src/dynapi/SDL_dynapi.h
author Sam Lantinga <slouken@libsdl.org>
Mon, 18 Feb 2019 07:50:33 -0800
changeset 12612 07c39cbbeacf
parent 12503 806492103856
permissions -rw-r--r--
Fixed bug 4500 - Heap-Buffer Overflow in Map1toN pertaining to SDL_pixels.c

Petr Pisar

The reproducer has these data in BITMAPINFOHEADER:

biSize = 40
biBitCount = 8
biClrUsed = 131075

SDL_LoadBMP_RW() function passes biBitCount as a color depth to SDL_CreateRGBSurface(), thus 256-color pallete is allocated. But then biClrUsed colors are read from a file and stored into the palette. SDL_LoadBMP_RW should report an error if biClrUsed is greater than 2^biBitCount.
icculus@8094
     1
/*
icculus@8094
     2
  Simple DirectMedia Layer
slouken@12503
     3
  Copyright (C) 1997-2019 Sam Lantinga <slouken@libsdl.org>
icculus@8094
     4
icculus@8094
     5
  This software is provided 'as-is', without any express or implied
icculus@8094
     6
  warranty.  In no event will the authors be held liable for any damages
icculus@8094
     7
  arising from the use of this software.
icculus@8094
     8
icculus@8094
     9
  Permission is granted to anyone to use this software for any purpose,
icculus@8094
    10
  including commercial applications, and to alter it and redistribute it
icculus@8094
    11
  freely, subject to the following restrictions:
icculus@8094
    12
icculus@8094
    13
  1. The origin of this software must not be misrepresented; you must not
icculus@8094
    14
     claim that you wrote the original software. If you use this software
icculus@8094
    15
     in a product, an acknowledgment in the product documentation would be
icculus@8094
    16
     appreciated but is not required.
icculus@8094
    17
  2. Altered source versions must be plainly marked as such, and must not be
icculus@8094
    18
     misrepresented as being the original software.
icculus@8094
    19
  3. This notice may not be removed or altered from any source distribution.
icculus@8094
    20
*/
icculus@8094
    21
slouken@10638
    22
#ifndef SDL_dynapi_h_
slouken@10638
    23
#define SDL_dynapi_h_
icculus@8094
    24
icculus@8094
    25
/* IMPORTANT:
icculus@8094
    26
   This is the master switch to disabling the dynamic API. We made it so you
icculus@8094
    27
   have to hand-edit an internal source file in SDL to turn it off; you
icculus@8094
    28
   can do it if you want it badly enough, but hopefully you won't want to.
icculus@8094
    29
   You should understand the ramifications of turning this off: it makes it
icculus@8094
    30
   hard to update your SDL in the field, and impossible if you've statically
icculus@8094
    31
   linked SDL into your app. Understand that platforms change, and if we can't
icculus@8094
    32
   drop in an updated SDL, your application can definitely break some time
icculus@8094
    33
   in the future, even if it's fine today.
icculus@8094
    34
   To be sure, as new system-level video and audio APIs are introduced, an
icculus@8094
    35
   updated SDL can transparently take advantage of them, but your program will
icculus@8094
    36
   not without this feature. Think hard before turning it off.
icculus@8094
    37
*/
icculus@8094
    38
#ifdef SDL_DYNAMIC_API  /* Tried to force it on the command line? */
icculus@8094
    39
#error Nope, you have to edit this file to force this off.
icculus@8094
    40
#endif
icculus@8094
    41
icculus@8121
    42
#ifdef __APPLE__
icculus@8121
    43
#include "TargetConditionals.h"
icculus@8121
    44
#endif
icculus@8121
    45
philipp@10197
    46
#if defined(TARGET_OS_IPHONE) && TARGET_OS_IPHONE  /* probably not useful on iOS. */
icculus@8094
    47
#define SDL_DYNAMIC_API 0
philipp@10197
    48
#elif defined(__native_client__) && __native_client__  /* probably not useful on NACL. */
dludwig@8611
    49
#define SDL_DYNAMIC_API 0
philipp@10197
    50
#elif defined(__EMSCRIPTEN__) && __EMSCRIPTEN__  /* probably not useful on Emscripten. */
philipp@10197
    51
#define SDL_DYNAMIC_API 0
philipp@10197
    52
#elif defined(SDL_BUILDING_WINRT) && SDL_BUILDING_WINRT  /* probably not useful on WinRT, given current .dll loading restrictions */
philipp@10197
    53
#define SDL_DYNAMIC_API 0
philipp@10197
    54
#elif defined(__PSP__) && __PSP__
philipp@10066
    55
#define SDL_DYNAMIC_API 0
icculus@8640
    56
#elif defined(__clang_analyzer__)
icculus@8640
    57
#define SDL_DYNAMIC_API 0  /* Turn off for static analysis, so reports are more clear. */
icculus@9442
    58
#endif
icculus@9442
    59
icculus@9442
    60
/* everyone else. This is where we turn on the API if nothing forced it off. */
icculus@9442
    61
#ifndef SDL_DYNAMIC_API
icculus@8094
    62
#define SDL_DYNAMIC_API 1
icculus@8094
    63
#endif
icculus@8094
    64
icculus@8094
    65
#endif
icculus@8094
    66
icculus@8094
    67
/* vi: set ts=4 sw=4 expandtab: */