Improved handling of function parameter validation

SDL supports the following use cases: * Normal operation with fast parameter checks (default): SDL_SetHint(SDL_HINT_INVALID_PARAM_CHECKS, "1"); * Object parameters are checked for use-after-free issues: SDL_SetHint(SDL_HINT_INVALID_PARAM_CHECKS, "2"); * Enable full validation, plus assert on invalid parameters: #define SDL_ASSERT_INVALID_PARAMS * Disable all parameter validation: #define SDL_DISABLE_INVALID_PARAMS
2025-09-30 15:08:31 +00:00 · 2025-09-16 18:23:06 -07:00
parent 49e15904ae
commit ee1c90a358
4 changed files with 592 additions and 353 deletions
--- a/src/SDL_internal.h
+++ b/src/SDL_internal.h
@@ -290,6 +290,21 @@ extern SDL_NORETURN void SDL_ExitProcess(int exitcode);
 #define POP_SDL_ERROR() \
    SDL_SetError("%s", _error); SDL_free(_error); }

+#if defined(SDL_DISABLE_INVALID_PARAMS)
+#ifdef DEBUG
+// If you define SDL_DISABLE_INVALID_PARAMS, you're promising that you'll
+// never pass an invalid parameter to SDL, since it may crash or lead to
+// hard to diagnose bugs. Let's assert that this is true in debug builds.
+#define CHECK_PARAM(invalid) SDL_assert_always(!(invalid)); if (false)
+#else
+#define CHECK_PARAM(invalid) if (false)
+#endif
+#elif defined(SDL_ASSERT_INVALID_PARAMS)
+#define CHECK_PARAM(invalid) SDL_assert_always(!(invalid)); if (invalid)
+#else
+#define CHECK_PARAM(invalid) if (invalid)
+#endif
+
 // Do any initialization that needs to happen before threads are started
 extern void SDL_InitMainThread(void);