powerups.  High-scores doesn't have string bugs.
|-
|-
|  FIZZ
|  FIZZ
Line 33: Line 28:
| High-Scores
| High-Scores
| No limit on length of drawn record names, no vuln with high-scores. The level var from savedata doesn't have any bounds check, this is used with array indexes. This is not exploitable since the array structs only contain char* strings and other fields.
| No limit on length of drawn record names, no vuln with high-scores. The level var from savedata doesn't have any bounds check, this is used with array indexes. This is not exploitable since the array structs only contain char* strings and other fields.
|-
|  Dracula
|  No manual input
|  Savedata contains ASCII high-scores from DSi username, and ASCII perks/powerups.  High-scores doesn't have string bugs.
|}
|}
Retrieved from "https://dsibrew.org/wiki/DSiWare_VulnList"