478
edits
Changes
Jump to navigation
Jump to search
Line 1:
Line 1: − + Line 10:
Line 10: − | FIZZ − | High-scores − | None − | Savedata contains ASCII high-scores, but all the high-scores are contained in the same string without a null terminator. A vuln is unlikely. Line 32:
Line 28: + + + + + + + + + + + + + + + + + + + + + + +
Moved Fizz, added 2 dsiware.
This lists DSiWare that might have vulnerabilities, like strcpy or sprintf from savedata. If you know of DSiWare that has English-only string(high-scores, player name, etc) input, add it to this list, then mention it on IRC EFNet #dsidev. Or contact yellowstar 6 at gmail dot com.
This lists DSiWare that might have vulnerabilities, like strcpy or sprintf from savedata. If you know of DSiWare that has English-only string(high-scores, player name, high-scores that use username from system settings, etc) input, mention it on IRC EFNet #dsidev. Or contact yellowstar 6 at gmail dot com.
== List of DSiWare with incomplete analysis ==
== List of DSiWare with incomplete analysis ==
! Description
! Description
|-
|-
|}
|}
| No manual input
| No manual input
| Savedata contains ASCII high-scores from DSi username, and ASCII perks/powerups. High-scores doesn't have string bugs.
| Savedata contains ASCII high-scores from DSi username, and ASCII perks/powerups. High-scores doesn't have string bugs.
|-
| Arcade Hoops Basketball
| High-Scores, names via settings
| Has ASCII high-scores with null terminated strings, no string bugs.
|}
== List of DSiWare that probably don't have vulnerabilities ==
{| class="wikitable" border="1"
|-
! Name
! Input type(s)
! Description
|-
| FIZZ
| High-scores
| None
| Savedata contains ASCII high-scores, but all the high-scores are contained in the same string without a null terminator. A vuln is unlikely.
|-
| Photo Dojo
| Handwritten character name via stylus
| Savedata only contains .jpg files and some tiny "save"/"info" files.
|}
|}