Tue, 11 Jun 2019 00:19:38 -0700Added patch note for security fixes default tip
Sam Lantinga <slouken@libsdl.org> [Tue, 11 Jun 2019 00:19:38 -0700] rev 659
Added patch note for security fixes

Tue, 11 Jun 2019 00:15:06 -0700Fixed TALOS-2019-0844 - XPM image colorhash parsing Code Execution Vulnerability
Sam Lantinga <slouken@libsdl.org> [Tue, 11 Jun 2019 00:15:06 -0700] rev 658
Fixed TALOS-2019-0844 - XPM image colorhash parsing Code Execution Vulnerability

The table entry in the color_hash is created in the create_colorhash function based on the number of colors passed into the function. The size of the color_hash table is the first value in the powers of 2 larger than the passed in number of colors [2]. The size of the allocation is this calculated value * 8 (sizeof(struct hash_entry **)) [3]. This multiplication can cause an overflow, resulting in a very small allocation.

Mon, 10 Jun 2019 23:50:21 -0700Fixed TALOS-2019-0843 - XPM image color code code execution vulnerability
Sam Lantinga <slouken@libsdl.org> [Mon, 10 Jun 2019 23:50:21 -0700] rev 657
Fixed TALOS-2019-0843 - XPM image color code code execution vulnerability

By providing a sufficiently large ncolors and cpp value, the buffer allocation size can overflow into a size too small to hold the color code string. This causes the memcpy to cause a heap overflow, potentially resulting in code execution.

Mon, 10 Jun 2019 17:24:08 -0700Fixed TALOS-2019-0842 - XCF Image Code Execution Vulnerability
Sam Lantinga <slouken@libsdl.org> [Mon, 10 Jun 2019 17:24:08 -0700] rev 656
Fixed TALOS-2019-0842 - XCF Image Code Execution Vulnerability

Mon, 10 Jun 2019 16:49:12 -0700Added patch note for emscripten port
Sam Lantinga <slouken@libsdl.org> [Mon, 10 Jun 2019 16:49:12 -0700] rev 655
Added patch note for emscripten port

Mon, 10 Jun 2019 16:46:53 -0700IMG_Load should attempt to read from preloaded data (#7)
Amadeus <gliheng@gmail.com> [Mon, 10 Jun 2019 16:46:53 -0700] rev 654
IMG_Load should attempt to read from preloaded data (#7)

Mon, 10 Jun 2019 16:45:40 -0700Update emscripten building instructions
Charlie Birks <admin@daftgames.net> [Mon, 10 Jun 2019 16:45:40 -0700] rev 653
Update emscripten building instructions
- Reccomend Emscripten ports
- Update repo
- More details about prefix

Mon, 10 Jun 2019 16:42:52 -0700Copy the pixel data into the surface
Brian Palmer <brian@codekitchen.net> [Mon, 10 Jun 2019 16:42:52 -0700] rev 652
Copy the pixel data into the surface
It was getting immediately freed out from underneath the surface, SDL_CreateRGBSurfaceFrom does not copy the pixel data.

Mon, 10 Jun 2019 16:42:16 -0700Add build instructions for emscripten
Sathyanarayanan Gunasekaran <gsathya.ceg@gmail.com> [Mon, 10 Jun 2019 16:42:16 -0700] rev 651
Add build instructions for emscripten
Fixes #1

Mon, 10 Jun 2019 16:41:40 -0700Port to emscripten
Sathyanarayanan Gunasekaran <gsathya.ceg@gmail.com> [Mon, 10 Jun 2019 16:41:40 -0700] rev 650
Port to emscripten
Patch from daft-freak