syswm: prevent buffer overflow if SDL and app have different config headers.
authorRyan C. Gordon <icculus@icculus.org>
Sun, 11 Jun 2017 00:50:26 -0400
changeset 1108869452f9839d5
parent 11087 71ef4b78a753
child 11089 84a49d9b3e58
syswm: prevent buffer overflow if SDL and app have different config headers.

This only affects Wayland and DirectFB, as a Unix system generally has X11
support. Other platforms also have different sizes for the C union in
question, but are likely the only target for that platform, etc.

Apps that might run on Wayland or DirectFB will need to be compiled against
new headers from an official 2.0.6 release, or be prepared to force the x11
target, or not use SDL_GetWindowWMInfo().

Fixes Bugzilla #3428.
include/SDL_syswm.h
src/video/directfb/SDL_DirectFB_window.c
src/video/wayland/SDL_waylandwindow.c
     1.1 --- a/include/SDL_syswm.h	Sat Jun 10 15:38:14 2017 -0400
     1.2 +++ b/include/SDL_syswm.h	Sun Jun 11 00:50:26 2017 -0400
     1.3 @@ -280,8 +280,9 @@
     1.4          } vivante;
     1.5  #endif
     1.6  
     1.7 -        /* Can't have an empty union */
     1.8 -        int dummy;
     1.9 +        /* Make sure this union is always 64 bytes (8 64-bit pointers). */
    1.10 +        /* Be careful not to overflow this if you add a new target! */
    1.11 +        Uint8 dummy[64];
    1.12      } info;
    1.13  };
    1.14  
     2.1 --- a/src/video/directfb/SDL_DirectFB_window.c	Sat Jun 10 15:38:14 2017 -0400
     2.2 +++ b/src/video/directfb/SDL_DirectFB_window.c	Sun Jun 11 00:50:26 2017 -0400
     2.3 @@ -458,9 +458,28 @@
     2.4  DirectFB_GetWindowWMInfo(_THIS, SDL_Window * window,
     2.5                           struct SDL_SysWMinfo * info)
     2.6  {
     2.7 +    const Uint32 version = ((((Uint32) info->version.major) * 1000000) +
     2.8 +                            (((Uint32) info->version.minor) * 10000) +
     2.9 +                            (((Uint32) info->version.patch)));
    2.10 +
    2.11      SDL_DFB_DEVICEDATA(_this);
    2.12      SDL_DFB_WINDOWDATA(window);
    2.13  
    2.14 +    /* Before 2.0.6, it was possible to build an SDL with DirectFB support
    2.15 +       (SDL_SysWMinfo will be large enough to hold DirectFB info), but build
    2.16 +       your app against SDL headers that didn't have DirectFB support
    2.17 +       (SDL_SysWMinfo could be smaller than Wayland needs. This would lead
    2.18 +       to an app properly using SDL_GetWindowWMInfo() but we'd accidentally
    2.19 +       overflow memory on the stack or heap. To protect against this, we've
    2.20 +       padded out the struct unconditionally in the headers and DirectFB will
    2.21 +       just return an error for older apps using this function. Those apps
    2.22 +       will need to be recompiled against newer headers or not use DirectFB,
    2.23 +       maybe by forcing SDL_VIDEODRIVER=x11. */
    2.24 +    if (version < 2000006) {
    2.25 +        info->subsystem = SDL_SYSWM_UNKNOWN;
    2.26 +        return SDL_FALSE;
    2.27 +    }
    2.28 +
    2.29      if (info->version.major == SDL_MAJOR_VERSION &&
    2.30          info->version.minor == SDL_MINOR_VERSION) {
    2.31          info->subsystem = SDL_SYSWM_DIRECTFB;
     3.1 --- a/src/video/wayland/SDL_waylandwindow.c	Sat Jun 10 15:38:14 2017 -0400
     3.2 +++ b/src/video/wayland/SDL_waylandwindow.c	Sun Jun 11 00:50:26 2017 -0400
     3.3 @@ -129,6 +129,24 @@
     3.4  Wayland_GetWindowWMInfo(_THIS, SDL_Window * window, SDL_SysWMinfo * info)
     3.5  {
     3.6      SDL_WindowData *data = (SDL_WindowData *) window->driverdata;
     3.7 +    const Uint32 version = ((((Uint32) info->version.major) * 1000000) +
     3.8 +                            (((Uint32) info->version.minor) * 10000) +
     3.9 +                            (((Uint32) info->version.patch)));
    3.10 +
    3.11 +    /* Before 2.0.6, it was possible to build an SDL with Wayland support
    3.12 +       (SDL_SysWMinfo will be large enough to hold Wayland info), but build
    3.13 +       your app against SDL headers that didn't have Wayland support
    3.14 +       (SDL_SysWMinfo could be smaller than Wayland needs. This would lead
    3.15 +       to an app properly using SDL_GetWindowWMInfo() but we'd accidentally
    3.16 +       overflow memory on the stack or heap. To protect against this, we've
    3.17 +       padded out the struct unconditionally in the headers and Wayland will
    3.18 +       just return an error for older apps using this function. Those apps
    3.19 +       will need to be recompiled against newer headers or not use Wayland,
    3.20 +       maybe by forcing SDL_VIDEODRIVER=x11. */
    3.21 +    if (version < 2000006) {
    3.22 +        info->subsystem = SDL_SYSWM_UNKNOWN;
    3.23 +        return SDL_FALSE;
    3.24 +    }
    3.25  
    3.26      info->info.wl.display = data->waylandData->display;
    3.27      info->info.wl.surface = data->surface;