Update v1.4

Makefile

@@ -33,7 +33,7 @@ ASFLAGS  = $(CFLAGS)
 all: $(TARGET).vpk
 
 %.vpk: eboot.bin
-	vita-mksfoex -d PARENTAL_LEVEL=1 -s APP_VER=01.31 -s TITLE_ID=$(TITLE_ID) "$(TARGET)" param.sfo
+	vita-mksfoex -d PARENTAL_LEVEL=1 -s APP_VER=01.40 -s TITLE_ID=$(TITLE_ID) "$(TARGET)" param.sfo
 	vita-pack-vpk -s param.sfo -b eboot.bin \
 		--add pkg/sce_sys/icon0.png=sce_sys/icon0.png \
 		--add pkg/sce_sys/livearea/contents/bg.png=sce_sys/livearea/contents/bg.png \

README.md

@@ -95,10 +95,11 @@ Be sure you pull request your customized design or language file there.
 * sakya for Lightmp3
 * Everybody who contributed on vitasdk
 
-### Changelog X.XX ###
+### Changelog 1.4 ###
 - Added group RW permissions on files and folders when moving.
   Safe homebrews like RetroArch will now recognize files and folders
   that you have moved from 'ux0:video'.
+- Added scanning for dangerous functions in packages.
 - Added possibility to choose compression level.
 - Fixed time information in zip archives.
 

archive.c

@@ -50,13 +50,6 @@ int archiveCheckFilesForUnsafeFself() {
 				char sce_header[0x84];
 				archiveFileRead(ARCHIVE_FD, sce_header, sizeof(sce_header));
 
-				// Check authid flag
-				uint64_t authid = *(uint64_t *)(sce_header + 0x7C);
-				if (authid == 0x2F00000000000001 || authid == 0x2F00000000000003) {
-					archiveFileClose(ARCHIVE_FD);
-					return 1; // Unsafe
-				}
-
 				// Until here we have read 0x88 bytes
 				// ELF header starts at header_len, so let's seek to there
 				uint64_t header_len = *(uint64_t *)(sce_header + 0xC);
@@ -76,9 +69,16 @@ int archiveCheckFilesForUnsafeFself() {
 
 					if (unsafe) {
 						archiveFileClose(ARCHIVE_FD);
-						return 1; // Unsafe
+						return unsafe;
 					}
 				}
+
+				// Check authid flag
+				uint64_t authid = *(uint64_t *)(sce_header + 0x7C);
+				if (authid == 0x2F00000000000001 || authid == 0x2F00000000000003) {
+					archiveFileClose(ARCHIVE_FD);
+					return 1; // Unsafe
+				}
 			}
 
 			archiveFileClose(ARCHIVE_FD);

archive.h

@@ -38,4 +38,6 @@ int ReadArchiveFile(char *file, void *buf, int size);
 int archiveClose();
 int archiveOpen(char *file);
 
+int archiveCheckFilesForUnsafeFself();
+
 #endif

elf.c

@@ -91,19 +91,38 @@ int checkForUnsafeImports(void *buffer) {
 
 	SceModuleInfo *mod_info = (SceModuleInfo *)(text_addr + offset);
 
+	int has_dangerous_nids = 0;
+	int has_unsafe_libraries = 0;
+
 	uint32_t i = mod_info->impTop;
 	while (i < mod_info->impBtm) {
 		SceImportsTable3xx import;
 		convertToImportsTable3xx((void *)text_addr + i, &import);
 
 		char *libname = (char *)(text_addr + import.lib_name - phdr[segment].p_vaddr);
-
-		if (strcmp(libname, "ScePromoterUtil") == 0 || strcmp(libname, "SceShellSvc") == 0) {
-			return 1; // Unsafe
+		uint32_t *func_nid_table = (uint32_t *)(text_addr + import.func_nid_table - phdr[segment].p_vaddr);
+
+		if (strcmp(libname, "SceVshBridge") == 0) {
+			int j;
+			for (j = 0; j < import.num_functions; j++) {
+				// Check for dangerous _vshIoMount/vshIoUmount
+				if (func_nid_table[j] == 0x3C522C35 || func_nid_table[j] == 0x35BC26AC) {
+					has_dangerous_nids = 1;
+					break;
+				}
+			}
+		} else if (strcmp(libname, "ScePromoterUtil") == 0 || strcmp(libname, "SceShellSvc") == 0) {
+			has_unsafe_libraries = 1;
 		}
 
 		i += import.size;
 	}
 
+	if (has_dangerous_nids)
+		return 2; // Really not safe bro
+
+	if (has_unsafe_libraries)
+		return 1; // Unsafe, but won't kill you
+
 	return 0; // Safe
 }

language.c

@@ -135,6 +135,7 @@ void loadLanguage(int id) {
 		LANGUAGE_ENTRY(INSTALL_FOLDER_QUESTION),
 		LANGUAGE_ENTRY(INSTALL_QUESTION),
 		LANGUAGE_ENTRY(INSTALL_WARNING),
+		LANGUAGE_ENTRY(INSTALL_BRICK_WARNING),
 		LANGUAGE_ENTRY(HASH_FILE_QUESTION),
 
 		// Others

language.h

@@ -93,6 +93,7 @@ enum LanguageContainer {
 	INSTALL_FOLDER_QUESTION,
 	INSTALL_QUESTION,
 	INSTALL_WARNING,
+	INSTALL_BRICK_WARNING,
 	HASH_FILE_QUESTION,
 
 	// Others

main.h

@@ -69,7 +69,7 @@
 
 // VitaShell version major.minor
 #define VITASHELL_VERSION_MAJOR 0x01
-#define VITASHELL_VERSION_MINOR 0x31
+#define VITASHELL_VERSION_MINOR 0x40
 
 #define VITASHELL_VERSION ((VITASHELL_VERSION_MAJOR << 0x18) | (VITASHELL_VERSION_MINOR << 0x10))
 

package_installer.c

@@ -468,10 +468,11 @@ int install_thread(SceSize args_size, InstallArguments *args) {
 		}
 
 		// Team molecule's request: Full permission access warning
-		if (archiveCheckFilesForUnsafeFself()) {
+		int unsafe = archiveCheckFilesForUnsafeFself(); // 0: Safe, 1: Unsafe, 2: Dangerous
+		if (unsafe) {
 			closeWaitDialog();
 
-			initMessageDialog(SCE_MSG_DIALOG_BUTTON_TYPE_YESNO, language_container[INSTALL_WARNING]);
+			initMessageDialog(SCE_MSG_DIALOG_BUTTON_TYPE_YESNO, language_container[unsafe == 2 ? INSTALL_BRICK_WARNING : INSTALL_WARNING]);
 			dialog_step = DIALOG_STEP_INSTALL_WARNING;
 
 			// Wait for response

resources/changeinfo.txt

@@ -177,4 +177,14 @@
 - Touching the screen on dialogs would abort the process, fixed.<br>
     ]]>
   </changes>
+   <changes app_ver="01.40">
+    <![CDATA[
+- Added group RW permissions on files and folders when moving.<br>
+  Safe homebrews like RetroArch will now recognize files and folders<br>
+  that you have moved from 'ux0:video'.<br>
+- Added scanning for dangerous functions in packages.<br>
+- Added possibility to choose compression level.<br>
+- Fixed time information in zip archives.<br>
+    ]]>
+  </changes>
 </changeinfo>

resources/english_us.txt

@@ -73,6 +73,7 @@ INSTALL_ALL_QUESTION                 = "Do you want to install all packages avai
 INSTALL_FOLDER_QUESTION              = "Do you want to install this folder?\Warning: this action will also delete\the folder after installation!"
 INSTALL_QUESTION                     = "Do you want to install this package?"
 INSTALL_WARNING                      = "This package requests extended permissions.\It will have access to your personal information.\If you did not obtain it from a trusted source,\please proceed at your own caution.\\Would you like to continue the install?"
+INSTALL_BRICK_WARNING                = "This package uses functions that remounts\partitions and can potentially brick your device.\If you did not obtain it from a trusted source,\please proceed at your own caution.\\Would you like to continue the install?"
 HASH_FILE_QUESTION                   = "SHA1 hashing may take a long time. Continue?"
 
 # Others