From eb059538f8773ad72648f694c7c52e4aa11c1647 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Thu, 18 Jan 2024 19:35:33 +0000 Subject: [PATCH] testautomation_surface: Really make pitch + alignment overflow Adding 3 bytes of alignment to 0x7fff'ffff is not enough to make it overflow a 4-byte unsigned size_t, so this test was not exercising the intended failure mode. We cannot actually make this overflow with a signed 32-bit width and an 8-bit format: the maximum width is not enough to achieve that. However, if we switch to a 24-bit format, we can make the calculation overflow. In SDL 2, this test bug was hidden by the fact that allocating 0x7fff'ffff bytes on a 32-bit platform will usually fail, and SDL 2 reported both "malloc() failed" and "this amount of memory is too large for a size_t" with the same error code. Signed-off-by: Simon McVittie --- test/testautomation_surface.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/test/testautomation_surface.c b/test/testautomation_surface.c index 93da3740f..22fafa456 100644 --- a/test/testautomation_surface.c +++ b/test/testautomation_surface.c @@ -758,8 +758,10 @@ static int surface_testOverflow(void *arg) if (sizeof(size_t) == 4 && sizeof(int) >= 4) { expectedError = "Out of memory"; - surface = SDL_CreateSurface(SDL_MAX_SINT32, 1, SDL_PIXELFORMAT_INDEX8); - SDLTest_AssertCheck(surface == NULL, "Should detect overflow in width + alignment"); + /* 0x5555'5555 * 3bpp = 0xffff'ffff which fits in size_t, but adding + * alignment padding makes it overflow */ + surface = SDL_CreateSurface(0x55555555, 1, SDL_PIXELFORMAT_RGB24); + SDLTest_AssertCheck(surface == NULL, "Should detect overflow in pitch + alignment"); SDLTest_AssertCheck(SDL_strcmp(SDL_GetError(), expectedError) == 0, "Expected \"%s\", got \"%s\"", expectedError, SDL_GetError()); surface = SDL_CreateSurface(SDL_MAX_SINT32 / 2, 1, SDL_PIXELFORMAT_ARGB8888);