This lists DSiWare that might have vulnerabilities, like strcpy or sprintf from savedata. If you know of DSiWare that has English-only string(high-scores, player name, etc) input, add it to this list, then mention it on IRC EFNet #dsidev. Or contact yellowstar 6 at gmail dot com.
List of DSiWare with incomplete analysis
| Name
|
Input type(s)
|
Status
|
Description
|
| FIZZ
|
High-scores
|
None
|
Savedata contains ASCII high-scores, but all the high-scores are contained in the same string without a null terminator. A vuln is unlikely.
|
List of DSiWare with finished analysis
| Name
|
Input type(s)
|
Description
|
| Dark Void Zero
|
High-Scores
|
No limit on length of drawn record names, no vuln with high-scores. The level var from savedata doesn't have any bounds check, this is used with array indexes. This is not exploitable since the array structs only contain char* strings and other fields.
|
| Dracula
|
No manual input
|
Savedata contains ASCII high-scores from DSi username, and ASCII perks/powerups. High-scores doesn't have string bugs.
|