From cebd45ab2d1cea523d43b6ac85ea68d9164ee350 Mon Sep 17 00:00:00 2001 From: Sam Lantinga Date: Sat, 21 Aug 2004 05:29:45 +0000 Subject: [PATCH] Date: Sat, 10 Jul 2004 21:02:33 +0200 From: "Philippe Plantier (ayin)" Subject: [SDL] Problems allocating large surfaces There are problems when allocating large surfaces using SDL_CreateRGBSurface. When, for example, we try to allocate a surface wider than 16384 pixels, the calculation of the pitch overflows; this leads to a surface that has the w and h flags correctly set, but whose "pixels" buffer is too small. That may lead to heap corruption. --HG-- extra : convert_revision : svn%3Ac70aab31-4412-0410-b14c-859654838e24/trunk%40941 --- src/video/SDL_surface.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/video/SDL_surface.c b/src/video/SDL_surface.c index 934a9195b..dccc66fca 100644 --- a/src/video/SDL_surface.c +++ b/src/video/SDL_surface.c @@ -52,6 +52,13 @@ SDL_Surface * SDL_CreateRGBSurface (Uint32 flags, SDL_Surface *screen; SDL_Surface *surface; + /* Make sure the size requested doesn't overflow our datatypes */ + /* Next time I write a library like SDL, I'll use int for size. :) */ + if ( width > 16384 || height > 16384 ) { + SDL_SetError("Width or height is too large"); + return(NULL); + } + /* Check to see if we desire the surface in video memory */ if ( video ) { screen = SDL_PublicSurface;