freebsd-skq/lib/libvgl
bde 37338fb0d0 Fix buffer overruns in modes with color depth more than 8.
Support for 16-bit and 32-bit Truecolor modes was supposed to be
complete in r70991 of main.c and in nearby revisions for other files, but
it was broken by the overruns in most cases (all cases were the mouse
is enabled, and most cases where bitmaps are used).  r70991 also
uninintentionally added support for depths 9-15, 17-23 and 25-31.
Depth 24 was more obviously broken and its support is ifdefed out.  In
the other ranges, only depth 15 is common.  It was broken by buffer
overruns in all cases.

bitmap.c:
- the static buffer was used even when it was too small (but it was
  large enough to often work accidentally in depth 16)
- the size of the dynamically allocated buffer was too small
- the sizing info bitmap->PixelBytes was not inititialzed in the bitmap
  constructor.  It often ended up as 0 for MEMBUFs, so using it in more
  places gave more null pointer accesses.  (It is per-bitmap, but since
  conversion between bitmaps of different depths is not supported (except
  from 4 bits by padding to 8), it would work better if it were global.)

main.c:
- depths were rounded down instead of up to a multiple of 8, so PixelBytes
  was 1 too small for depths above 8 except 16, 24 and 32.
- PixelBytes was not initialized for 4-bit planar modes.  It isn't really
  used for frame buffer accesses in these modes, but needs to be 1 in
  MEMBUF images.

mouse.c:
- the mouse cursor buffers were too small.

vgl.h:
- PixelBytes was not initialized in the static bitmap constructor.  It
  should be initialized to the value for the current mode, but that is
  impossible in a static constructor.  Initialize it to -1 so as to
  fail if it is used without further initialization.

All modes that are supposed to be supported now don't crash in
nontrivial tests, and almost work.  Missing uses of PixelBytes now
give in-bounds wrong pointers instead of overruns.  Misconversions of
bitmaps give multiple miscolored mouse cursors instead of 1 white one,
and similarly for bitmaps copied through a MEMBUF.
2019-03-24 18:57:03 +00:00
..
bitmap.c Fix buffer overruns in modes with color depth more than 8. 2019-03-24 18:57:03 +00:00
keyboard.c lib: further adoption of SPDX licensing ID tags. 2017-11-26 02:00:33 +00:00
main.c Fix buffer overruns in modes with color depth more than 8. 2019-03-24 18:57:03 +00:00
Makefile
Makefile.depend
mouse.c Fix buffer overruns in modes with color depth more than 8. 2019-03-24 18:57:03 +00:00
simple.c lib: further adoption of SPDX licensing ID tags. 2017-11-26 02:00:33 +00:00
text.c lib: further adoption of SPDX licensing ID tags. 2017-11-26 02:00:33 +00:00
vgl.3
vgl.h Fix buffer overruns in modes with color depth more than 8. 2019-03-24 18:57:03 +00:00