twix/raylib
1
0
Fork 0
mirror of https://github.com/raysan5/raylib.git synced 2025-12-25 10:22:33 -05:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: twix:a1e84caa8c26b36d6bfbc4a64b731fdeae1dacf2
Branches Tags
twix:master
twix:5.5 twix:5.0 twix:4.6-dev twix:4.5.0 twix:4.2.0 twix:4.0.0 twix:3.7.0 twix:3.5.0 twix:3.0.0 twix:2.6.0 twix:2.5.0 twix:2.0.0 twix:1.9.7-dev twix:1.9.4-dev twix:1.8.0 twix:1.7.0 twix:1.6.0 twix:1.5.0 twix:1.4.0 twix:1.3.0 twix:1.2.2 twix:1.1.1 twix:1.0.6 twix:1.0.4
...
compare: twix:101502103a559afdff6938dc0c739eb5d0870912
Branches Tags
twix:master
twix:5.5 twix:5.0 twix:4.6-dev twix:4.5.0 twix:4.2.0 twix:4.0.0 twix:3.7.0 twix:3.5.0 twix:3.0.0 twix:2.6.0 twix:2.5.0 twix:2.0.0 twix:1.9.7-dev twix:1.9.4-dev twix:1.8.0 twix:1.7.0 twix:1.6.0 twix:1.5.0 twix:1.4.0 twix:1.3.0 twix:1.2.2 twix:1.1.1 twix:1.0.6 twix:1.0.4

6 Commits
a1e84caa8c ... 101502103a

Author SHA1 Message Date
Dan Vu
101502103a Fixed FLAG_IS_SET to check if all bits in the flag are set in the value (#5441) 2025-12-24 20:58:40 +01:00
Ray
20dd4641c8 REVIEWED: Potential security concerns while copying unbounded text data between strings 
Note that issue has been reported by CodeQL static analysis system
 2025-12-24 19:35:06 +01:00
Ray
fc843dc557 Create SECURITY.md 2025-12-24 19:21:43 +01:00
Ray
9103f6e055 ADDED: New platform backend for Web: Emscripten, not dependant on GLFW.js -WIP- 2025-12-24 18:58:20 +01:00
Ray
ced84333a9 Update rl_gputex.h 2025-12-24 18:02:24 +01:00
Ray
05f42aa119 Update core_highdpi_testbed.c 2025-12-24 18:02:04 +01:00
9 changed files with 1739 additions and 15 deletions
Expand all files Collapse all files

18
SECURITY.md Normal file
View File

@ -0,0 +1,18 @@
# Security Policy
## Supported Versions
Most considerations of errors and defects can be handled using the project Issues and/or Discussions.
| Version | Supported |
| ------- | ------------------ |
| 6.0.x | :white_check_mark: |
| < 5.5 | :x: |
## Reporting a Vulnerability
Discovered vulnerability can be directly reported using the project Issues and/or Discussions.
_TODO: Tell them where to go, how often they can expect to get an update on a
reported vulnerability, what to expect if the vulnerability is accepted or
declined, etc._

2
examples/core/core_highdpi_testbed.c
View File

@ -27,7 +27,7 @@ int main(void)
const int screenWidth = 800;
const int screenHeight = 450;
SetConfigFlags(FLAG_WINDOW_HIGHDPI | FLAG_WINDOW_RESIZABLE);
SetConfigFlags(FLAG_WINDOW_RESIZABLE | FLAG_WINDOW_HIGHDPI);
InitWindow(screenWidth, screenHeight, "raylib [core] example - highdpi testbed");
Vector2 scaleDpi = GetWindowScaleDPI();

2
src/platforms/rcore_desktop_glfw.c
View File

@ -1962,7 +1962,7 @@ static void WindowDropCallback(GLFWwindow *window, int count, const char **paths
for (unsigned int i = 0; i < CORE.Window.dropFileCount; i++)
{
CORE.Window.dropFilepaths[i] = (char *)RL_CALLOC(MAX_FILEPATH_LENGTH, sizeof(char));
strcpy(CORE.Window.dropFilepaths[i], paths[i]);
strncpy(CORE.Window.dropFilepaths[i], paths[i], MAX_FILEPATH_LENGTH - 1);
}
}
}

8
src/platforms/rcore_desktop_sdl.c
View File

@ -1431,9 +1431,9 @@ void PollInputEvents(void)
// Event memory is now managed by SDL, so you should not free the data in SDL_EVENT_DROP_FILE,
// and if you want to hold onto the text in SDL_EVENT_TEXT_EDITING and SDL_EVENT_TEXT_INPUT events,
// you should make a copy of it. SDL_TEXTINPUTEVENT_TEXT_SIZE is no longer necessary and has been removed
strcpy(CORE.Window.dropFilepaths[CORE.Window.dropFileCount], event.drop.data);
strncpy(CORE.Window.dropFilepaths[CORE.Window.dropFileCount], event.drop.data, MAX_FILEPATH_LENGTH - 1);
#else
strcpy(CORE.Window.dropFilepaths[CORE.Window.dropFileCount], event.drop.file);
strncpy(CORE.Window.dropFilepaths[CORE.Window.dropFileCount], event.drop.file, MAX_FILEPATH_LENGTH - 1);
SDL_free(event.drop.file);
#endif
@ -1444,9 +1444,9 @@ void PollInputEvents(void)
CORE.Window.dropFilepaths[CORE.Window.dropFileCount] = (char *)RL_CALLOC(MAX_FILEPATH_LENGTH, sizeof(char));
#if defined(USING_VERSION_SDL3)
strcpy(CORE.Window.dropFilepaths[CORE.Window.dropFileCount], event.drop.data);
strncpy(CORE.Window.dropFilepaths[CORE.Window.dropFileCount], event.drop.data, MAX_FILEPATH_LENGTH - 1);
#else
strcpy(CORE.Window.dropFilepaths[CORE.Window.dropFileCount], event.drop.file);
strncpy(CORE.Window.dropFilepaths[CORE.Window.dropFileCount], event.drop.file, MAX_FILEPATH_LENGTH - 1);
SDL_free(event.drop.file);
#endif

2
src/platforms/rcore_web.c
View File

@ -1531,7 +1531,7 @@ static void WindowDropCallback(GLFWwindow *window, int count, const char **paths
for (unsigned int i = 0; i < CORE.Window.dropFileCount; i++)
{
CORE.Window.dropFilepaths[i] = (char *)RL_CALLOC(MAX_FILEPATH_LENGTH, sizeof(char));
strcpy(CORE.Window.dropFilepaths[i], paths[i]);
strncpy(CORE.Window.dropFilepaths[i], paths[i], MAX_FILEPATH_LENGTH - 1);
}
}
}

1701
src/platforms/rcore_web_emscripten.c Normal file
View File

File diff suppressed because it is too large Load Diff

2
src/rcore.c
View File

@ -273,7 +273,7 @@
#define FLAG_SET(n, f) ((n) |= (f))
#define FLAG_CLEAR(n, f) ((n) &= ~(f))
#define FLAG_TOGGLE(n, f) ((n) ^= (f))
#define FLAG_IS_SET(n, f) (((n) & (f)) > 0)
#define FLAG_IS_SET(n, f) (((n) & (f)) == (f))
//----------------------------------------------------------------------------------
// Types and Structures Definition

17
src/rtext.c
View File

@ -1597,14 +1597,13 @@ float TextToFloat(const char *text)
#if defined(SUPPORT_TEXT_MANIPULATION)
// Copy one string to another, returns bytes copied
// NOTE: Alternative implementation to strcpy(dst, src) from C standard library
int TextCopy(char *dst, const char *src)
{
int bytes = 0;
if ((src != NULL) && (dst != NULL))
{
// NOTE: Alternative: use strcpy(dst, src)
while (*src != '\0')
{
*dst = *src;
@ -1717,11 +1716,13 @@ char *TextReplace(const char *text, const char *search, const char *replacement)
{
char *insertPoint = NULL; // Next insert point
char *temp = NULL; // Temp pointer
int textLen = 0; // Text string length
int searchLen = 0; // Search string length of (the string to remove)
int replaceLen = 0; // Replacement length (the string to replace by)
int lastReplacePos = 0; // Distance between next search and end of last replace
int count = 0; // Number of replacements
textLen = TextLength(text);
searchLen = TextLength(search);
if (searchLen == 0) return NULL; // Empty search causes infinite loop during count
@ -1732,7 +1733,8 @@ char *TextReplace(const char *text, const char *search, const char *replacement)
for (count = 0; (temp = strstr(insertPoint, search)); count++) insertPoint = temp + searchLen;
// Allocate returning string and point temp to it
temp = result = (char *)RL_MALLOC(TextLength(text) + (replaceLen - searchLen)*count + 1);
int tempLen = textLen + (replaceLen - searchLen)*count + 1;
temp = result = (char *)RL_MALLOC(tempLen);
if (!result) return NULL; // Memory could not be allocated
@ -1744,13 +1746,16 @@ char *TextReplace(const char *text, const char *search, const char *replacement)
{
insertPoint = (char *)strstr(text, search);
lastReplacePos = (int)(insertPoint - text);
temp = strncpy(temp, text, lastReplacePos) + lastReplacePos;
temp = strcpy(temp, replacement) + replaceLen;
temp = strncpy(temp, text, tempLen - 1) + lastReplacePos;
tempLen -= lastReplacePos;
temp = strncpy(temp, replacement, tempLen - 1) + replaceLen;
tempLen -= replaceLen;
text += lastReplacePos + searchLen; // Move to next "end of replace"
}
// Copy remaind text part after replacement to result (pointed by moving temp)
strcpy(temp, text);
strncpy(temp, text, tempLen - 1);
}
return result;