Difference between revisions of "DSiWare VulnList"
Jump to navigation
Jump to search
| Line 9: | Line 9: | ||
! Status | ! Status | ||
! Description | ! Description | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
|- | |- | ||
| Paul's Shooting Adventure | | Paul's Shooting Adventure | ||
| Line 41: | Line 36: | ||
| High-Scores, names via settings | | High-Scores, names via settings | ||
| Has ASCII high-scores with null terminated strings, no string bugs. | | Has ASCII high-scores with null terminated strings, no string bugs. | ||
| + | |- | ||
| + | | 24/7 Solitaire | ||
| + | | None | ||
| + | | No high-scores or string input. | ||
|} | |} | ||
Revision as of 05:18, 13 November 2010
This lists DSiWare that might have vulnerabilities, like strcpy or sprintf from savedata. If you know of DSiWare that has English-only string(high-scores, player name, high-scores that use username from system settings, etc) input, mention it on IRC EFNet #dsidev. Or contact yellowstar 6 at gmail dot com.
List of DSiWare with incomplete analysis
| Name | Input type(s) | Status | Description |
|---|---|---|---|
| Paul's Shooting Adventure | ? | Started | Unknown if this has any input or high-scores. |
List of DSiWare with finished analysis
| Name | Input type(s) | Description |
|---|---|---|
| Dark Void Zero | High-Scores | No limit on length of drawn record names, no vuln with high-scores. The level var from savedata doesn't have any bounds check, this is used with array indexes. This is not exploitable since the array structs only contain char* strings and other fields. |
| Dracula | No manual input | Savedata contains ASCII high-scores from DSi username, and ASCII perks/powerups. High-scores doesn't have string bugs. |
| Arcade Hoops Basketball | High-Scores, names via settings | Has ASCII high-scores with null terminated strings, no string bugs. |
| 24/7 Solitaire | None | No high-scores or string input. |
List of DSiWare that probably don't have vulnerabilities
| Name | Input type(s) | Description |
|---|---|---|
| FIZZ | High-scores | Savedata contains ASCII high-scores, but all the high-scores are contained in the same string without a null terminator. A vuln is unlikely. |
| Photo Dojo | Handwritten character name via stylus | Savedata only contains .jpg files and some tiny "save"/"info" files. |
| Photo Clock | None | Small savedata, no strings at all. |
| Brain Age Express: Arts & Letters | None | No strings in savedata. |
| Brain Age Express: Math | None | No strings in savedata. |
| WarioWare: Snapped | None | No high-scores or string input. |
| Gene Labs | None | Small savedata with no strings. |