Skip to content
Permalink
Browse files
Fixed potential overflow in surface allocation (thanks Yves!)
  • Loading branch information
slouken committed Oct 6, 2017
1 parent 312da26 commit d9e1036e0f88601f600c1d1226793dab5c37a8c7
Showing with 9 additions and 1 deletion.
  1. +9 −1 src/video/SDL_surface.c
@@ -80,7 +80,15 @@ SDL_CreateRGBSurfaceWithFormat(Uint32 flags, int width, int height, int depth,

/* Get the pixels */
if (surface->w && surface->h) {
surface->pixels = SDL_malloc(surface->h * surface->pitch);
int size = (surface->h * surface->pitch);
if (size < 0 || (size / surface->pitch) != surface->h) {
/* Overflow... */
SDL_FreeSurface(surface);
SDL_OutOfMemory();
return NULL;
}

surface->pixels = SDL_malloc(size);
if (!surface->pixels) {
SDL_FreeSurface(surface);
SDL_OutOfMemory();

0 comments on commit d9e1036

Please sign in to comment.