From 1ce0749a7fcf94920ddaac7a2135d45ef14b8bbe Mon Sep 17 00:00:00 2001 From: "fix94.1" Date: Wed, 4 Jul 2012 23:31:38 +0000 Subject: [PATCH] -added back banner security checks for regular game banners, only cached/custom banners wont be checked --- source/channel/banner.cpp | 15 ++++----------- source/channel/banner.h | 2 +- source/menu/menu_game.cpp | 2 +- 3 files changed, 6 insertions(+), 13 deletions(-) diff --git a/source/channel/banner.cpp b/source/channel/banner.cpp index 0de42c79..fcc6afe9 100644 --- a/source/channel/banner.cpp +++ b/source/channel/banner.cpp @@ -42,7 +42,7 @@ #define IMET_OFFSET 0x40 #define IMET_SIGNATURE 0x494d4554 -Banner::Banner(u8 *bnr, u32 bnr_size, u64 title) +Banner::Banner(u8 *bnr, u32 bnr_size, u64 title, bool custom) { this->title = title; opening = bnr; @@ -53,13 +53,10 @@ Banner::Banner(u8 *bnr, u32 bnr_size, u64 title) IMET *imet = (IMET *) opening; if (imet->sig != IMET_SIGNATURE) - { imet = (IMET *) (opening + IMET_OFFSET); - } - - if (imet->sig == IMET_SIGNATURE) + + if(imet->sig == IMET_SIGNATURE) { - /* unsigned char md5[16]; unsigned char imetmd5[16]; @@ -67,14 +64,10 @@ Banner::Banner(u8 *bnr, u32 bnr_size, u64 title) memset(imet->md5, 0, 16); MD5(md5, (unsigned char*)(imet), sizeof(IMET)); - if (memcmp(imetmd5, md5, 16) == 0) - {*/ + if(memcmp(imetmd5, md5, 16) == 0 || custom) this->imet = imet; - /*} else - { gprintf("Invalid md5, banner not valid for title %08x\n", title); - }*/ } else { diff --git a/source/channel/banner.h b/source/channel/banner.h index e35d78a7..51ce830d 100644 --- a/source/channel/banner.h +++ b/source/channel/banner.h @@ -60,7 +60,7 @@ typedef struct class Banner { public: - Banner(u8 *bnr, u32 bnr_size, u64 title = 0); + Banner(u8 *bnr, u32 bnr_size, u64 title = 0, bool custom = false); ~Banner(); bool IsValid(); diff --git a/source/menu/menu_game.cpp b/source/menu/menu_game.cpp index 9cd24272..889dcc24 100644 --- a/source/menu/menu_game.cpp +++ b/source/menu/menu_game.cpp @@ -1551,7 +1551,7 @@ void CMenu::_gameSoundThread(CMenu *m) m->m_gamesound_changed = false; u32 sndSize = 0; - Banner *banner = custom_bnr_file != NULL ? new Banner((u8 *)custom_bnr_file, custom_bnr_size) : + Banner *banner = custom_bnr_file != NULL ? new Banner((u8 *)custom_bnr_file, custom_bnr_size, 0, true) : (m->m_gameSoundHdr->type == TYPE_WII_GAME ? _extractBnr(m->m_gameSoundHdr) : (m->m_gameSoundHdr->type == TYPE_CHANNEL ? _extractChannelBnr(TITLE_ID(m->m_gameSoundHdr->settings[0],m->m_gameSoundHdr->settings[1])) : NULL)); m->m_gameSoundHdr = NULL;