|
1b5e3c19
|
2019-09-05T10:08:47
|
|
SDL_bmp.c: remove unused variable warnings
|
|
892c8d50
|
2019-09-03T11:55:20
|
|
Fixed bug 4536 - Heap-Buffer Overflow in SDL_GetRGB pertaining to SDL_pixels.c
Ozkan Sezer
As for the issue: This bmp reports bpp=0, therefore SDL_CalculatePitch()
returns pitch==0, which is then fed to SDL_malloc() (which is malloc())
and malloc(0) returns _something_ which is not NULL but not someting
that we expect.. Then testsprite.c:LoadSprite() accesses the pixels
as *(Uint8*)pixels which valrind reports as:
==15533== Invalid read of size 1
==15533== at 0x8048C08: LoadSprite (testsprite.c:45)
==15533== by 0x80492FC: main (testsprite.c:224)
==15533== Address 0x449e588 is 0 bytes after a block of size 0 alloc'd
==15533== at 0x40072B2: malloc (vg_replace_malloc.c:270)
==15533== by 0x4045719: SDL_CreateRGBSurface (SDL_surface.c:126)
==15533== by 0x40403C1: SDL_LoadBMP_RW (SDL_bmp.c:237)
==15533== by 0x8048BB2: LoadSprite (testsprite.c:36)
==15533== by 0x80492FC: main (testsprite.c:224)
Besides, valrind also reports this:
==15533== Conditional jump or move depends on uninitialised value(s)
==15533== at 0x40403F3: SDL_LoadBMP_RW (SDL_bmp.c:247)
==15533== by 0x8048BB2: LoadSprite (testsprite.c:36)
==15533== by 0x80492FC: main (testsprite.c:224)
Easy/quick solution would be early-rejecting a bmp with 0 bpp from SDL_bmp.c:SDL_LoadBMP_RW()
|
|
b21338eb
|
2019-09-02T12:35:00
|
|
SDL_bmp.c: restore most of the original formatting.
|
|
6c295129
|
2019-08-31T22:58:11
|
|
LoadBMP: fix some warnings
|
|
830979c5
|
2019-08-31T22:52:15
|
|
LoadBMP: use code from SDL_image which allows loading compressed BMP files
|
|
97fefd05
|
2019-07-30T11:00:00
|
|
Fixed bug 4538 - validate image size when loading BMP files
|
|
b2e76d86
|
2019-03-19T16:52:09
|
|
Fixed Windows RT build
|
|
8bc59f87
|
2019-03-16T18:34:33
|
|
Fixed CVE-2019-7635 and bug 4498 - Heap-Buffer Overflow in Blit1to4 pertaining to SDL_blit_1.c
Petr Pisar
The root cause is that the POC BMP file declares 3 colors used and 4 bpp palette, but pixel at line 28 and column 1 (counted from 0) has color number 3. Then when the image loaded into a surface is passed to SDL_DisplayFormat(), in order to convert it to a video format, a used bliting function looks up a color number 3 in a 3-element long color bliting map. (The map obviously has the same number entries as the surface format has colors.)
Proper fix should refuse broken BMP images that have a pixel with a color index higher than declared number of "used" colors. Possibly more advanced fix could try to relocate the out-of-range color index into a vacant index (if such exists).
|
|
ea4c4cfc
|
2019-02-18T07:50:33
|
|
Fixed bug 4500 - Heap-Buffer Overflow in Map1toN pertaining to SDL_pixels.c
Petr Pisar
The reproducer has these data in BITMAPINFOHEADER:
biSize = 40
biBitCount = 8
biClrUsed = 131075
SDL_LoadBMP_RW() function passes biBitCount as a color depth to SDL_CreateRGBSurface(), thus 256-color pallete is allocated. But then biClrUsed colors are read from a file and stored into the palette. SDL_LoadBMP_RW should report an error if biClrUsed is greater than 2^biBitCount.
|
|
5e13087b
|
2019-01-04T22:01:14
|
|
Updated copyright for 2019
|
|
e3cc5b2c
|
2018-01-03T10:03:25
|
|
Updated copyright for 2018
|
|
ca0bf151
|
2017-03-03T16:38:17
|
|
Fix some more compiler warnings on armcc.
|
|
45b774e3
|
2017-01-01T18:33:28
|
|
Updated copyright for 2017
|
|
0d24495b
|
2016-11-15T01:24:58
|
|
Removed unused constants
Except for SDL_bmp.c where they are historically interesting and I've left them in.
|
|
57d01d7d
|
2016-11-13T22:57:41
|
|
Patch from Sylvain to fix clang warnings
|
|
36e40d30
|
2016-10-11T23:19:05
|
|
Fixed bug 2923 - Add SDL_PIXELFORMAT_RGBA32 for byte-wise 32bit RGBA data
Daniel Gibson
Ok, I followed the simple approach of just making SDL_PIXELFORMAT_RGBA32 an alias of SDL_PIXELFORMAT_RGBA8888/SDL_PIXELFORMAT_ABGR8888, depending on endianess. And I did the same for SDL_PIXELFORMAT_ARGB32, .._BGRA, .._ABGR.
SDL_GetPixelFormatName() will of course return SDL_PIXELFORMAT_RGBA8888 (or SDL_PIXELFORMAT_ABGR8888) instead of SDL_PIXELFORMAT_RGBA32, but as long as that's mentioned in the docs it shouldn't be a problem.
|
|
27d4f099
|
2016-10-07T23:40:44
|
|
Implemented SDL_GetHintBoolean() to make it easier to check boolean hints
|
|
9fff05f8
|
2016-10-01T11:29:13
|
|
Fixed bug 3352 - Adding alpha mask support to SDL_SaveBMP_RW
Simon Hug
The current SDL_SaveBMP_RW function that saves surfaces to a BMP uses an old bitmap header which doesn't officially support alpha channels. Applications just ignore the byte where the alpha is stored. This can easily be extended by using a newer header version and setting the alpha mask.
The attached patch has these changes:
- Extending the description of the function in the SDL_surface.h header with the supported formats.
- Refining when surfaces get stored to a 32-bit BMP. (Must have bit depth of 8 or higher and must have an alpha mask or colorkey.)
- Fixing a small bug that saves 24-bit BGR surfaces with a colorkey in a 24-bit BMP.
- Adding code that switches to the bitmap header version 4 if the surface has an alpha mask or colorkey. (I chose version 4 because Microsoft didn't lose its documentation behind a file cabinet like they did with version 3.)
- Adding a hint that can disable the use of the version 4 header. This is for people that need the legacy header or like the old behavior better. (I'm not sure about the hint name, though. May need changing if there are any rules to that.)
|
|
42065e78
|
2016-01-02T10:10:34
|
|
Updated copyright to 2016
|
|
0e45984f
|
2015-06-21T17:33:46
|
|
Fixed crash if initialization of EGL failed but was tried again later.
The internal function SDL_EGL_LoadLibrary() did not delete and remove a mostly
uninitialized data structure if loading the library first failed. A later try to
use EGL then skipped initialization and assumed it was previously successful
because the data structure now already existed. This led to at least one crash
in the internal function SDL_EGL_ChooseConfig() because a NULL pointer was
dereferenced to make a call to eglBindAPI().
|
|
2c4a6ea0
|
2015-05-26T06:27:46
|
|
Updated the copyright year to 2015
|
|
b72938c8
|
2015-04-20T12:22:44
|
|
Windows: Always set the system timer resolution to 1ms by default.
An existing hint lets apps that don't need the timer resolution changed avoid
this, to save battery, etc, but this fixes several problems in timing, audio
callbacks not firing fast enough, etc.
Fixes Bugzilla #2944.
|
|
5a578a07
|
2015-04-16T22:04:35
|
|
Fixed return value of SDL_SaveBMP_RW() depending on set errors after NULL input.
If SDL_SaveBMP_RW() was called with NULL passed as SDL_RWops argument, different
values were returned depending on SDL_GetError(). If no error was set before the
call (or SDL_ClearError() was called) then 0 was returned. This is wrong because
nothing was saved. If an error was set before the call then -1 was returned.
This was fixed by directly returning -1 for NULL input instead of deciding based
on SDL_GetError(). No new error is set because this would otherwise override a
maybe more useful error set in SDL_RWFromFile() which is used by SDL_SaveBMP().
|
|
fe6c797c
|
2015-04-10T23:30:31
|
|
Fixed an iOS view orientation issue when SDL_GL_CreateContext or SDL_CreateRenderer is called.
|
|
b88ca1b4
|
2015-02-10T16:28:56
|
|
the last parameter of XChangeProperty is the number of elements.. and when the element format is 32.. the element is "long" so we have 5 long elements here.
Yes this seems confusing as on mac+linux Long is either 32 or 64bits depending on the architecture, but this is how the X11 protocol is defined. Thus 5 is the correct value for the nelts here. Not 5 or 10 depending on the architecture.
More info on the confusion https://bugs.freedesktop.org/show_bug.cgi?id=16802
|
|
e3f9bf33
|
2015-02-08T22:50:16
|
|
Fixed two inconsistencies on failed allocation.
|
|
fe586d07
|
2015-02-08T21:25:37
|
|
Fixed three memory leaks on failed allocation.
|
|
b48e54aa
|
2015-01-26T22:00:29
|
|
Fixed bug 2802 - [patch] Fix android build compiling in wrong filesystem implementation
Jonas Kulla
The configure script didn't differentiate between Linux and Android, unconditionally compiling in the unix implementation of SDL_sysfilesystem.c.
I'm probably one of the very few people building SDL for android using classic configure + standalone toolchain, so this has gone undetected all along.
|
|
70438be2
|
2014-12-03T10:55:23
|
|
WinRT: fixed bug whereby SDL would override an app's default orientation
WinRT apps can set a default, preferred orientation via a .appxmanifest file.
SDL was overriding this on app startup, and making the app use all possible
orientations (landscape and portrait).
Thanks to Eric Wing for the heads up on this!
|
|
9c398852
|
2014-11-22T22:20:40
|
|
Corrected header file documentation comment.
|
|
24c86b55
|
2014-09-11T19:24:42
|
|
[X11] Reconcile logical keyboard state with physical state on FocusIn
since the window system doesn't do it for us like other platforms.
This prevents sticky keys and missed keys when going in and out
of focus, for example Alt would appear to stick if switching away
from an SDL app with Alt-Tab and had to be pressed again.
CR: Sam
|
|
bcaae0b5
|
2014-09-08T01:36:22
|
|
Deal with various .bmp file format variants in SDL_LoadBMP_RW().
This helps when modern versions of The Gimp (and lots of other things)
produces a 32-bit bitmap with an alpha channel, or anything with "BI_BITFIELDS"
format, since that data is now embedded in the bitmap info header instead of
directly following it and we would accidentally skip over embedded versions of
it.
Fixes Bugzilla #2714.
|
|
f7461cdc
|
2014-07-09T00:09:57
|
|
The Gimp puts out a different bogus color mask for 32-bit .bmp files. :)
|
|
a91f1a1a
|
2014-07-09T00:01:34
|
|
Make SDL_LoadBMP() work with 32-bit bitmaps from ImageMagick.
|
|
3dcb451f
|
2014-04-09T21:29:19
|
|
Added a README file regarding WinRT support
To note, this file is currently formatted with CRLF line endings, rather than
LF, to allow the file to be viewed with Notepad.
|
|
dd81dad1
|
2014-03-24T07:12:26
|
|
Added an assert to help static analyzer.
|
|
58edac3e
|
2014-02-02T00:53:27
|
|
Fixed bug 2374 - Update copyright for 2014...
Is it that time already??
|
|
f848adff
|
2013-11-29T10:06:08
|
|
Improve Android pause/resume behavior.
|
|
7e1289af
|
2013-11-24T23:56:17
|
|
Make internal SDL sources include SDL_internal.h instead of SDL_config.h
The new header will include SDL_config.h, but allows for other global stuff.
|
|
550676d0
|
2013-11-09T00:56:05
|
|
Fixed signed/unsigned warning
|
|
95c67ed9
|
2013-11-07T19:15:58
|
|
Fixed bug 2219 - BMP loader do not handle big BITMAPINFOHEADER structure
Patrice Mandin
I encountered a problem trying to load a 8-bit paletted BMP file using SDL. This file was generated using GIMP 2.8. It has a big BITMAPINFOHEADER (0x6c bytes for biSize field), and thus the palette is incorrectly setup.
|
|
3e2930de
|
2013-08-29T08:29:51
|
|
Christoph Mallon: Remove pointless if (x) before SDL_FreeSurface(x)
|
|
1e49b1ed
|
2013-08-21T09:47:10
|
|
OCD fixes: Adds a space after /* (glory to regular expressions!)
|
|
695344d1
|
2013-08-21T09:43:09
|
|
OCD fixes: Adds a space before */
|
|
dad42067
|
2013-08-12T11:13:50
|
|
Fixes #2022, do not resume on Android when surfaceChanged
If the app is in landscape mode and the user presses the power button, a pause
is followed immediately by a surfaceChanged event because the lock screen
is shown in portrait mode. This triggers a "false" resume.
So, we just pause and resume following the onWindowFocusChanged events.
Also, wait for SDL_APP_WILLENTERBACKGROUND and SDL_APP_DIDENTERBACKGROUND before
blocking the event pump.
|
|
1ad936eb
|
2013-08-11T19:56:43
|
|
Fixed bug 2027 - Full-screen appears to be broken - hang in SDL_DestroyWindow()
Rainer Deyke
I'm running Linux Mint 15 with the Cinnamon window manager. SDL_DestroyWindow consistently locks up for me when the window if fullscreen.
|