This is needed to support CHERI, and thus Arm's experimental Morello
prototype, where pointers are implemented using unforgeable capabilities
that include bounds and permissions metadata to provide fine-grained
spatial and referential memory safety, as well as revocation by sweeping
memory to provide heap temporal memory safety.
The referential safety is enforced through the use of tagged memory, and
there is only a single tag bit per capability-sized word, meaning it is
impossible to store capabilities at unaligned locations, either getting
a trap on load/store or the validity tag being stripped when
round-tripepd through memory.
Since this is a new ABI for which SDL has never been compiled before, we
do not need to be concerned with this compatibility measure, so just
don't pack the struct for CHERI architectures.
This code is inherently rather dubious anyway; if MSVC and GCC disagree
on struct layout when targeting Windows then that is a bug in GCC, but
likely extends from the bogus #pragma pack directives for MSVC in
begin_code.h, which will force types to be *underaligned* (and is
attempting to work around something that is fundamentally a broken idea
to be doing). In particular 8-byte-aligned types will be underaligned to
4 bytes, but only on MSVC. Since that code is not used for GCC that is
probably the cause of the struct layout discrepancy, and there are
likely other instances of that throughout SDL. Moreover, the supposed
fix here is not in fact a fix, as now GCC will think SDL_AudioCVT is
only 1-byte-aligned but MSVC will think it's 4-byte or 8-byte-aligned,
meaning ABI incomatibility is introduced by this change. However,
removing it would break ABI compatibility for purely-GCC-compiled code
(as old binaries would see the struct as 1-byte-aligned and new binaries
would see the struct as 8-byte-aligned) so SDL is stuck with this until
it bumps its ABI.
Simon Hug
I had a look at this and made some additions to SDL_wave.c.
The attached patch adds many checks and error messages. For some reason I also added A-law and ?-law decoders. Forgot exactly why... but hey, they're small.
The WAVE format is seriously underspecified (at least by the documents that are publicly available on the internet) and it's a shame Microsoft never put something better out there. The language used in them is so loose at times, it's not surprising the encoders and decoders behave very differently. The Windows Media Player doesn't even support MS ADPCM correctly.
The patch also adds some hints to make the decoder more strict at the cost of compatibility with weird WAVE files.
I still think it needs a bit of cleaning up (Not happy with the MultiplySize function. Don't like the name and other SDL code may want to use something like this too.) and some duplicated code may be folded together. It does work in this state and I have thrown all kinds of WAVE files at it. The AFL files also pass with it and some even play (obviously just noise). Crafty little fuzzer.
Any critique would be welcome. I have a fork of SDL with a audio-loadwav branch over here if someone wants to use the commenting feature of Bitbucket:
https://bitbucket.org/ChliHug/SDL
I also cobbled some Lua scripts together to create WAVE test files:
https://bitbucket.org/ChliHug/gendat
Author: Anthony Pesch <inolen@gmail.com>
Date: Fri May 4 20:21:21 2018 -0400
Added SDL_AUDIO_ALLOW_SAMPLES_CHANGE flag enabling users of SDL_OpenAudioDevice to get
the sample size of the actual hardware buffer vs having a stream created to handle the
delta
Simon Hug
There's a chance that an audio conversion from many channels to a few can use more than 9 audio filters. SDL_AudioCVT has 10 SDL_AudioFilter pointers of which one has to be the terminating NULL pointer. The SDL code has no checks for this limit. If it overflows there can be stack or heap corruption or a call to 0xa.
Attached patch adds a function that checks for this limit and throws an error if it is reached. Also adds some documentation.
Test parameters that trigger this issue:
AUDIO_U16MSB with 224 channels at 46359 Hz
V
AUDIO_S16MSB with 6 channels at 27463 Hz
The fuzzer program I uploaded in bug 3667 has more of them.
These don't have to be power-of-2 sizes anymore because of SDL_AudioStream,
and the new resampler, but also, many platforms don't give you power-of-2 DMA
buffer in the first place!
The internal function SDL_EGL_LoadLibrary() did not delete and remove a mostly
uninitialized data structure if loading the library first failed. A later try to
use EGL then skipped initialization and assumed it was previously successful
because the data structure now already existed. This led to at least one crash
in the internal function SDL_EGL_ChooseConfig() because a NULL pointer was
dereferenced to make a call to eglBindAPI().
SDL Wiki Bot
Ryan C. Gordon
Jessica Clarke
Ethan Lee
Sam Lantinga
Philipp Wiesemann