From b6867602ca5accf84b5e1f9d4895b232c9448816 Mon Sep 17 00:00:00 2001
From: Lioncash <mathew1800@gmail.com>
Date: Mon, 17 Sep 2018 18:49:51 -0400
Subject: [PATCH] kernel/svc: Handle error cases for svcArbitrateLock() and
 svcArbitrateUnlock()

The kernel does the equivalent of the following check before proceeding:

if (address + 0x8000000000 < 0x7FFFE00000) {
    return ERR_INVALID_MEMORY_STATE;
}

which is essentially what our IsKernelVirtualAddress() function does. So
we should also be checking for this.

The kernel also checks if the given input addresses are 4-byte aligned,
however our Mutex::TryAcquire() and Mutex::Release() functions already
handle this, so we don't need to add code for this case.
---
 src/core/hle/kernel/svc.cpp | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/core/hle/kernel/svc.cpp b/src/core/hle/kernel/svc.cpp
index c5c1697ee..371fc439e 100644
--- a/src/core/hle/kernel/svc.cpp
+++ b/src/core/hle/kernel/svc.cpp
@@ -280,6 +280,10 @@ static ResultCode ArbitrateLock(Handle holding_thread_handle, VAddr mutex_addr,
               "requesting_current_thread_handle=0x{:08X}",
               holding_thread_handle, mutex_addr, requesting_thread_handle);
 
+    if (Memory::IsKernelVirtualAddress(mutex_addr)) {
+        return ERR_INVALID_ADDRESS_STATE;
+    }
+
     auto& handle_table = Core::System::GetInstance().Kernel().HandleTable();
     return Mutex::TryAcquire(handle_table, mutex_addr, holding_thread_handle,
                              requesting_thread_handle);
@@ -289,6 +293,10 @@ static ResultCode ArbitrateLock(Handle holding_thread_handle, VAddr mutex_addr,
 static ResultCode ArbitrateUnlock(VAddr mutex_addr) {
     LOG_TRACE(Kernel_SVC, "called mutex_addr=0x{:X}", mutex_addr);
 
+    if (Memory::IsKernelVirtualAddress(mutex_addr)) {
+        return ERR_INVALID_ADDRESS_STATE;
+    }
+
     return Mutex::Release(mutex_addr);
 }