Sat, 08 Jun 2019 17:57:43 -0700CVE-2019-7572: Fix a buffer overread in IMA_ADPCM_nibble SDL-1.2
Petr Písař <ppisar@redhat.com> [Sat, 08 Jun 2019 17:57:43 -0700] rev 12800
CVE-2019-7572: Fix a buffer overread in IMA_ADPCM_nibble
If an IMA ADPCM block contained an initial index out of step table
range (loaded in IMA_ADPCM_decode()), IMA_ADPCM_nibble() blindly used
this bogus value and that lead to a buffer overread.

This patch fixes it by moving clamping the index value at the
beginning of IMA_ADPCM_nibble() function instead of the end after
an update.

CVE-2019-7572
https://bugzilla.libsdl.org/show_bug.cgi?id=4495

Signed-off-by: Petr Písař <ppisar@redhat.com>

Sat, 08 Jun 2019 17:43:23 -0700Fixed bug 4526 - replace SDL_RW* macros with functions for using in bindings
Sam Lantinga <slouken@libsdl.org> [Sat, 08 Jun 2019 17:43:23 -0700] rev 12799
Fixed bug 4526 - replace SDL_RW* macros with functions for using in bindings

ace

I got this bug in SDL_ttf:
https://bugzilla.libsdl.org/show_bug.cgi?id=4524
Sylvain proposed solution:
SDL_RWseek(RWops, 0, RW_SEEK_SET);

And it works, but i can use it my project, because it written in C# with SDL2-CS wrapper and there not export for macroses:
#define SDL_RWsize(ctx) (ctx)->size(ctx)
#define SDL_RWseek(ctx, offset, whence) (ctx)->seek(ctx, offset, whence)
#define SDL_RWtell(ctx) (ctx)->seek(ctx, 0, RW_SEEK_CUR)
#define SDL_RWread(ctx, ptr, size, n) (ctx)->read(ctx, ptr, size, n)
#define SDL_RWwrite(ctx, ptr, size, n) (ctx)->write(ctx, ptr, size, n)
#define SDL_RWclose(ctx) (ctx)->close(ctx)

Therefore, I suggest replacing this macros with functions so that they can be exported and used in bindings

Sat, 08 Jun 2019 15:10:20 -0700Fixed bug 4533 - Update ANGLE to load d3dcompiler_47.dll instead of d3dcompiler_46.dll
Sam Lantinga <slouken@libsdl.org> [Sat, 08 Jun 2019 15:10:20 -0700] rev 12798
Fixed bug 4533 - Update ANGLE to load d3dcompiler_47.dll instead of d3dcompiler_46.dll

msmshazan

Update ANGLE Libraries to support d3dcompiler_47.dll since chrome does not ship with d3dcompiler_46.dll and d3dcompiler_43.dll

Mon, 04 Mar 2019 12:16:43 -0500cocoa: Fix assert to use SDL_assert
Ethan Lee <flibitijibibo@flibitijibibo.com> [Mon, 04 Mar 2019 12:16:43 -0500] rev 12797
cocoa: Fix assert to use SDL_assert

Sat, 08 Jun 2019 14:58:49 -0700Backed out Ben's chinese Xbox controller patch, as the generic catch-all for Xbox controllers should handle it.
Sam Lantinga <slouken@libsdl.org> [Sat, 08 Jun 2019 14:58:49 -0700] rev 12796
Backed out Ben's chinese Xbox controller patch, as the generic catch-all for Xbox controllers should handle it.

Sun, 17 Mar 2019 23:47:12 +0100Add mapping for Chinese-made Xbox Controller
Benjamin Valentin <benpicco@googlemail.com> [Sun, 17 Mar 2019 23:47:12 +0100] rev 12795
Add mapping for Chinese-made Xbox Controller

This device is a copy of the Xbox Controller S and currently the one most sold
when shopping for a 'new' Xbox gamepad on eBay and AliExpress.
Except for the quirky USB ID id behaves just like a normal Xbox controller (when
ignoring the subpar build quality)

Sat, 08 Jun 2019 14:54:37 -0700Fixed bug 4557 - SDL_SIMDAlloc and *Free should be in the public interface
Sam Lantinga <slouken@libsdl.org> [Sat, 08 Jun 2019 14:54:37 -0700] rev 12794
Fixed bug 4557 - SDL_SIMDAlloc and *Free should be in the public interface

Martin Gerhardy

These functions are really useful and should get exposed imo.

Sat, 08 Jun 2019 14:40:27 -0700Fixed bug 4583 - PollAllValues appears to use an incorrect index for all axes above 0x18
Sam Lantinga <slouken@libsdl.org> [Sat, 08 Jun 2019 14:40:27 -0700] rev 12793
Fixed bug 4583 - PollAllValues appears to use an incorrect index for all axes above 0x18

Noam Preil

In src/joystick/linux/SDL_sysjoystick.c:

The ConfigJoystick function's axes detection starts with a for loop using an index i for Linux's axes names. When i gets to ABS_HAT0X, it's set to ABS_HAT3Y and a continue statement appears, to skip the hats. This makes sense, as SDL handles hats separately from axes.

However, in PollAllValues, *two* indices are used: a and b. Both start out the same, and remain so until the hats are reached. At that point, a becomes identical to the i from ConfigJoystick's loop, but b is equal to a - (ABS_HAT3Y - ABS_HAT0X), or a - 8.

While all the joystick->hwdata->abs_* structures in ConfigJoystick used i - which would here be a - as both the index and the ioctl argument, PollAllValues uses b for the structure index and a as the ioctl argument.

It would appear, however, that no joystick HAS such axes, and that the b index is entirely unnecessary.

I tested three separate joysticks, and while that was far from a complete listing, I was unable to find a joystick with an axis above 0x08.

Sat, 08 Jun 2019 14:36:03 -0700Fixed bug 4593 - Respect CMake's BUILD_SHARED_LIBS default behavior
Sam Lantinga <slouken@libsdl.org> [Sat, 08 Jun 2019 14:36:03 -0700] rev 12792
Fixed bug 4593 - Respect CMake's BUILD_SHARED_LIBS default behavior

tschwinger

Respect the BUILD_SHARED_LIBS variable when defined, and build either shared or static libs, which is CMake's default behavior (See https://cmake.org/cmake/help/latest/variable/BUILD_SHARED_LIBS.html).

If the variable is not defined, the current behavior remains unchanged and both variants are built where the platform supports it. This way, it remains possible to build both in one shot, which seems convenient for distro builds and useful to promote some consistency between them.

Sat, 08 Jun 2019 14:34:38 -0700Fixed bug 4594 - Fix install location of CMake targets on Apple platforms
Sam Lantinga <slouken@libsdl.org> [Sat, 08 Jun 2019 14:34:38 -0700] rev 12791
Fixed bug 4594 - Fix install location of CMake targets on Apple platforms

tschwinger

Followup to #3651

As already noted by Ryan, no framework is being built, so we better install to lib/cmake.

That code was originally part of a patch submitted by David Demelier, whose credit BTW got lost (I combined his patch for #3572 with fixes for #2576 and #3613 resulting in #3651 because things started to depend on another).

I tested that the configuration files are found correctly in the new location on MacOS X based on a hint to the root (see https://cmake.org/cmake/help/latest/command/find_package.html#search-procedure).