diff --git a/changes.txt b/changes.txt index 4b5067cb..116719e5 100644 --- a/changes.txt +++ b/changes.txt @@ -342,7 +342,15 @@ Changes in 1.9 (not yet released) - burningvideo: mipmaplevel adjusted ( not that bad bokeh...(sometimes) ) -------------------------- -Changes in 1.8.5 +Changes in 1.8.6 +- Security: Fix buffer overflow caused by malformed md2 files. Thanks @procfs for reporting (https://irrlicht.sourceforge.io/forum/viewtopic.php?f=7&t=52785) +- Makefile now only adds CFLAGS instead of overwriting them. +- Several spelling fixes (Patch #455). Thanks @J. Puydt + +-------------------------- +Changes in 1.8.5 (1st November 2021, svn [r6263]) + - Fix some aes compile warnings on gcc about fall-throughs. + - No longer include sys/sysctl.h on other platforms than OSX. Fixes compile errors in COSOperator on newer Linux systems. - Update script to generate tutorial.html's in example folders. Add missing ones. Update existing ones. Thanks @Guillian J for noticing those were outdated. - Update libpng to 1.6.37 (from 1.6.23) - Fix CIrrDeviceSDL::getVideoModeList which didn't return video modes before. Thx @kas1e for report and patch. diff --git a/include/IVideoDriver.h b/include/IVideoDriver.h index 26a4927f..30395d07 100644 --- a/include/IVideoDriver.h +++ b/include/IVideoDriver.h @@ -1423,7 +1423,7 @@ namespace video you have to render some special things, you can clear the zbuffer during the rendering process with this method any time. */ - IRR_DEPRECATED void clearZBuffer() + void clearZBuffer() { clearBuffers(ECBF_DEPTH, SColor(255,0,0,0), 1.f, 0); } diff --git a/readme.txt b/readme.txt index 868432bc..f2faa683 100644 --- a/readme.txt +++ b/readme.txt @@ -169,12 +169,15 @@ The Irrlicht Engine SDK version 1.9 by other people. Especially: (There are probably more people, sorry if I forgot one. See http://irrlicht.sourceforge.net/author.html for more informations) - Christian Stehno (hybrid) Contribution Coordinator/Developer - Michael Zeilfelder (cutealien) Developer - Patryk Nadrowski (Nadro) Developer + Michael Zeilfelder (cutealien) Developer/Maintainer + Thomas Alten (burningwater) Wrote the burningsvideo software rasterizer Yoran Bosman (Yoran) Webserver administrator + + Former developers: + Nikolaus Gebhardt (niko) Founder + Christian Stehno (hybrid) Developer + Patryk Nadrowski (Nadro) Developer Gareth Davidson (bitplane) Developer/ Forum admin - Thomas Alten (burningwater) Wrote the burningsvideo software rasterizer Luke P. Hoschke (luke) Wrote the b3d loader, the new animation system, VBOs and other things Colin MacDonald (rogerborg) All hands person Ahmed Hilali (blindside) The shader and advanced effects man diff --git a/source/Irrlicht/CD3D9ParallaxMapRenderer.cpp b/source/Irrlicht/CD3D9ParallaxMapRenderer.cpp index f036fb72..5d002df2 100644 --- a/source/Irrlicht/CD3D9ParallaxMapRenderer.cpp +++ b/source/Irrlicht/CD3D9ParallaxMapRenderer.cpp @@ -185,12 +185,12 @@ namespace video "mov r0.xy, t0 ; color map \n"\ " \n"\ "; original parallax mapping: \n"\ - "; emulate ps1x _bx2, so substract 0.5f and multiply by 2 \n"\ + "; emulate ps1x _bx2, so subtract 0.5f and multiply by 2 \n"\ "mad r1.xyz, r1, r11, c0; \n"\ " \n"\ "mul r3, r1.wwww, c6; ; r3 = (height, height, height) * scale \n"\ " \n"\ - "; emulate ps1x _bx2, so substract 0.5f and multiply by 2 \n"\ + "; emulate ps1x _bx2, so subtract 0.5f and multiply by 2 \n"\ "mad r4.xyz, r4, r11, c0; \n"\ " \n"\ "mad r2.xy, r3, r4, r0 ; newTexCoord = height * eye + oldTexCoord \n"\ @@ -205,7 +205,7 @@ namespace video "mov r2.xyz, t2 ; fetch light vector 1 \n"\ "mov r3.xyz, t3 ; fetch light vector 2 \n"\ " \n"\ - "; emulate ps1x _bx2, so substract 0.5f and multiply by 2 \n"\ + "; emulate ps1x _bx2, so subtract 0.5f and multiply by 2 \n"\ "mad r1.xyz, r1, r11, c0; \n"\ "mad r2.xyz, r2, r11, c0; \n"\ "mad r3.xyz, r3, r11, c0; \n"\ diff --git a/source/Irrlicht/CMD2MeshFileLoader.cpp b/source/Irrlicht/CMD2MeshFileLoader.cpp index f32e4e3a..bb342fd5 100644 --- a/source/Irrlicht/CMD2MeshFileLoader.cpp +++ b/source/Irrlicht/CMD2MeshFileLoader.cpp @@ -151,6 +151,13 @@ bool CMD2MeshFileLoader::loadFile(io::IReadFile* file, CAnimatedMeshMD2* mesh) return false; } + const int MAX_FRAME_SIZE = MD2_MAX_VERTS*4+128; + if ( header.frameSize > MAX_FRAME_SIZE ) + { + os::Printer::log("MD2 Loader: Invalid large frame size in header", file->getFileName(), ELL_WARNING); + return false; + } + // // prepare mesh and allocate memory // @@ -232,7 +239,7 @@ bool CMD2MeshFileLoader::loadFile(io::IReadFile* file, CAnimatedMeshMD2* mesh) // read Vertices - u8 buffer[MD2_MAX_VERTS*4+128]; + u8 buffer[MAX_FRAME_SIZE]; SMD2Frame* frame = (SMD2Frame*)buffer; file->seek(header.offsetFrames); diff --git a/source/Irrlicht/COpenGLParallaxMapRenderer.cpp b/source/Irrlicht/COpenGLParallaxMapRenderer.cpp index 065cea23..d0edb742 100644 --- a/source/Irrlicht/COpenGLParallaxMapRenderer.cpp +++ b/source/Irrlicht/COpenGLParallaxMapRenderer.cpp @@ -156,7 +156,7 @@ const char OPENGL_PARALLAX_MAP_PSH[] = "MAD normalMapColor, normalMapColor, {2,2,2,2}, {-1,-1,-1,-1}; \n"\ "\n"\ "\n"\ - "# extract eye vector (so substract 0.5f and multiply by 2)\n"\ + "# extract eye vector (so subtract 0.5f and multiply by 2)\n"\ "MAD temp, eyeVector, {2,2,2,2}, {-1,-1,-1,-1};\n"\ "\n"\ "# height = height * scale \n"\ diff --git a/source/Irrlicht/CXMeshFileLoader.cpp b/source/Irrlicht/CXMeshFileLoader.cpp index feddb408..30a043e2 100644 --- a/source/Irrlicht/CXMeshFileLoader.cpp +++ b/source/Irrlicht/CXMeshFileLoader.cpp @@ -1116,7 +1116,7 @@ bool CXMeshFileLoader::parseDataObjectSkinWeights(SXMesh &mesh) if (!getNextTokenAsString(TransformNodeName)) { - os::Printer::log("Unknown syntax while reading transfrom node name string in .x file", ELL_WARNING); + os::Printer::log("Unknown syntax while reading transform node name string in .x file", ELL_WARNING); os::Printer::log("Line", core::stringc(Line).c_str(), ELL_WARNING); return false; } diff --git a/source/Irrlicht/Makefile b/source/Irrlicht/Makefile index fa0e2e29..30939944 100644 --- a/source/Irrlicht/Makefile +++ b/source/Irrlicht/Makefile @@ -91,7 +91,7 @@ endif ifdef PROFILE CPPFLAGS += -pg endif -CFLAGS := -DPNG_THREAD_UNSAFE_OK -DPNG_NO_MMX_CODE -DPNG_NO_MNG_FEATURES -DPNG_ARM_NEON_OPT=0 +CFLAGS += -DPNG_THREAD_UNSAFE_OK -DPNG_NO_MMX_CODE -DPNG_NO_MNG_FEATURES -DPNG_ARM_NEON_OPT=0 ifdef EMSCRIPTEN CXXFLAGS += -std=gnu++11 -U__STRICT_ANSI__ ifdef WASM