SDL/include
Sam Lantinga 553b328664 Fixed bug 3668 - Overflow of SDL_AudioCVT.filters with some downmixes
Simon Hug

There's a chance that an audio conversion from many channels to a few can use more than 9 audio filters. SDL_AudioCVT has 10 SDL_AudioFilter pointers of which one has to be the terminating NULL pointer. The SDL code has no checks for this limit. If it overflows there can be stack or heap corruption or a call to 0xa.

Attached patch adds a function that checks for this limit and throws an error if it is reached. Also adds some documentation.

Test parameters that trigger this issue:
AUDIO_U16MSB with 224 channels at 46359 Hz
                 V
AUDIO_S16MSB with 6 channels at 27463 Hz

The fuzzer program I uploaded in bug 3667 has more of them.
2017-06-12 16:39:15 -07:00
..
begin_code.h Some patches to make SDL compile with armcc (ARM's C compiler). 2017-03-02 13:33:04 -05:00
close_code.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_assert.h assert: Check for Clang _and_ GCC, in case they ever drop compatibility. 2017-05-19 14:49:16 -04:00
SDL_atomic.h Make sure the memory barrier functions are always available, and now they are implemented on Android __ARM_ARCH_5TE__ 2017-02-10 11:21:15 -08:00
SDL_audio.h Fixed bug 3668 - Overflow of SDL_AudioCVT.filters with some downmixes 2017-06-12 16:39:15 -07:00
SDL_bits.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_blendmode.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_clipboard.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_config.h mistake: Revert the files that I did not mean to commit 2017-03-01 15:05:54 -08:00
SDL_config.h.cmake jack: Initial shot at a JACK audio target. 2017-06-08 13:27:58 -04:00
SDL_config.h.in jack: Initial shot at a JACK audio target. 2017-06-08 13:27:58 -04:00
SDL_config_android.h Updated config headers to override the base SDL_config.h if both are included 2017-02-20 10:55:33 -08:00
SDL_config_iphoneos.h Updated config headers to override the base SDL_config.h if both are included 2017-02-20 10:55:33 -08:00
SDL_config_macosx.h Updated config headers to override the base SDL_config.h if both are included 2017-02-20 10:55:33 -08:00
SDL_config_minimal.h Updated config headers to override the base SDL_config.h if both are included 2017-02-20 10:55:33 -08:00
SDL_config_pandora.h Updated config headers to override the base SDL_config.h if both are included 2017-02-20 10:55:33 -08:00
SDL_config_psp.h Updated config headers to override the base SDL_config.h if both are included 2017-02-20 10:55:33 -08:00
SDL_config_windows.h Updated config headers to override the base SDL_config.h if both are included 2017-02-20 10:55:33 -08:00
SDL_config_winrt.h Updated config headers to override the base SDL_config.h if both are included 2017-02-20 10:55:33 -08:00
SDL_config_wiz.h Updated config headers to override the base SDL_config.h if both are included 2017-02-20 10:55:33 -08:00
SDL_copying.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_cpuinfo.h audio: Wired up new SSE code to build system. 2017-01-23 01:05:44 -05:00
SDL_egl.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_endian.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_error.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_events.h Fixed comment typo 2017-05-05 05:10:30 -07:00
SDL_filesystem.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_gamecontroller.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_gesture.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_haptic.h Fixed typos and documentation in haptic header file. 2017-04-02 21:32:49 +02:00
SDL_hints.h Fixed environment variable of SDL_HINT_RENDER_LOGICAL_SIZE_MODE. 2017-06-08 22:40:21 +02:00
SDL_joystick.h Added an API to get the joystick instance ID before opening the device: SDL_JoystickGetDeviceInstanceID() 2017-03-09 16:09:16 -08:00
SDL_keyboard.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_keycode.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_loadso.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_log.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_main.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_messagebox.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_mouse.h Fixed comments in headers for doxygen output. 2017-06-04 23:15:39 +02:00
SDL_mutex.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_name.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_opengl.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_opengl_glext.h Fixed crash if initialization of EGL failed but was tried again later. 2015-06-21 17:33:46 +02:00
SDL_opengles.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_opengles2.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_opengles2_gl2.h Fixed crash if initialization of EGL failed but was tried again later. 2015-06-21 17:33:46 +02:00
SDL_opengles2_gl2ext.h Fixed crash if initialization of EGL failed but was tried again later. 2015-06-21 17:33:46 +02:00
SDL_opengles2_gl2platform.h Fixed crash if initialization of EGL failed but was tried again later. 2015-06-21 17:33:46 +02:00
SDL_opengles2_khrplatform.h Fixed crash if initialization of EGL failed but was tried again later. 2015-06-21 17:33:46 +02:00
SDL_pixels.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_platform.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_power.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_quit.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_rect.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_render.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_revision.h mistake: Revert the files that I did not mean to commit 2017-03-01 15:05:54 -08:00
SDL_rwops.h Fixed comments in headers for doxygen output. 2017-06-04 23:15:39 +02:00
SDL_scancode.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_shape.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_stdinc.h Make compile-time assert error messages more clear. 2017-06-10 15:38:14 -04:00
SDL_surface.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_system.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_syswm.h syswm: prevent buffer overflow if SDL and app have different config headers. 2017-06-11 00:50:26 -04:00
SDL_test.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_test_assert.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_test_common.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_test_compare.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_test_crc32.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_test_font.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_test_fuzzer.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_test_harness.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_test_images.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_test_log.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_test_md5.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_test_random.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_thread.h Updated library name in header file. 2017-02-19 21:05:26 +01:00
SDL_timer.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_touch.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_types.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_version.h Updated copyright for 2017 2017-01-01 18:33:28 -08:00
SDL_video.h Fixed comments in headers for doxygen output. 2017-06-04 23:15:39 +02:00