4,620
edits
Changes
Jump to navigation
Jump to search
Line 522:
Line 522: − With [10.1.0+] each of these cmds will now Abort if the s32 is negative or >=5.+ − +
→System Modules
| [[HID_services#hid:sys|hid:sys]] ButtonConfig s32 array-index not validated
| [[HID_services#hid:sys|hid:sys]] ButtonConfig s32 array-index not validated
| The input s32 array-index for [[HID_services#hid:sys|hid:sys]] ButtonConfig cmds 1255-1270 was originally not validated. Using a negative or >=5 index results in accessing out-of-bounds data, with an array stored on stack.
| The input s32 array-index for [[HID_services#hid:sys|hid:sys]] ButtonConfig cmds 1255-1270 was originally not validated. Using a negative or >=5 index results in accessing out-of-bounds data, with an array stored on stack.
[10.1.0-10.2.0] Each of these cmds will now Abort if the s32 is negative or >=5. [11.0.0+] Now an unsigned compare is used, with 0 or an error being immediately returned when the value is invalid.
| hid infoleak, out-of-bounds mem-write anywhere in hid address-space relative to the stack array (with constraints on the data).
| hid infoleak, out-of-bounds mem-write anywhere in hid address-space relative to the stack array (with constraints on the data).
| [[10.1.0]]
| [[10.1.0]]
| [[10.1.0]]
| [[11.0.1]]
| April 18, 2020
| April 18, 2020
| July 14, 2020
| July 14, 2020