core: reduce TOCTTOU memory access

2025-06-11 08:57:56 -05:00 · 2023-07-14 22:32:24 -04:00
parent d144168442
commit 9f3f615e05
3 changed files with 11 additions and 20 deletions
--- a/src/core/hle/kernel/svc/svc_ipc.cpp
+++ b/src/core/hle/kernel/svc/svc_ipc.cpp
@ -8,6 +8,7 @@
 #include "core/hle/kernel/k_process.h"
 #include "core/hle/kernel/k_server_session.h"
 #include "core/hle/kernel/svc.h"
+#include "core/hle/kernel/svc_results.h"

 namespace Kernel::Svc {

@ -49,14 +50,10 @@ Result ReplyAndReceive(Core::System& system, s32* out_index, uint64_t handles_ad

    // Copy user handles.
    if (num_handles > 0) {
-        // Ensure we can try to get the handles.
-        R_UNLESS(GetCurrentMemory(kernel).IsValidVirtualAddressRange(
-                     handles_addr, static_cast<u64>(sizeof(Handle) * num_handles)),
-                 ResultInvalidPointer);
-
        // Get the handles.
-        GetCurrentMemory(kernel).ReadBlock(handles_addr, handles.data(),
-                                           sizeof(Handle) * num_handles);
+        R_UNLESS(GetCurrentMemory(kernel).ReadBlock(handles_addr, handles.data(),
+                                                    sizeof(Handle) * num_handles),
+                 ResultInvalidPointer);

        // Convert the handles to objects.
        R_UNLESS(handle_table.GetMultipleObjects<KSynchronizationObject>(
--- a/src/core/hle/kernel/svc/svc_synchronization.cpp
+++ b/src/core/hle/kernel/svc/svc_synchronization.cpp
@ -7,6 +7,7 @@
 #include "core/hle/kernel/k_process.h"
 #include "core/hle/kernel/k_readable_event.h"
 #include "core/hle/kernel/svc.h"
+#include "core/hle/kernel/svc_results.h"

 namespace Kernel::Svc {

@ -64,14 +65,10 @@ Result WaitSynchronization(Core::System& system, int32_t* out_index, u64 user_ha

    // Copy user handles.
    if (num_handles > 0) {
-        // Ensure we can try to get the handles.
-        R_UNLESS(GetCurrentMemory(kernel).IsValidVirtualAddressRange(
-                     user_handles, static_cast<u64>(sizeof(Handle) * num_handles)),
-                 ResultInvalidPointer);
-
        // Get the handles.
-        GetCurrentMemory(kernel).ReadBlock(user_handles, handles.data(),
-                                           sizeof(Handle) * num_handles);
+        R_UNLESS(GetCurrentMemory(kernel).ReadBlock(user_handles, handles.data(),
+                                                    sizeof(Handle) * num_handles),
+                 ResultInvalidPointer);

        // Convert the handles to objects.
        R_UNLESS(handle_table.GetMultipleObjects<KSynchronizationObject>(