commit | e73a5f0dff3b879bfcad79df2e44dea382fb607e | [log] [tgz] |
---|---|---|
author | Sam Lantinga <slouken@libsdl.org> | Mon Oct 16 14:57:42 2017 -0700 |
committer | Sam Lantinga <slouken@libsdl.org> | Mon Oct 16 14:57:42 2017 -0700 |
tree | 174eab9a5bc5300a4125be4a0e98647674082f8b | |
parent | fc917367af5ad5053044c593c6244943072db7aa [diff] |
Fixed bug 3890 - Incomplete fix for CVE-2017-2888 Felix Geyer http://hg.libsdl.org/SDL/rev/7e0f1498ddb5 tries to fix CVE-2017-2888. Unfortunately compilers may optimize the second condition "(size / surface->pitch) != surface->h" away. See https://bugzilla.redhat.com/show_bug.cgi?id=1500623#c2 I've verified that this is also the case on Debian unstable (gcc 7.2).