Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Buffer overflow in loader.c #14

Closed
prodigysml opened this issue Mar 2, 2018 · 2 comments

Comments

@prodigysml
Copy link

commented Mar 2, 2018

There is a buffer overflow vulnerability in the loader.c file. This is in regards to both the s variable and the partition variable.

The partition variable contains argv[1] which is user controlled as displayed below:

strcpy(partition, argv[1]);

This variable has a size of 128 characters, making it simple to overflow:

static char partition[128];

Running with argv[1] = A * 400 (400 A's) will make the application crash. This weakness may be used to change the intended execution flow of the program.

@sp193

This comment has been minimized.

Copy link
Collaborator

commented Mar 6, 2018

Thanks for the information. This program is very old and we may be changing the design to allow the proper passing of HDD-based paths, which will mean that the affected part will be likely changed.

On the bright side, there is probably no reason for anybody to attack homebrew PlayStation 2 software.

@sp193

This comment has been minimized.

Copy link
Collaborator

commented Jun 18, 2018

The ELF loader has been reworked in commit 459c53c and the vulnerable code no longer exists there.

@sp193 sp193 closed this Jun 18, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.