From d50bcb650f86f6ff2d9bb1a346ad21375a824f1f Mon Sep 17 00:00:00 2001 From: ITotalJustice <47043333+ITotalJustice@users.noreply.github.com> Date: Wed, 21 May 2025 17:29:18 +0100 Subject: [PATCH] fix crash if nro has corrupted asset entry, bump version for new release 0.10.2 -> 0.10.3 the nro that caused this was ClkrstQuery.nro fixes #141 --- sphaira/CMakeLists.txt | 2 +- sphaira/source/nro.cpp | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/sphaira/CMakeLists.txt b/sphaira/CMakeLists.txt index 2f43ef2..553f2ff 100644 --- a/sphaira/CMakeLists.txt +++ b/sphaira/CMakeLists.txt @@ -1,6 +1,6 @@ cmake_minimum_required(VERSION 3.13) -set(sphaira_VERSION 0.10.2) +set(sphaira_VERSION 0.10.3) project(sphaira VERSION ${sphaira_VERSION} diff --git a/sphaira/source/nro.cpp b/sphaira/source/nro.cpp index 1cd53f9..6833d1a 100644 --- a/sphaira/source/nro.cpp +++ b/sphaira/source/nro.cpp @@ -57,6 +57,7 @@ auto nro_parse_internal(fs::FsNative& fs, const fs::FsPath& path, NroEntry& entr // some .nro (vgedit) have bad nacp, fake the nacp if (asset.magic != NROASSETHEADER_MAGIC || asset.nacp.offset == 0 || asset.nacp.size != sizeof(entry.nacp)) { + std::memset(&asset, 0, sizeof(asset)); std::memset(&entry.nacp, 0, sizeof(entry.nacp)); // get the name without the .nro @@ -157,6 +158,11 @@ auto nro_scan_internal(const fs::FsPath& path, std::vector& nros, bool } auto nro_get_icon_internal(FsFile* f, u64 size, u64 offset) -> std::vector { + // protect again really messed up sizes. + if (size > 1024 * 1024) { + return {}; + } + std::vector icon; u64 bytes_read{}; icon.resize(size);