Ryujinx/Ryujinx.HLE/HOS/Services/Fs/FileSystemProxy/IStorage.cs
gdkchan 60e16c15b6
Fix memory corruption in BCAT and FS Read methods when buffer is larger than needed (#3739)
* Fix memory corruption in FS Read methods when buffer is larger than needed

* PR feedback

* nit: Don't move this around
2022-10-04 20:12:54 -03:00

65 lines
1.9 KiB
C#

using LibHac;
using LibHac.Common;
using LibHac.Sf;
using Ryujinx.HLE.HOS.Ipc;
namespace Ryujinx.HLE.HOS.Services.Fs.FileSystemProxy
{
class IStorage : DisposableIpcService
{
private SharedRef<LibHac.FsSrv.Sf.IStorage> _baseStorage;
public IStorage(ref SharedRef<LibHac.FsSrv.Sf.IStorage> baseStorage)
{
_baseStorage = SharedRef<LibHac.FsSrv.Sf.IStorage>.CreateMove(ref baseStorage);
}
[CommandHipc(0)]
// Read(u64 offset, u64 length) -> buffer<u8, 0x46, 0> buffer
public ResultCode Read(ServiceCtx context)
{
ulong offset = context.RequestData.ReadUInt64();
ulong size = context.RequestData.ReadUInt64();
if (context.Request.ReceiveBuff.Count > 0)
{
ulong bufferAddress = context.Request.ReceiveBuff[0].Position;
ulong bufferLen = context.Request.ReceiveBuff[0].Size;
// Use smaller length to avoid overflows.
if (size > bufferLen)
{
size = bufferLen;
}
using (var region = context.Memory.GetWritableRegion(bufferAddress, (int)bufferLen, true))
{
Result result = _baseStorage.Get.Read((long)offset, new OutBuffer(region.Memory.Span), (long)size);
return (ResultCode)result.Value;
}
}
return ResultCode.Success;
}
[CommandHipc(4)]
// GetSize() -> u64 size
public ResultCode GetSize(ServiceCtx context)
{
Result result = _baseStorage.Get.GetSize(out long size);
context.ResponseData.Write(size);
return (ResultCode)result.Value;
}
protected override void Dispose(bool isDisposing)
{
if (isDisposing)
{
_baseStorage.Destroy();
}
}
}
}