sdl.m4
author Petr Písař <ppisar@redhat.com>
Sat, 16 Mar 2019 19:16:24 -0700
branchSDL-1.2
changeset 12653 9b0e5c555c0f
parent 11962 6d7d78d2d864
permissions -rw-r--r--
CVE-2019-7637: Fix in integer overflow in SDL_CalculatePitch
If a too large width is passed to SDL_SetVideoMode() the width travels
to SDL_CalculatePitch() where the width (e.g. 65535) is multiplied by
BytesPerPixel (e.g. 4) and the result is stored into Uint16 pitch
variable. During this arithmetics an integer overflow can happen (e.g.
the value is clamped as 65532). As a result SDL_Surface with a pitch
smaller than width * BytesPerPixel is created, too small pixel buffer
is allocated and when the SDL_Surface is processed in SDL_FillRect()
a buffer overflow occurs.

This can be reproduced with "./graywin -width 21312312313123213213213"
command.

This patch fixes is by using a very careful arithmetics in
SDL_CalculatePitch(). If an overflow is detected, an error is reported
back as a special 0 value. We assume that 0-width surfaces do not
occur in the wild. Since SDL_CalculatePitch() is a private function,
we can change the semantics.

CVE-2019-7637
https://bugzilla.libsdl.org/show_bug.cgi?id=4497

Signed-off-by: Petr Písař <ppisar@redhat.com>
     1 # Configure paths for SDL
     2 # Sam Lantinga 9/21/99
     3 # stolen from Manish Singh
     4 # stolen back from Frank Belew
     5 # stolen from Manish Singh
     6 # Shamelessly stolen from Owen Taylor
     7 
     8 # serial 1
     9 
    10 dnl AM_PATH_SDL([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]]])
    11 dnl Test for SDL, and define SDL_CFLAGS and SDL_LIBS
    12 dnl
    13 AC_DEFUN([AM_PATH_SDL],
    14 [dnl 
    15 dnl Get the cflags and libraries from the sdl-config script
    16 dnl
    17 AC_ARG_WITH(sdl-prefix,[  --with-sdl-prefix=PFX   Prefix where SDL is installed (optional)],
    18             sdl_prefix="$withval", sdl_prefix="")
    19 AC_ARG_WITH(sdl-exec-prefix,[  --with-sdl-exec-prefix=PFX Exec prefix where SDL is installed (optional)],
    20             sdl_exec_prefix="$withval", sdl_exec_prefix="")
    21 AC_ARG_ENABLE(sdltest, [  --disable-sdltest       Do not try to compile and run a test SDL program],
    22 		    , enable_sdltest=yes)
    23 
    24   if test x$sdl_exec_prefix != x ; then
    25     sdl_config_args="$sdl_config_args --exec-prefix=$sdl_exec_prefix"
    26     if test x${SDL_CONFIG+set} != xset ; then
    27       SDL_CONFIG=$sdl_exec_prefix/bin/sdl-config
    28     fi
    29   fi
    30   if test x$sdl_prefix != x ; then
    31     sdl_config_args="$sdl_config_args --prefix=$sdl_prefix"
    32     if test x${SDL_CONFIG+set} != xset ; then
    33       SDL_CONFIG=$sdl_prefix/bin/sdl-config
    34     fi
    35   fi
    36 
    37   as_save_PATH="$PATH"
    38   if test "x$prefix" != xNONE && test "$cross_compiling" != yes; then
    39     PATH="$prefix/bin:$prefix/usr/bin:$PATH"
    40   fi
    41   AC_PATH_PROG(SDL_CONFIG, sdl-config, no, [$PATH])
    42   PATH="$as_save_PATH"
    43   min_sdl_version=ifelse([$1], ,0.11.0,$1)
    44   AC_MSG_CHECKING(for SDL - version >= $min_sdl_version)
    45   no_sdl=""
    46   if test "$SDL_CONFIG" = "no" ; then
    47     no_sdl=yes
    48   else
    49     SDL_CFLAGS=`$SDL_CONFIG $sdl_config_args --cflags`
    50     SDL_LIBS=`$SDL_CONFIG $sdl_config_args --libs`
    51 
    52     sdl_major_version=`$SDL_CONFIG $sdl_config_args --version | \
    53            sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\1/'`
    54     sdl_minor_version=`$SDL_CONFIG $sdl_config_args --version | \
    55            sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\2/'`
    56     sdl_micro_version=`$SDL_CONFIG $sdl_config_args --version | \
    57            sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\3/'`
    58     if test "x$enable_sdltest" = "xyes" ; then
    59       ac_save_CFLAGS="$CFLAGS"
    60       ac_save_CXXFLAGS="$CXXFLAGS"
    61       ac_save_LIBS="$LIBS"
    62       CFLAGS="$CFLAGS $SDL_CFLAGS"
    63       CXXFLAGS="$CXXFLAGS $SDL_CFLAGS"
    64       LIBS="$LIBS $SDL_LIBS"
    65 dnl
    66 dnl Now check if the installed SDL is sufficiently new. (Also sanity
    67 dnl checks the results of sdl-config to some extent
    68 dnl
    69       rm -f conf.sdltest
    70       AC_TRY_RUN([
    71 #include <stdio.h>
    72 #include <stdlib.h>
    73 #include <string.h>
    74 #include "SDL.h"
    75 
    76 char*
    77 my_strdup (char *str)
    78 {
    79   char *new_str;
    80   
    81   if (str)
    82     {
    83       new_str = (char *)malloc ((strlen (str) + 1) * sizeof(char));
    84       strcpy (new_str, str);
    85     }
    86   else
    87     new_str = NULL;
    88   
    89   return new_str;
    90 }
    91 
    92 int main (int argc, char *argv[])
    93 {
    94   int major, minor, micro;
    95   char *tmp_version;
    96 
    97   /* This hangs on some systems (?)
    98   system ("touch conf.sdltest");
    99   */
   100   { FILE *fp = fopen("conf.sdltest", "a"); if ( fp ) fclose(fp); }
   101 
   102   /* HP/UX 9 (%@#!) writes to sscanf strings */
   103   tmp_version = my_strdup("$min_sdl_version");
   104   if (sscanf(tmp_version, "%d.%d.%d", &major, &minor, &micro) != 3) {
   105      printf("%s, bad version string\n", "$min_sdl_version");
   106      exit(1);
   107    }
   108 
   109    if (($sdl_major_version > major) ||
   110       (($sdl_major_version == major) && ($sdl_minor_version > minor)) ||
   111       (($sdl_major_version == major) && ($sdl_minor_version == minor) && ($sdl_micro_version >= micro)))
   112     {
   113       return 0;
   114     }
   115   else
   116     {
   117       printf("\n*** 'sdl-config --version' returned %d.%d.%d, but the minimum version\n", $sdl_major_version, $sdl_minor_version, $sdl_micro_version);
   118       printf("*** of SDL required is %d.%d.%d. If sdl-config is correct, then it is\n", major, minor, micro);
   119       printf("*** best to upgrade to the required version.\n");
   120       printf("*** If sdl-config was wrong, set the environment variable SDL_CONFIG\n");
   121       printf("*** to point to the correct copy of sdl-config, and remove the file\n");
   122       printf("*** config.cache before re-running configure\n");
   123       return 1;
   124     }
   125 }
   126 
   127 ],, no_sdl=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"])
   128        CFLAGS="$ac_save_CFLAGS"
   129        CXXFLAGS="$ac_save_CXXFLAGS"
   130        LIBS="$ac_save_LIBS"
   131      fi
   132   fi
   133   if test "x$no_sdl" = x ; then
   134      AC_MSG_RESULT(yes)
   135      ifelse([$2], , :, [$2])     
   136   else
   137      AC_MSG_RESULT(no)
   138      if test "$SDL_CONFIG" = "no" ; then
   139        echo "*** The sdl-config script installed by SDL could not be found"
   140        echo "*** If SDL was installed in PREFIX, make sure PREFIX/bin is in"
   141        echo "*** your path, or set the SDL_CONFIG environment variable to the"
   142        echo "*** full path to sdl-config."
   143      else
   144        if test -f conf.sdltest ; then
   145         :
   146        else
   147           echo "*** Could not run SDL test program, checking why..."
   148           CFLAGS="$CFLAGS $SDL_CFLAGS"
   149           CXXFLAGS="$CXXFLAGS $SDL_CFLAGS"
   150           LIBS="$LIBS $SDL_LIBS"
   151           AC_TRY_LINK([
   152 #include <stdio.h>
   153 #include "SDL.h"
   154 
   155 int main(int argc, char *argv[])
   156 { return 0; }
   157 #undef  main
   158 #define main K_and_R_C_main
   159 ],      [ return 0; ],
   160         [ echo "*** The test program compiled, but did not run. This usually means"
   161           echo "*** that the run-time linker is not finding SDL or finding the wrong"
   162           echo "*** version of SDL. If it is not finding SDL, you'll need to set your"
   163           echo "*** LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf to point"
   164           echo "*** to the installed location  Also, make sure you have run ldconfig if that"
   165           echo "*** is required on your system"
   166 	  echo "***"
   167           echo "*** If you have an old version installed, it is best to remove it, although"
   168           echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH"],
   169         [ echo "*** The test program failed to compile or link. See the file config.log for the"
   170           echo "*** exact error that occured. This usually means SDL was incorrectly installed"
   171           echo "*** or that you have moved SDL since it was installed. In the latter case, you"
   172           echo "*** may want to edit the sdl-config script: $SDL_CONFIG" ])
   173           CFLAGS="$ac_save_CFLAGS"
   174           CXXFLAGS="$ac_save_CXXFLAGS"
   175           LIBS="$ac_save_LIBS"
   176        fi
   177      fi
   178      SDL_CFLAGS=""
   179      SDL_LIBS=""
   180      ifelse([$3], , :, [$3])
   181   fi
   182   AC_SUBST(SDL_CFLAGS)
   183   AC_SUBST(SDL_LIBS)
   184   rm -f conf.sdltest
   185 ])