Limit size of loaded file systems #2610
Conversation
| @@ -270,6 +271,18 @@ void CFileSystemGCWii::InitFileSystem() | |||
| if (!Root.IsDirectory()) | |||
| return; | |||
|
|
|||
| if (Root.m_FileSize > 2 * 1024 * 1024) | |||
This comment was marked as off-topic.
This comment was marked as off-topic.
Sorry, something went wrong.
JosJuice
force-pushed
the
limit-filesystem-size
branch
from
0697356
to
bf664c9
Compare
| // Without this check, Dolphin may crash by trying to allocate too much memory | ||
| // when loading the filesystems of certain corrupt disc images. 12 bytes | ||
| // (the size of a file entry) times 2 * 1024 * 1024 is equal to the size of | ||
| // main GC/Wii RAM (24 MiB), and no file system should use anywhere near |
This comment was marked as off-topic.
This comment was marked as off-topic.
Sorry, something went wrong.
This comment was marked as off-topic.
This comment was marked as off-topic.
Sorry, something went wrong.
JosJuice
force-pushed
the
limit-filesystem-size
branch
from
bf664c9
to
18a94c1
Compare
| @@ -270,6 +271,19 @@ void CFileSystemGCWii::InitFileSystem() | |||
| if (!Root.IsDirectory()) | |||
| return; | |||
|
|
|||
| static const u32 ARBITRARY_FILE_SYSTEM_SIZE_LIMIT = 2 * 1024 * 1024; | |||
| if (Root.m_FileSize > ARBITRARY_FILE_SYSTEM_SIZE_LIMIT) | |||
This comment was marked as off-topic.
This comment was marked as off-topic.
Sorry, something went wrong.
This comment was marked as off-topic.
This comment was marked as off-topic.
Sorry, something went wrong.
|
Allocating >= 4GB of ram is no problem, that is what virtual memory is for. |
JosJuice
force-pushed
the
limit-filesystem-size
branch
from
18a94c1
to
6b2cb1e
Compare
|
After allocating that much memory, Dolphin will try to write to it all. If the user doesn't have enough RAM, that's at least going to be very slow. How do I check if the allocation fails? I thought exception handling was disabled in Dolphin... I've increased the limit from 24 MiB to 120 MiB. |
If a disc image is malformed in a specific way, Dolphin will try to allocate a lot of memory, making it crash. To avoid that, this change adds an artificial limit for the size of file systems that Dolphin will try to load.
JosJuice
force-pushed
the
limit-filesystem-size
branch
from
6b2cb1e
to
aaefbdc
Compare
|
I still dont think putting a limit on file size (below disc size) is a good idea. there is undoubtedly some stupid game out there that has just one giant compressed file or something.
|
|
Actually, looking closer, this is just "filesize" for Root...which is the count of entries, nothing to do with filesize. |
|
Verifying disc hashes will catch unintentionally malformed disc images but not intentionally malformed ones. Is that good enough, and will such a change be accepted in stable? Will such a change even be made in time for stable? (EDIT: Also won't catch any problems with GC discs.) The allocation happens before I can read the FST entries. I suppose it's possible to skip the No, because In short, your suggestions make sense (except for |
|
Ping @Armada651 to get this merged into stable. This will clear a blocker. |
|
@aserna3 Sure, but first get this merged into master. |
|
@Armada651 Do you mean that we should get this PR merged or that I should make a new PR for master? This PR is for stable. |
|
Oh I didn't see this was for stable, so should this be picked for master too? |
|
Sure, if you're fine with doing cherry-picks to master. You said you weren't going to do any when we were talking about #2815, but if that's changed, then go ahead. (After the PR is merged, that is) |
|
@JosJuice I'd still prefer not to. |
|
Making PRs for stable gets too messy with our release process. I've remade this PR for master: #3206 |
If a disc image is corrupt in a specific way, Dolphin will try to allocate a lot of memory, making it crash. (2d5d5fa#commitcomment-11147057)
To avoid that, this change adds an artificial limit for the size of file systems that Dolphin will try to load.