jengelh/SDL2
SHA256
1
0
Fork 1
forked from pool/SDL2
Code Pull Requests Activity

Accepting request 725412 from home:mgorse:branches:games

Browse Source 
- Add CVE-2019-13616.patch: fix heap buffer overflow when reading 
  a crafted bmp file (boo#1141844 CVE-2019-13616).

    potential security exploits (boo#1142031 CVE-2019-13626)

OBS-URL: https://build.opensuse.org/request/show/725412
OBS-URL: https://build.opensuse.org/package/show/games/SDL2?expand=0&rev=89
This commit is contained in:
Jan Engelhardt 2019-08-22 20:06:02 +00:00 committed by Git OBS Bridge
parent bbd15f9ec1
commit 49aed970ee
3 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
CVE-2019-13616.patch Normal file
View File

@ -0,0 +1,15 @@
diff -r b810b78d32cc -r e7ba650a643a src/video/SDL_bmp.c
--- a/src/video/SDL_bmp.c Thu Jul 25 08:05:13 2019 -0500
+++ b/src/video/SDL_bmp.c Tue Jul 30 11:00:00 2019 -0700
@@ -226,6 +226,11 @@
SDL_RWseek(src, (biSize - headerSize), RW_SEEK_CUR);
}
}
+ if (biWidth <= 0 || biHeight == 0) {
+ SDL_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight);
+ was_error = SDL_TRUE;
+ goto done;
+ }
if (biHeight < 0) {
topDown = SDL_TRUE;
biHeight = -biHeight;

8
SDL2.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Thu Aug 22 16:43:13 UTC 2019 - Michael Gorse <mgorse@suse.com>
- Add CVE-2019-13616.patch: fix heap buffer overflow when reading
a crafted bmp file (boo#1141844 CVE-2019-13616).
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Aug 11 04:29:55 UTC 2019 - Jan Engelhardt <jengelh@inai.de> Sun Aug 11 04:29:55 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
@ -44,7 +50,7 @@ Fri Jul 26 07:44:39 UTC 2019 - Luigi Baldoni <aloisio@gmx.com>
* Added the hint SDL_HINT_MOUSE_TOUCH_EVENTS to control * Added the hint SDL_HINT_MOUSE_TOUCH_EVENTS to control
whether SDL will synthesize touch events from mouse events whether SDL will synthesize touch events from mouse events
* Improved handling of malformed WAVE and BMP files, fixing * Improved handling of malformed WAVE and BMP files, fixing
potential security exploits potential security exploits (boo#1142031 CVE-2019-13626)
* Removed the Mir video driver in favor of Wayland * Removed the Mir video driver in favor of Wayland
- Refreshed sdl2-symvers.patch - Refreshed sdl2-symvers.patch

1
SDL2.spec
View File

@ -32,6 +32,7 @@ Source3: %name.keyring
Source4: baselibs.conf Source4: baselibs.conf
Patch1: sdl2-symvers.patch Patch1: sdl2-symvers.patch
Patch2: SDL2-endian.patch Patch2: SDL2-endian.patch
Patch3: CVE-2019-13616.patch
BuildRequires: cmake BuildRequires: cmake
BuildRequires: dos2unix BuildRequires: dos2unix
BuildRequires: gcc-c++ BuildRequires: gcc-c++