12 May
2012
12 May
'12
1:22 p.m.
On 10 May 2012 20:39, Stefan Dösinger stefandoesinger@gmx.at wrote:
Some test suggestions:
*) See if the pitch_or_linearsize member is used at all *) Non-DWORD aligned pitches *) Pitches that are not pixel-size aligned *) pitch < width * byte_per_pixel *) Negative pitches / pitches > 2^31(Remember the LONG vs DWORD) *) A too small linear size for compressed surfaces(e.g. < block size)
If we're testing things anyway, integer overflows are always cute to test for as well, in particular for these kinds of image handling functions where you end up multiplying potentially untrusted width, height and bpp. We probably don't handle that correctly at all.