Edit

kc3-lang/SDL

Branch :

  • Show log

    Commit

  • Author : Sam Lantinga
    Date : 2019-03-16 18:34:33
    Hash : 8bc59f87
    Message : Fixed CVE-2019-7635 and bug 4498 - Heap-Buffer Overflow in Blit1to4 pertaining to SDL_blit_1.c Petr Pisar The root cause is that the POC BMP file declares 3 colors used and 4 bpp palette, but pixel at line 28 and column 1 (counted from 0) has color number 3. Then when the image loaded into a surface is passed to SDL_DisplayFormat(), in order to convert it to a video format, a used bliting function looks up a color number 3 in a 3-element long color bliting map. (The map obviously has the same number entries as the surface format has colors.) Proper fix should refuse broken BMP images that have a pixel with a color index higher than declared number of "used" colors. Possibly more advanced fix could try to relocate the out-of-range color index into a vacant index (if such exists).

  • Properties
  • Git HTTP https://git.kmx.io/kc3-lang/SDL.git
    Git SSH git@git.kmx.io:kc3-lang/SDL.git
    Public ? true
    Name
    Description

    Fork of https://github.com/libsdl-org/SDL
    Users
    -
    +     		thodg git_deploy kc3_lang_org thodg_l thodg_m thodg_w www_kmx_io
    Tags

  • README.txt 
  •                          Simple DirectMedia Layer

                                  (SDL)

                                Version 2.0

---
https://www.libsdl.org/

Simple DirectMedia Layer is a cross-platform development library designed
to provide low level access to audio, keyboard, mouse, joystick, and graphics
hardware via OpenGL and Direct3D. It is used by video playback software,
emulators, and popular games including Valve's award winning catalog
and many Humble Bundle games.

More extensive documentation is available in the docs directory, starting
with README.md

Enjoy!
	Sam Lantinga				(slouken@libsdl.org)