3DS Userland Flaws: Difference between revisions
EvilFlight (talk | contribs) |
|||
| Line 196: | Line 196: | ||
| August, 2018 | | August, 2018 | ||
| Kartik | | Kartik | ||
|- | |||
| Mononoke Forest | |||
| String Buffer Overflow via unchecked string length | |||
| The game stores plaintext profile names in the savefile. The profile names are strcpy/memcpy to different areas of the game's functions in the stack. Using a large extensive profile name, a user can overwrite some stack-registers and point to stack buffer addresses to eventually gain control of the stack to lead and form a rop-chain. | |||
| None | |||
| App: v1.0.0 | |||
| August 14, 2019 | |||
| February 8, 2019 | |||
| [[User: ChampionLeake|ChampionLeake]] and [[User: Kartik|Kartik]] | |||
|} | |} | ||