From e16cd7d9d9382daee59b3038d32da333e7bc04f4 Mon Sep 17 00:00:00 2001
From: "Unknown W. Brackets" <checkins@unknownbrackets.org>
Date: Wed, 5 Jun 2013 23:04:42 -0700
Subject: [PATCH] Validate params in sceKernelChangeThreadPriority().

---
 Core/HLE/sceKernel.cpp       |  2 +-
 Core/HLE/sceKernelThread.cpp | 38 ++++++++++++++++++++++++------------
 Core/HLE/sceKernelThread.h   |  2 +-
 3 files changed, 28 insertions(+), 14 deletions(-)

diff --git a/Core/HLE/sceKernel.cpp b/Core/HLE/sceKernel.cpp
index b673228d53..9315c60621 100644
--- a/Core/HLE/sceKernel.cpp
+++ b/Core/HLE/sceKernel.cpp
@@ -679,7 +679,7 @@ const HLEFunction ThreadManForUser[] =
 	{0xFCCFAD26,WrapI_I<sceKernelCancelWakeupThread>,"sceKernelCancelWakeupThread"},
 	{0x1AF94D03,0,"sceKernelDonateWakeupThread"},
 	{0xea748e31,sceKernelChangeCurrentThreadAttr,"sceKernelChangeCurrentThreadAttr"},
-	{0x71bc9871,sceKernelChangeThreadPriority,"sceKernelChangeThreadPriority"},
+	{0x71bc9871,WrapI_II<sceKernelChangeThreadPriority>,"sceKernelChangeThreadPriority"},
 	{0x446D8DE6,WrapI_CUUIUU<sceKernelCreateThread>,"sceKernelCreateThread"},
 	{0x9fa03cd3,WrapI_I<sceKernelDeleteThread>,"sceKernelDeleteThread"},
 	{0xBD123D9E,sceKernelDelaySysClockThread,"sceKernelDelaySysClockThread"},
diff --git a/Core/HLE/sceKernelThread.cpp b/Core/HLE/sceKernelThread.cpp
index 136c994c19..a248e3c8b1 100644
--- a/Core/HLE/sceKernelThread.cpp
+++ b/Core/HLE/sceKernelThread.cpp
@@ -2258,32 +2258,46 @@ void sceKernelChangeCurrentThreadAttr()
 	RETURN(0);
 }
 
-void sceKernelChangeThreadPriority()
+int sceKernelChangeThreadPriority(SceUID threadID, int priority)
 {
-	int id = PARAM(0);
-	if (id == 0) id = currentThread; //special
+	if (threadID == 0)
+		threadID = currentThread;
+	if (priority == 0)
+	{
+		Thread *cur = __GetCurrentThread();
+		if (!cur)
+			ERROR_LOG_REPORT(HLE, "sceKernelChangeThreadPriority(%i, %i): no current thread?", threadID, priority)
+		else
+			priority = cur->nt.currentPriority;
+	}
 
 	u32 error;
-	Thread *thread = kernelObjects.Get<Thread>(id, error);
+	Thread *thread = kernelObjects.Get<Thread>(threadID, error);
 	if (thread)
 	{
-		DEBUG_LOG(HLE,"sceKernelChangeThreadPriority(%i, %i)", id, PARAM(1));
+		if (priority < 0x08 || priority > 0x77)
+		{
+			ERROR_LOG_REPORT(HLE, "sceKernelChangeThreadPriority(%i, %i): bogus priority", threadID, priority);
+			return SCE_KERNEL_ERROR_ILLEGAL_PRIORITY;
+		}
 
-		int prio = thread->nt.currentPriority;
-		threadReadyQueue.remove(prio, id);
+		DEBUG_LOG(HLE, "sceKernelChangeThreadPriority(%i, %i)", threadID, priority);
 
-		thread->nt.currentPriority = PARAM(1);
+		int old = thread->nt.currentPriority;
+		threadReadyQueue.remove(old, threadID);
+
+		thread->nt.currentPriority = priority;
 
 		threadReadyQueue.prepare(thread->nt.currentPriority);
 		if (thread->isReady())
-			threadReadyQueue.push_back(thread->nt.currentPriority, id);
+			threadReadyQueue.push_back(thread->nt.currentPriority, threadID);
 
-		RETURN(0);
+		return 0;
 	}
 	else
 	{
-		ERROR_LOG(HLE,"%08x=sceKernelChangeThreadPriority(%i, %i) failed - no such thread", error, id, PARAM(1));
-		RETURN(error);
+		ERROR_LOG(HLE, "%08x=sceKernelChangeThreadPriority(%i, %i) failed - no such thread", error, threadID, priority);
+		return error;
 	}
 }
 
diff --git a/Core/HLE/sceKernelThread.h b/Core/HLE/sceKernelThread.h
index 7f16ad8bb6..21c90465c4 100644
--- a/Core/HLE/sceKernelThread.h
+++ b/Core/HLE/sceKernelThread.h
@@ -24,7 +24,7 @@
 #include "sceKernelModule.h"
 #include "HLE.h"
 
-void sceKernelChangeThreadPriority();
+int sceKernelChangeThreadPriority(SceUID threadID, int priority);
 int __KernelCreateThread(const char *threadName, SceUID moduleID, u32 entry, u32 prio, int stacksize, u32 attr, u32 optionAddr);
 int sceKernelCreateThread(const char *threadName, u32 entry, u32 prio, int stacksize, u32 attr, u32 optionAddr);
 int sceKernelDelayThread(u32 usec);