kc3-lang/SDL

Browse

Commit ebb814310acff35ce40b405c4ef4fa8dbdd49a42

Sylvain Becker 2021-01-29T12:04:48

Add checks for maximun scaling size (see bug #5510) 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

diff --git a/src/video/SDL_stretch.c b/src/video/SDL_stretch.c
index eec1cc6..8b5512f 100644
--- a/src/video/SDL_stretch.c
+++ b/src/video/SDL_stretch.c
@@ -94,6 +94,11 @@ SDL_UpperSoftStretch(SDL_Surface * src, const SDL_Rect * srcrect,
         return 0;
     }
 
+    if (srcrect->w > SDL_MAX_UINT16 || srcrect->h > SDL_MAX_UINT16 ||
+        dstrect->w > SDL_MAX_UINT16 || dstrect->h > SDL_MAX_UINT16) {
+        return SDL_SetError("Too large size for scaling");
+    }
+
     /* Lock the destination if it's in hardware */
     dst_locked = 0;
     if (SDL_MUSTLOCK(dst)) {
diff --git a/src/video/SDL_surface.c b/src/video/SDL_surface.c
index 2550f92..0ff6f2a 100644
--- a/src/video/SDL_surface.c
+++ b/src/video/SDL_surface.c
@@ -931,6 +931,11 @@ SDL_PrivateLowerBlitScaled(SDL_Surface * src, SDL_Rect * srcrect,
         SDL_COPY_COLORKEY
     );
 
+    if (srcrect->w > SDL_MAX_UINT16 || srcrect->h > SDL_MAX_UINT16 ||
+        dstrect->w > SDL_MAX_UINT16 || dstrect->h > SDL_MAX_UINT16) {
+        return SDL_SetError("Too large size for scaling");
+    }
+
     if (!(src->map->info.flags & SDL_COPY_NEAREST)) {
         src->map->info.flags |= SDL_COPY_NEAREST;
         SDL_InvalidateMap(src->map);
kmx.io     mail     discord kmxgit v0.4.0