This lists DSiWare that might have vulnerabilities, like strcpy or sprintf from savedata. If you know of DSiWare that has English-only string(high-scores, player name, high-scores that use username from system settings, etc) input, mention it on IRC EFNet #dsidev. Or contact yellowstar 6 at gmail dot com.
List of DSiWare with incomplete analysis
| Name
|
Input type(s)
|
Status
|
Description
|
| 24/7 Solitare
|
?
|
Started
|
Unknown if this has ASCII strings?
|
| Paul's Shooting Adventure
|
?
|
Started
|
Unknown if this has any input or high-scores.
|
List of DSiWare with finished analysis
| Name
|
Input type(s)
|
Description
|
| Dark Void Zero
|
High-Scores
|
No limit on length of drawn record names, no vuln with high-scores. The level var from savedata doesn't have any bounds check, this is used with array indexes. This is not exploitable since the array structs only contain char* strings and other fields.
|
| Dracula
|
No manual input
|
Savedata contains ASCII high-scores from DSi username, and ASCII perks/powerups. High-scores doesn't have string bugs.
|
| Arcade Hoops Basketball
|
High-Scores, names via settings
|
Has ASCII high-scores with null terminated strings, no string bugs.
|
List of DSiWare that probably don't have vulnerabilities
| Name
|
Input type(s)
|
Description
|
| FIZZ
|
High-scores
|
Savedata contains ASCII high-scores, but all the high-scores are contained in the same string without a null terminator. A vuln is unlikely.
|
| Photo Dojo
|
Handwritten character name via stylus
|
Savedata only contains .jpg files and some tiny "save"/"info" files.
|
| Photo Clock
|
None
|
Small savedata, no strings at all.
|
| Brain Age Express: Arts & Letters
|
None
|
No strings in savedata.
|
| Brain Age Express: Math
|
None
|
No strings in savedata.
|
| WarioWare: Snapped
|
None
|
No high-scores or string input.
|
| Gene Labs
|
None
|
Small savedata with no strings.
|