Rosalie241
commented
1 month ago RMG just uses upstream mupen64plus-core.
Closed bkimmett closed 1 month ago
Rosalie241
commented
1 month ago RMG just uses upstream mupen64plus-core.
Recently, ParaLLeL launcher has fixed a bug in its version of its RSP code that allowed N64 code to potentially escape the emulator and perform ACE on the user's computer (see https://www.twitch.tv/videos/2147408942?t=12257s for an example of this escape in action).
The fix is here: https://gitlab.com/parallel-launcher/parallel-n64/-/commit/fa9e2e08b0c6cde117cb05cc071cdb74a9e90ad2#06a9a5c035040370b6d9d811526d9586179b3176
The equivalent code in RMG's version of the Mupen core, https://github.com/Rosalie241/RMG/blob/7d9b6175f568cb33104f08b52e22c85eac24f870/Source/3rdParty/mupen64plus-core/src/device/rcp/rsp/rsp_core.c#L59 and https://github.com/Rosalie241/RMG/blob/7d9b6175f568cb33104f08b52e22c85eac24f870/Source/3rdParty/mupen64plus-core/src/device/rcp/rsp/rsp_core.c#L78, appears to also be vulnerable to this.
I strongly recommend fixing this as soon as possible.