From e9a0edc84768eccc78ce37f77217a4fe2429d2c1 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Thu, 18 Jan 2024 19:40:40 +0000 Subject: [PATCH] testautomation_surface: Really make width * bpp overflow A surface of width (0x7fff'ffff) / 2 = 0x3fff'ffff is not quite large enough to make the pitch overflow in the way we wanted to test here: with a 32-bit format, that makes each row 0xffff'fffc bytes, which (just) fits in a 32-bit unsigned size_t. Increasing it to 0x4000'0000 pixels per row is enough to trigger the overflow we intended to test. In SDL 2, this test bug was hidden by the fact that allocating 0xffff'fffc bytes on a 32-bit platform is very likely to fail, and SDL 2 reported both "malloc() failed" and "this amount of memory is too large for a size_t" with the same error code. Signed-off-by: Simon McVittie --- test/testautomation_surface.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/testautomation_surface.c b/test/testautomation_surface.c index 22fafa4564..3405ae3000 100644 --- a/test/testautomation_surface.c +++ b/test/testautomation_surface.c @@ -764,7 +764,8 @@ static int surface_testOverflow(void *arg) SDLTest_AssertCheck(surface == NULL, "Should detect overflow in pitch + alignment"); SDLTest_AssertCheck(SDL_strcmp(SDL_GetError(), expectedError) == 0, "Expected \"%s\", got \"%s\"", expectedError, SDL_GetError()); - surface = SDL_CreateSurface(SDL_MAX_SINT32 / 2, 1, SDL_PIXELFORMAT_ARGB8888); + /* 0x4000'0000 * 4bpp = 0x1'0000'0000 which (just) overflows */ + surface = SDL_CreateSurface(0x40000000, 1, SDL_PIXELFORMAT_ARGB8888); SDLTest_AssertCheck(surface == NULL, "Should detect overflow in width * bytes per pixel"); SDLTest_AssertCheck(SDL_strcmp(SDL_GetError(), expectedError) == 0, "Expected \"%s\", got \"%s\"", expectedError, SDL_GetError());