From e9ab9f51fc38596890df07411ebb357e209d174c Mon Sep 17 00:00:00 2001 From: Fabian Schaffert Date: Sun, 16 Nov 2014 20:48:22 +0100 Subject: [PATCH] Fixes segfaults for sys_event_flag_(create/get) Neither sys_event_flag_create() nor sys_event_flag_get() checked for NULL pointers in their arguments, which caused the corresponding test from ps3autotests to segfault. --- rpcs3/Emu/SysCalls/lv2/sys_event_flag.cpp | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/rpcs3/Emu/SysCalls/lv2/sys_event_flag.cpp b/rpcs3/Emu/SysCalls/lv2/sys_event_flag.cpp index 244d19cec4..336c88c4bb 100644 --- a/rpcs3/Emu/SysCalls/lv2/sys_event_flag.cpp +++ b/rpcs3/Emu/SysCalls/lv2/sys_event_flag.cpp @@ -42,6 +42,18 @@ s32 sys_event_flag_create(vm::ptr eflag_id, vm::ptr at sys_event_flag.Warning("sys_event_flag_create(eflag_id_addr=0x%x, attr_addr=0x%x, init=0x%llx)", eflag_id.addr(), attr.addr(), init); + if (eflag_id.addr() == NULL) + { + sys_event_flag.Error("sys_event_flag_create(): invalid memory access (eflag_id_addr=0x%x)", eflag_id.addr()); + return CELL_EFAULT; + } + + if (attr.addr() == NULL) + { + sys_event_flag.Error("sys_event_flag_create(): invalid memory access (attr_addr=0x%x)", attr.addr()); + return CELL_EFAULT; + } + switch (attr->protocol.ToBE()) { case se32(SYS_SYNC_PRIORITY): break; @@ -358,6 +370,12 @@ s32 sys_event_flag_get(u32 eflag_id, vm::ptr flags) { sys_event_flag.Log("sys_event_flag_get(eflag_id=%d, flags_addr=0x%x)", eflag_id, flags.addr()); + if (flags.addr() == NULL) + { + sys_event_flag.Error("sys_event_flag_create(): invalid memory access (flags_addr=0x%x)", flags.addr()); + return CELL_EFAULT; + } + EventFlag* ef; if (!sys_event_flag.CheckId(eflag_id, ef)) return CELL_ESRCH;