3DS System Flaws: Difference between revisions
| Line 52: | Line 52: | ||
| [[9.3.0-21|9.3.0-X]] | | [[9.3.0-21|9.3.0-X]] | ||
| 2012 | | 2012 | ||
| [[User:Yellows8|Yellows8]] | |||
|- | |||
| [[Application_Manager_Services_PXI|PXIAM]] command 0x003D0108(See also [[Application_Manager_Services|this]]) | |||
| When handling this command, Process9 allocates a 0x2800-byte heap buffer, then copies the 4 FCRAM input buffers to this heap buffer without checking the sizes at all(only the buffers with non-zero sizes are copied). Starting with [[5.0.0-11|5.0.0-X]], the total combined size of the input data must be <=0x2800. | |||
| ARM9 code execution | |||
| [[5.0.0-11|5.0.0-X]] | |||
| | |||
| May 2013 | |||
| [[User:Yellows8|Yellows8]] | | [[User:Yellows8|Yellows8]] | ||
|- | |- | ||