From 8dd6edec00bb604a19385d9b02cb692e9c280220 Mon Sep 17 00:00:00 2001 From: Sylvain Date: Tue, 23 Nov 2021 09:30:42 +0100 Subject: [PATCH] Fixed bug #3232 - Integer overflow generates Illegal instruction under sanitizers + see bug #4995 --- src/render/opengl/SDL_render_gl.c | 4 ++-- src/render/opengles/SDL_render_gles.c | 4 ++-- src/render/opengles2/SDL_render_gles2.c | 12 ++++++------ src/render/psp/SDL_render_psp.c | 8 ++++---- src/render/vitagxm/SDL_render_vita_gxm.c | 2 +- src/video/x11/edid-parse.c | 2 +- 6 files changed, 16 insertions(+), 16 deletions(-) diff --git a/src/render/opengl/SDL_render_gl.c b/src/render/opengl/SDL_render_gl.c index 5fd290a62e..07280865e9 100644 --- a/src/render/opengl/SDL_render_gl.c +++ b/src/render/opengl/SDL_render_gl.c @@ -1177,7 +1177,7 @@ GL_RunCommandQueue(SDL_Renderer * renderer, SDL_RenderCommand *cmd, void *vertic const Uint8 g = cmd->data.color.g; const Uint8 b = cmd->data.color.b; const Uint8 a = cmd->data.color.a; - const Uint32 color = ((a << 24) | (r << 16) | (g << 8) | b); + const Uint32 color = (((Uint32)a << 24) | (r << 16) | (g << 8) | b); if (color != data->drawstate.color) { data->glColor4f((GLfloat) r * inv255f, (GLfloat) g * inv255f, @@ -1215,7 +1215,7 @@ GL_RunCommandQueue(SDL_Renderer * renderer, SDL_RenderCommand *cmd, void *vertic const Uint8 g = cmd->data.color.g; const Uint8 b = cmd->data.color.b; const Uint8 a = cmd->data.color.a; - const Uint32 color = ((a << 24) | (r << 16) | (g << 8) | b); + const Uint32 color = (((Uint32)a << 24) | (r << 16) | (g << 8) | b); if (color != data->drawstate.clear_color) { const GLfloat fr = ((GLfloat) r) * inv255f; const GLfloat fg = ((GLfloat) g) * inv255f; diff --git a/src/render/opengles/SDL_render_gles.c b/src/render/opengles/SDL_render_gles.c index 10f4e86eb9..5beac99361 100644 --- a/src/render/opengles/SDL_render_gles.c +++ b/src/render/opengles/SDL_render_gles.c @@ -667,7 +667,7 @@ SetDrawState(GLES_RenderData *data, const SDL_RenderCommand *cmd) const Uint8 g = cmd->data.draw.g; const Uint8 b = cmd->data.draw.b; const Uint8 a = cmd->data.draw.a; - const Uint32 color = ((a << 24) | (r << 16) | (g << 8) | b); + const Uint32 color = (((Uint32)a << 24) | (r << 16) | (g << 8) | b); if (color != data->drawstate.color) { const GLfloat fr = ((GLfloat) r) * inv255f; @@ -821,7 +821,7 @@ GLES_RunCommandQueue(SDL_Renderer * renderer, SDL_RenderCommand *cmd, void *vert const Uint8 g = cmd->data.color.g; const Uint8 b = cmd->data.color.b; const Uint8 a = cmd->data.color.a; - const Uint32 color = ((a << 24) | (r << 16) | (g << 8) | b); + const Uint32 color = (((Uint32)a << 24) | (r << 16) | (g << 8) | b); if (color != data->drawstate.clear_color) { const GLfloat fr = ((GLfloat) r) * inv255f; const GLfloat fg = ((GLfloat) g) * inv255f; diff --git a/src/render/opengles2/SDL_render_gles2.c b/src/render/opengles2/SDL_render_gles2.c index df6b9fd4fe..4e6d1d6008 100644 --- a/src/render/opengles2/SDL_render_gles2.c +++ b/src/render/opengles2/SDL_render_gles2.c @@ -673,9 +673,9 @@ GLES2_QueueDrawPoints(SDL_Renderer * renderer, SDL_RenderCommand *cmd, const SDL } if (colorswap == 0) { - color = (cmd->data.draw.r << 0) | (cmd->data.draw.g << 8) | (cmd->data.draw.b << 16) | (cmd->data.draw.a << 24); + color = (cmd->data.draw.r << 0) | (cmd->data.draw.g << 8) | (cmd->data.draw.b << 16) | ((Uint32)cmd->data.draw.a << 24); } else { - color = (cmd->data.draw.r << 16) | (cmd->data.draw.g << 8) | (cmd->data.draw.b << 0) | (cmd->data.draw.a << 24); + color = (cmd->data.draw.r << 16) | (cmd->data.draw.g << 8) | (cmd->data.draw.b << 0) | ((Uint32)cmd->data.draw.a << 24); } cmd->data.draw.count = count; @@ -702,9 +702,9 @@ GLES2_QueueDrawLines(SDL_Renderer * renderer, SDL_RenderCommand *cmd, const SDL_ } if (colorswap == 0) { - color = (cmd->data.draw.r << 0) | (cmd->data.draw.g << 8) | (cmd->data.draw.b << 16) | (cmd->data.draw.a << 24); + color = (cmd->data.draw.r << 0) | (cmd->data.draw.g << 8) | (cmd->data.draw.b << 16) | ((Uint32)cmd->data.draw.a << 24); } else { - color = (cmd->data.draw.r << 16) | (cmd->data.draw.g << 8) | (cmd->data.draw.b << 0) | (cmd->data.draw.a << 24); + color = (cmd->data.draw.r << 16) | (cmd->data.draw.g << 8) | (cmd->data.draw.b << 0) | ((Uint32)cmd->data.draw.a << 24); } cmd->data.draw.count = count; @@ -786,7 +786,7 @@ GLES2_QueueGeometry(SDL_Renderer *renderer, SDL_RenderCommand *cmd, SDL_Texture g = (col_ >> 8) & 0xff; b = (col_ >> 16) & 0xff; a = (col_ >> 24) & 0xff; - col_ = (r << 16) | (g << 8) | (b << 0) | (a << 24); + col_ = (r << 16) | (g << 8) | (b << 0) | ((Uint32)a << 24); *((int *)verts++) = col_; } @@ -1106,7 +1106,7 @@ GLES2_RunCommandQueue(SDL_Renderer * renderer, SDL_RenderCommand *cmd, void *ver const Uint8 g = cmd->data.color.g; const Uint8 b = colorswap ? cmd->data.color.r : cmd->data.color.b; const Uint8 a = cmd->data.color.a; - const Uint32 color = ((a << 24) | (r << 16) | (g << 8) | b); + const Uint32 color = (((Uint32)a << 24) | (r << 16) | (g << 8) | b); if (color != data->drawstate.clear_color) { const GLfloat fr = ((GLfloat) r) * inv255f; const GLfloat fg = ((GLfloat) g) * inv255f; diff --git a/src/render/psp/SDL_render_psp.c b/src/render/psp/SDL_render_psp.c index 9dbcef5143..40cbd4d661 100644 --- a/src/render/psp/SDL_render_psp.c +++ b/src/render/psp/SDL_render_psp.c @@ -847,7 +847,7 @@ PSP_RunCommandQueue(SDL_Renderer * renderer, SDL_RenderCommand *cmd, void *verti const Uint8 g = cmd->data.color.g; const Uint8 b = cmd->data.color.b; const Uint8 a = cmd->data.color.a; - const Uint32 color = ((a << 24) | (b << 16) | (g << 8) | r); + const Uint32 color = (((Uint32)a << 24) | (b << 16) | (g << 8) | r); /* !!! FIXME: we could cache drawstate like clear color */ sceGuClearColor(color); sceGuClearDepth(0); @@ -862,7 +862,7 @@ PSP_RunCommandQueue(SDL_Renderer * renderer, SDL_RenderCommand *cmd, void *verti const Uint8 g = cmd->data.draw.g; const Uint8 b = cmd->data.draw.b; const Uint8 a = cmd->data.draw.a; - const Uint32 color = ((a << 24) | (b << 16) | (g << 8) | r); + const Uint32 color = (((Uint32)a << 24) | (b << 16) | (g << 8) | r); /* !!! FIXME: we could cache draw state like color, texturing, etc */ sceGuColor(color); sceGuDisable(GU_TEXTURE_2D); @@ -880,7 +880,7 @@ PSP_RunCommandQueue(SDL_Renderer * renderer, SDL_RenderCommand *cmd, void *verti const Uint8 g = cmd->data.draw.g; const Uint8 b = cmd->data.draw.b; const Uint8 a = cmd->data.draw.a; - const Uint32 color = ((a << 24) | (b << 16) | (g << 8) | r); + const Uint32 color = (((Uint32)a << 24) | (b << 16) | (g << 8) | r); /* !!! FIXME: we could cache draw state like color, texturing, etc */ sceGuColor(color); sceGuDisable(GU_TEXTURE_2D); @@ -898,7 +898,7 @@ PSP_RunCommandQueue(SDL_Renderer * renderer, SDL_RenderCommand *cmd, void *verti const Uint8 g = cmd->data.draw.g; const Uint8 b = cmd->data.draw.b; const Uint8 a = cmd->data.draw.a; - const Uint32 color = ((a << 24) | (b << 16) | (g << 8) | r); + const Uint32 color = (((Uint32)a << 24) | (b << 16) | (g << 8) | r); /* !!! FIXME: we could cache draw state like color, texturing, etc */ sceGuColor(color); sceGuDisable(GU_TEXTURE_2D); diff --git a/src/render/vitagxm/SDL_render_vita_gxm.c b/src/render/vitagxm/SDL_render_vita_gxm.c index fed4bb4862..4659fe890e 100644 --- a/src/render/vitagxm/SDL_render_vita_gxm.c +++ b/src/render/vitagxm/SDL_render_vita_gxm.c @@ -446,7 +446,7 @@ VITA_GXM_QueueSetDrawColor(SDL_Renderer * renderer, SDL_RenderCommand *cmd) const Uint8 g = cmd->data.color.g; const Uint8 b = cmd->data.color.b; const Uint8 a = cmd->data.color.a; - data->drawstate.color = ((a << 24) | (b << 16) | (g << 8) | r); + data->drawstate.color = (((Uint32)a << 24) | (b << 16) | (g << 8) | r); return 0; } diff --git a/src/video/x11/edid-parse.c b/src/video/x11/edid-parse.c index af80edd4af..c717f1b1f4 100644 --- a/src/video/x11/edid-parse.c +++ b/src/video/x11/edid-parse.c @@ -76,7 +76,7 @@ decode_vendor_and_product_identification (const uchar *edid, MonitorInfo *info) /* Serial Number */ info->serial_number = - edid[0x0c] | edid[0x0d] << 8 | edid[0x0e] << 16 | edid[0x0f] << 24; + edid[0x0c] | edid[0x0d] << 8 | edid[0x0e] << 16 | (Uint32)edid[0x0f] << 24; /* Week and Year */ is_model_year = FALSE;