If IMA ADPCM format chunk was too short, InitIMA_ADPCM() parsing it
could read past the end of chunk data. This patch fixes it.
CVE-2019-7578
https://bugzilla.libsdl.org/show_bug.cgi?id=4494
Signed-off-by: Petr P?sa? <ppisar@redhat.com>
ace
I got this bug in SDL_ttf:
https://bugzilla.libsdl.org/show_bug.cgi?id=4524
Sylvain proposed solution:
SDL_RWseek(RWops, 0, RW_SEEK_SET);
And it works, but i can use it my project, because it written in C# with SDL2-CS wrapper and there not export for macroses:
#define SDL_RWsize(ctx) (ctx)->size(ctx)
#define SDL_RWseek(ctx, offset, whence) (ctx)->seek(ctx, offset, whence)
#define SDL_RWtell(ctx) (ctx)->seek(ctx, 0, RW_SEEK_CUR)
#define SDL_RWread(ctx, ptr, size, n) (ctx)->read(ctx, ptr, size, n)
#define SDL_RWwrite(ctx, ptr, size, n) (ctx)->write(ctx, ptr, size, n)
#define SDL_RWclose(ctx) (ctx)->close(ctx)
Therefore, I suggest replacing this macros with functions so that they can be exported and used in bindings
This device is a copy of the Xbox Controller S and currently the one most sold
when shopping for a 'new' Xbox gamepad on eBay and AliExpress.
Except for the quirky USB ID id behaves just like a normal Xbox controller (when
ignoring the subpar build quality)
Noam Preil
In src/joystick/linux/SDL_sysjoystick.c:
The ConfigJoystick function's axes detection starts with a for loop using an index i for Linux's axes names. When i gets to ABS_HAT0X, it's set to ABS_HAT3Y and a continue statement appears, to skip the hats. This makes sense, as SDL handles hats separately from axes.
However, in PollAllValues, *two* indices are used: a and b. Both start out the same, and remain so until the hats are reached. At that point, a becomes identical to the i from ConfigJoystick's loop, but b is equal to a - (ABS_HAT3Y - ABS_HAT0X), or a - 8.
While all the joystick->hwdata->abs_* structures in ConfigJoystick used i - which would here be a - as both the index and the ioctl argument, PollAllValues uses b for the structure index and a as the ioctl argument.
It would appear, however, that no joystick HAS such axes, and that the b index is entirely unnecessary.
I tested three separate joysticks, and while that was far from a complete listing, I was unable to find a joystick with an axis above 0x08.
tschwinger
Respect the BUILD_SHARED_LIBS variable when defined, and build either shared or static libs, which is CMake's default behavior (See https://cmake.org/cmake/help/latest/variable/BUILD_SHARED_LIBS.html).
If the variable is not defined, the current behavior remains unchanged and both variants are built where the platform supports it. This way, it remains possible to build both in one shot, which seems convenient for distro builds and useful to promote some consistency between them.
tschwinger
Followup to #3651
As already noted by Ryan, no framework is being built, so we better install to lib/cmake.
That code was originally part of a patch submitted by David Demelier, whose credit BTW got lost (I combined his patch for #3572 with fixes for #2576 and #3613 resulting in #3651 because things started to depend on another).
I tested that the configuration files are found correctly in the new location on MacOS X based on a hint to the root (see https://cmake.org/cmake/help/latest/command/find_package.html#search-procedure).
Dexter Friedman
When using a Dualshock 4 controller (model numbers CUH-ZCT1U and CUH-ZCT2U), pressing anywhere on the center touchpad does not send an SDL_JOYBUTTONDOWN event. I have verified this with testjoystick:
Repro steps:
1. Plug in a DS4 over USB
2. Compile testjoystick and run: testjoystick.exe 0
3. Press and hold the touchpad. Observe that no lime green box appears
Expected behavior:
A lime green box appears while the touchpad is pressed.
Notes:
I've attached a patch here that works on my PC and produces the expected behavior in testjoystick, for both DS4 model numbers I listed earlier.
If I understand correctly, by exposing this as a joystick button, the gamecontroller API mapping can be modified with a change to gamecontrollerdb.txt in the future.
Matt Brocklehurst
We've noticed that if you are playing audio on Windows via the WASAPI interface and you unplug and reconnect the device a few times the program hangs.
We've debugged the problem down to
static void
WASAPI_WaitDevice(_THIS)
{
... snip ...
if (WaitForSingleObjectEx(this->hidden->event, INFINITE, FALSE) == WAIT_OBJECT_0) {
... snip ...
}
This WaitForSingleObjectEx does not havbe a time out defined, so it hangs there forever.
Our suggested fix we found was to include a time out of say 200mSec
We have done quite a bit of testing with this fix in place on various hardware configurations and it seems to have resolved the issue.
The Nintendo USB GameCube adapter has four controller ports. Return
the port number as 0 to 3 from SDL_JoystickGetPlayerIndex() and
SDL_JoystickGetDevicePlayerIndex().
Nia Alarie
The NetBSD audio driver has a few problems. Lots of obsolete code, and extremely bad performance and stuttering.
I have a patch in NetBSD's package system to improve it. This is my attempt to upstream it.
The changes include:
* Removing references to defines which are never used.
* Using the correct structures for playback and recording, previously they were the wrong way around.
* Using the correct types ('struct audio_prinfo' in contrast to 'audio_prinfo')
* Removing the use of non-blocking I/O, as suggested in #3177.
* Removing workarounds for driver bugs on systems that don't exist or use this driver any more.
* Removing all usage of SDL_Delay(1)
* Removing pointless use of AUDIO_INITINFO and tests that expect AUDIO_SETINFO to fail when it can't.
These changes bring its performance in line with the DSP audio driver.
bplu4t2f
When num lock is on, the scancode reported for numpad 5 is SDL_SCANCODE_KP_5, which is correct. However, when num lock is off, windows reports the VK_CLEAR virtual key code, which is incorrectly translated into SDL_SCANCODE_CLEAR inside of the VKeytoScancode(WPARAM vkey) function.
Jan Martin Mikkelsen
The evdev interface is available on FreeBSD, with the xf86-input-evdev for include files in /usr/local/include/linux, so <linux/input.h> works, or when build with the native evdev option, where <dev/evdev/input.h> is available.
Jan Martin Mikkelsen
The file src/core/linux/SDL_evdev.c uses the Linux specific types __u32 and __s32. This breaks things on FreeBSD when building with evdev.
Cameron Gutman
I was trying to use SDL_GetQueuedAudioSize() to ensure my audio latency didn't get too high while streaming data in from the network. If I get more than N frames of audio queued, I know that the network is giving me more data than I can play and I need to drop some to keep latency low.
This doesn't work well on WASAPI out of the box, due to the addition of GetPendingBytes() to the amount of queued data. As a terrible hack, I loop 100 times calling SDL_Delay(10) and SDL_GetQueuedAudioSize() before I ever call SDL_QueueAudio() to get a "baseline" amount that I then subtract from SDL_GetQueuedAudioSize() later. However, because this value isn't actually a constant, this hack can cause SDL_GetQueuedAudioSize() - baselineSize to be < 0. This means I have no accurate way of determining how much data is actually queued in SDL's audio buffer queue.
The SDL_GetQueuedAudioSize() documentation says: "This is the number of bytes that have been queued for playback with SDL_QueueAudio(), but have not yet been sent to the hardware." Yet, SDL_GetQueuedAudioSize() returns > 0 value when SDL_QueueAudio() has never been called.
Based on that documentation, I believe the current behavior contradicts the documented behavior of this function and should be changed in line with Boris's patch.
I understand that exposing the IAudioClient::GetCurrentPadding() value is useful, but a solution there needs to take into account what of that data is silence inserted by SDL and what is actual data queued by the user with SDL_QueueAudio(). Until that happens, I think the best approach is to remove the GetPendingBytes() call until SDL is able to keep track of queued data to make sense of it. This would make SDL_GetQueuedAudioSize() possible to use accurately with WASAPI.
In API 28, 0 width views can't take focus, so if someone tries to position the IME without setting a width, they'll stop getting text events.
Tested on Android 9: with a 0 size, it would send correctly letters a, b, c, etc. but not numbers.
Manuel Sabogal
I noticed that the current Android.mk builds a libhidapi.so library for Android but the CMake build hasn't been updated to do so. I'll attach a patch that fixes this issue.
Closing the window is asynchronous, but we free the window data immediately,
so we can get an updateLayer callback before the window is really destroyed which
will cause us to access the freed memory.
Clearing the content view will cause it to be immediately released, so no further
updateLayer callbacks will occur.
Sylvain
Currently SDL_CreateTextureFromSurface picks first valid format, and do a conversion.
format = renderer->info.texture_formats[0];
for (i = 0; i < renderer->info.num_texture_formats; ++i) {
if (!SDL_ISPIXELFORMAT_FOURCC(renderer->info.texture_formats[i]) &&
SDL_ISPIXELFORMAT_ALPHA(renderer->info.texture_formats[i]) == needAlpha) {
format = renderer->info.texture_formats[i];
break;
It could try to find a better format, for instance :
if SDL_Surface has no Amask, but a colorkey :
if surface fmt is RGB888, try to pick ARGB8888 renderer fmt
if surface fmt is BGR888, try to pick ABGR8888 renderer fmt
else
try to pick the same renderer format as surface fmt
if no format has been picked, use the fallback.
I think it goes with bug 4290 fastpath BlitNtoN
when you expand a surface with pixel format of size 24 to 32, there is a fast path possible.
So with this issue:
- if you have a surface with colorkey (RGB or BGR, not palette), it takes a renderer format where the conversion is faster.
(it avoids, if possible, RGB -> ABGR which means switching RGB to BGR)
- if you have a surface ABGR format, it try to take the ABGR from the renderer.
(it avoids, if possible, ABGR -> ARGB, which means switch RGB to BGR)
Thomas Frohwein
Hi,
If a gamepad lists the Dpad as 4 buttons (Dpad Up,Down, Left, Right) like with the Xbox 360 gamepad / XInput report descriptor used by OpenBSD (https://github.com/openbsd/src/blob/master/sys/dev/usb/uhid_rdesc.h#L184), this is not recognized by the SDL BSD backend and no hat or any other listing for the D-pad exists, e.g. in sdl2-jstest (https://gitlab.com/sdl-jstest/sdl-jstest).
The attached diff fixes this and makes the D-pad on my Xbox 360 and Logitech F310 controllers usable. It adds a hat to nhats when usage HUG_DPAD_UP is found, reads the state of the D-pad buttons into array dpad[], and turns the value of dpad[] into an SDL hat direction (dpad_to_sdl()).
Tested and works with Xbox 360 controller and Logitech F310 in XInput mode. Software-side tested with sdl2-jstest and Owlboy where this worked without problems or regressions.
I don't know if this would be applicable to other *BSDs and don't have an install to test it with, therefore wrapped it in __OpenBSD__ ifdefs.
Thanks,
thfr
Removed incorrect call to SDL_SendWindowEvent(window, SDL_WINDOWEVENT_MOVED, x, y);
If the position of the window isn't adjusted in the SetWindowPosition() call, then sending the window event would have no effect because x and y equals the window x and y. If the position of the window is adjusted in the SetWindowPosition() call, then we don't want to clobber it with values that the user passed in.
Sylvain
OpenGLES2 SDL renderer has support for textures ARGB, ABGR, RGB and BGR, whereas OpenGL SDL renderer only had ARGB.
If you think it's worth adding it, here's a patch. I quickly tried and it worked, but there may be missing things or corner case.