12 Commits

Author SHA1 Message Date
Ray
c85cd07db0 Update rmodels.c 2026-07-11 12:22:03 +02:00
Ray
f458296a07 small optimization 2026-07-11 12:21:24 +02:00
Ray
8df2f13962 Update raudio.c 2026-07-11 12:20:57 +02:00
cba8f4286d Fix initial macOS window size (#5967) 2026-07-11 12:06:54 +02:00
86c7edfd74 [raudio] Fix memory leak when loading .wav files (#5963)
* [raudio] Fix memory leak when loading .wav files

* [change] Insert a space.
2026-07-11 12:03:41 +02:00
Ray
caadb48e25 Update SECURITY.md 2026-07-07 15:54:57 +02:00
Ray
3e9fb4757f Update rcore_drm.c 2026-07-07 12:17:23 +02:00
d159739a8b Fix DRM/EGL segfault on some NVIDIA proprietary drivers (#5960) 2026-07-07 12:15:54 +02:00
Ray
f20f61d754 Merge branch 'master' of https://github.com/raysan5/raylib 2026-07-07 11:47:31 +02:00
Ray
81b740403a Updated 2026-07-07 11:47:19 +02:00
3cb8a3d782 ReiLua Lua binding update to raylib 6.0. (#5959) 2026-07-07 11:46:07 +02:00
Ray
f8e42cb509 REVIEWED: OpenURL(), added some safety checks to mitigate possible malicious url inputs 2026-07-07 11:45:30 +02:00
13 changed files with 128 additions and 62 deletions

View File

@ -52,7 +52,7 @@ Some people ported raylib to other languages in the form of bindings or wrappers
| [KaylibKit](https://codeberg.org/Kenta/KaylibKit) | 4.5 | [Kotlin/native](https://kotlinlang.org) | Zlib | | [KaylibKit](https://codeberg.org/Kenta/KaylibKit) | 4.5 | [Kotlin/native](https://kotlinlang.org) | Zlib |
| [raylib-lua](https://github.com/TSnake41/raylib-lua) | 5.5 | [Lua](http://www.lua.org) | ISC | | [raylib-lua](https://github.com/TSnake41/raylib-lua) | 5.5 | [Lua](http://www.lua.org) | ISC |
| [raylib-lua-bindings (WIP)](https://github.com/legendaryredfox/raylib-lua-bindings) | 5.5 | [Lua](http://www.lua.org) | ISC | | [raylib-lua-bindings (WIP)](https://github.com/legendaryredfox/raylib-lua-bindings) | 5.5 | [Lua](http://www.lua.org) | ISC |
| [ReiLua](https://github.com/nullstare/ReiLua) | 5.5 | [Lua](http://www.lua.org) | MIT | | [ReiLua](https://github.com/nullstare/ReiLua) | 6.0 | [Lua](http://www.lua.org) | MIT |
| [raylib-lua-sol](https://github.com/RobLoach/raylib-lua-sol) | 5.5 | [Lua](http://www.lua.org) | Zlib | | [raylib-lua-sol](https://github.com/RobLoach/raylib-lua-sol) | 5.5 | [Lua](http://www.lua.org) | Zlib |
| [raylib-luajit](https://github.com/homma/raylib-luajit) | 5.5 | [Lua](http://www.lua.org) | MIT | | [raylib-luajit](https://github.com/homma/raylib-luajit) | 5.5 | [Lua](http://www.lua.org) | MIT |
| [raylib-luajit-generated](https://github.com/james2doyle/raylib-luajit-generated) | 5.5 | [Lua](http://www.lua.org) | MIT | | [raylib-luajit-generated](https://github.com/james2doyle/raylib-luajit-generated) | 5.5 | [Lua](http://www.lua.org) | MIT |

View File

@ -11,8 +11,4 @@ Most considerations of errors and defects can be handled using the project Issue
## Reporting a Vulnerability ## Reporting a Vulnerability
Discovered vulnerability can be directly reported using the project Issues and/or Discussions. Discovered vulnerability can be directly reported using the project Issues and/or Discussions. They will be reviewed as soon as possible.
_TODO: Tell them where to go, how often they can expect to get an update on a
reported vulnerability, what to expect if the vulnerability is accepted or
declined, etc._

View File

@ -663,13 +663,22 @@ double GetTime(void)
} }
// Open URL with default system browser (if available) // Open URL with default system browser (if available)
// NOTE: This function is only safe to use if the provided URL is safe // WARNING: This function is only safe to use if you control the URL given,
// A user could craft a malicious string performing another action // a user could craft a malicious string to perform and undesired action
// Avoid calling this function with user input non-validated strings // NOTE: Some safety checks have been added to mitigate security issues
void OpenURL(const char *url) void OpenURL(const char *url)
{ {
// Security check to (partially) avoid malicious code // Security check to (partially) avoid malicious code
if (strchr(url, '\'') != NULL) TRACELOG(LOG_WARNING, "SYSTEM: Provided URL could be potentially malicious, avoid [\'] character"); if ((strchr(url, '\'') != NULL) || (strchr(url, '\"') != NULL))
{
// Filter characters: ' and "
TRACELOG(LOG_WARNING, "SYSTEM: Provided URL could be potentially malicious, avoid [\'\"] characters");
}
else if ((strncmp(url, "http://", 7) != 0) && (strncmp(url, "https://", 8) != 0))
{
// Only allow URL starting with "http://" or "https://" protocols
TRACELOG(LOG_WARNING, "SYSTEM: Provided URL must start with 'http://' or 'https://' protocols");
}
else else
{ {
JNIEnv *env = NULL; JNIEnv *env = NULL;

View File

@ -1181,17 +1181,25 @@ double GetTime(void)
} }
// Open URL with default system browser (if available) // Open URL with default system browser (if available)
// NOTE: This function is only safe to use if you control the URL given // WARNING: This function is only safe to use if you control the URL given,
// A user could craft a malicious string performing another action // a user could craft a malicious string to perform and undesired action
// Only call this function yourself not with user input or make sure to check the string yourself // NOTE: Some safety checks have been added to mitigate security issues
// REF: https://github.com/raysan5/raylib/issues/686
void OpenURL(const char *url) void OpenURL(const char *url)
{ {
// Security check to (partially) avoid malicious code // Security check to (partially) avoid malicious code
if (strchr(url, '\'') != NULL) TRACELOG(LOG_WARNING, "SYSTEM: Provided URL could be potentially malicious, avoid [\'] character"); if ((strchr(url, '\'') != NULL) || (strchr(url, '\"') != NULL))
{
// Filter characters: ' and "
TRACELOG(LOG_WARNING, "SYSTEM: Provided URL could be potentially malicious, avoid [\'\"] characters");
}
else if ((strncmp(url, "http://", 7) != 0) && (strncmp(url, "https://", 8) != 0))
{
// Only allow URL starting with "http://" or "https://" protocols
TRACELOG(LOG_WARNING, "SYSTEM: Provided URL must start with 'http://' or 'https://' protocols");
}
else else
{ {
char *cmd = (char *)RL_CALLOC(strlen(url) + 32, sizeof(char)); char *cmd = (char *)RL_CALLOC(strlen(url) + 16, sizeof(char));
#if defined(_WIN32) #if defined(_WIN32)
sprintf(cmd, "explorer \"%s\"", url); sprintf(cmd, "explorer \"%s\"", url);
#endif #endif
@ -1201,7 +1209,9 @@ void OpenURL(const char *url)
#if defined(__APPLE__) #if defined(__APPLE__)
sprintf(cmd, "open '%s'", url); sprintf(cmd, "open '%s'", url);
#endif #endif
// TODO: Replace system() call by custom process
int result = system(cmd); int result = system(cmd);
if (result == -1) TRACELOG(LOG_WARNING, "OpenURL() child process could not be created"); if (result == -1) TRACELOG(LOG_WARNING, "OpenURL() child process could not be created");
RL_FREE(cmd); RL_FREE(cmd);
} }
@ -1683,6 +1693,14 @@ int InitPlatform(void)
return -1; return -1;
} }
#if defined(__APPLE__)
// AppKit can constrain the requested window size to the visible work area during creation
int windowWidth = 0;
int windowHeight = 0;
glfwGetWindowSize(platform.handle, &windowWidth, &windowHeight);
if ((windowWidth > 0) && (windowHeight > 0)) CORE.Window.screen = (Size){ windowWidth, windowHeight };
#endif
// NOTE: Not considering scale factor now, considered below // NOTE: Not considering scale factor now, considered below
CORE.Window.render.width = CORE.Window.screen.width; CORE.Window.render.width = CORE.Window.screen.width;
CORE.Window.render.height = CORE.Window.screen.height; CORE.Window.render.height = CORE.Window.screen.height;

View File

@ -1471,15 +1471,25 @@ double GetTime(void)
} }
// Open URL with default system browser (if available) // Open URL with default system browser (if available)
// NOTE: This function is only safe to use if you control the URL given // WARNING: This function is only safe to use if you control the URL given,
// A user could craft a malicious string performing another action // a user could craft a malicious string to perform and undesired action
// NOTE: Some safety checks have been added to mitigate security issues
void OpenURL(const char *url) void OpenURL(const char *url)
{ {
// Security check to (partially) avoid malicious code on target platform // Security check to (partially) avoid malicious code
if (strchr(url, '\'') != NULL) TRACELOG(LOG_WARNING, "SYSTEM: Provided URL could be potentially malicious, avoid [\'] character"); if ((strchr(url, '\'') != NULL) || (strchr(url, '\"') != NULL))
{
// Filter characters: ' and "
TRACELOG(LOG_WARNING, "SYSTEM: Provided URL could be potentially malicious, avoid [\'\"] characters");
}
else if ((strncmp(url, "http://", 7) != 0) && (strncmp(url, "https://", 8) != 0))
{
// Only allow URL starting with "http://" or "https://" protocols
TRACELOG(LOG_WARNING, "SYSTEM: Provided URL must start with 'http://' or 'https://' protocols");
}
else else
{ {
char *cmd = (char *)RL_CALLOC(strlen(url) + 32, sizeof(char)); char *cmd = (char *)RL_CALLOC(strlen(url) + 16, sizeof(char));
#if defined(_WIN32) #if defined(_WIN32)
sprintf(cmd, "explorer \"%s\"", url); sprintf(cmd, "explorer \"%s\"", url);
#endif #endif

View File

@ -1341,14 +1341,22 @@ double GetTime(void)
} }
// Open URL with default system browser (if available) // Open URL with default system browser (if available)
// NOTE: This function is only safe to use if the provided URL is safe // WARNING: This function is only safe to use if you control the URL given,
// A user could craft a malicious string performing another action // a user could craft a malicious string to perform and undesired action
// Avoid calling this function with user input non-validated strings // NOTE: Some safety checks have been added to mitigate security issues
// REF: https://github.com/raysan5/raylib/issues/686
void OpenURL(const char *url) void OpenURL(const char *url)
{ {
// Security check to (partially) avoid malicious code // Security check to (partially) avoid malicious code
if (strchr(url, '\'') != NULL) TRACELOG(LOG_WARNING, "SYSTEM: Provided URL could be potentially malicious, avoid [\'] character"); if ((strchr(url, '\'') != NULL) || (strchr(url, '\"') != NULL))
{
// Filter characters: ' and "
TRACELOG(LOG_WARNING, "SYSTEM: Provided URL could be potentially malicious, avoid [\'\"] characters");
}
else if ((strncmp(url, "http://", 7) != 0) && (strncmp(url, "https://", 8) != 0))
{
// Only allow URL starting with "http://" or "https://" protocols
TRACELOG(LOG_WARNING, "SYSTEM: Provided URL must start with 'http://' or 'https://' protocols");
}
else SDL_OpenURL(url); else SDL_OpenURL(url);
} }

View File

@ -1247,19 +1247,28 @@ double GetTime(void)
} }
// Open URL with default system browser (if available) // Open URL with default system browser (if available)
// NOTE: This function is only safe to use if the provided URL is safe // WARNING: This function is only safe to use if you control the URL given,
// A user could craft a malicious string performing another action // a user could craft a malicious string to perform and undesired action
// Avoid calling this function with user input non-validated strings // NOTE: Some safety checks have been added to mitigate security issues
// REF: https://github.com/raysan5/raylib/issues/686
void OpenURL(const char *url) void OpenURL(const char *url)
{ {
// Security check to (partially) avoid malicious code on target platform // Security check to (partially) avoid malicious code
if (strchr(url, '\'') != NULL) TRACELOG(LOG_WARNING, "SYSTEM: Provided URL could be potentially malicious, avoid [\'] character"); if ((strchr(url, '\'') != NULL) || (strchr(url, '\"') != NULL))
{
// Filter characters: ' and "
TRACELOG(LOG_WARNING, "SYSTEM: Provided URL could be potentially malicious, avoid [\'\"] characters");
}
else if ((strncmp(url, "http://", 7) != 0) && (strncmp(url, "https://", 8) != 0))
{
// Only allow URL starting with "http://" or "https://" protocols
TRACELOG(LOG_WARNING, "SYSTEM: Provided URL must start with 'http://' or 'https://' protocols");
}
else else
{ {
int len = strlen(url) + 32; int len = strlen(url) + 16;
char *cmd = (char *)RL_CALLOC(len, sizeof(char)); char *cmd = (char *)RL_CALLOC(len, sizeof(char));
snprintf(cmd, len, "explorer \"%s\"", url); snprintf(cmd, len, "explorer \"%s\"", url);
int result = system(cmd); int result = system(cmd);
if (result == -1) TRACELOG(LOG_WARNING, "OpenURL() child process could not be created"); if (result == -1) TRACELOG(LOG_WARNING, "OpenURL() child process could not be created");
RL_FREE(cmd); RL_FREE(cmd);

View File

@ -1014,9 +1014,8 @@ double GetTime(void)
} }
// Open URL with default system browser (if available) // Open URL with default system browser (if available)
// NOTE: This function is only safe to use if the provided URL is safe // WARNING: This function is only safe to use if you control the URL given,
// A user could craft a malicious string performing another action // a user could craft a malicious string to perform and undesired action
// Avoid calling this function with user input non-validated strings
void OpenURL(const char *url) void OpenURL(const char *url)
{ {
TRACELOG(LOG_WARNING, "OpenURL() not implemented on target platform"); TRACELOG(LOG_WARNING, "OpenURL() not implemented on target platform");
@ -1446,7 +1445,9 @@ int InitPlatform(void)
return -1; return -1;
} }
if (!eglChooseConfig(platform.device, NULL, NULL, 0, &numConfigs)) // WARNING: Providing framebufferAttribs is not logically necessary,
// but it may prevent segfaults on some nvidia drivers
if (!eglChooseConfig(platform.device, framebufferAttribs, NULL, 0, &numConfigs))
{ {
TRACELOG(LOG_WARNING, "DISPLAY: Failed to get EGL config count: 0x%x", eglGetError()); TRACELOG(LOG_WARNING, "DISPLAY: Failed to get EGL config count: 0x%x", eglGetError());
return -1; return -1;

View File

@ -352,14 +352,22 @@ double GetTime(void)
} }
// Open URL with default system browser (if available) // Open URL with default system browser (if available)
// NOTE: This function is only safe to use if you control the URL given. // WARNING: This function is only safe to use if you control the URL given,
// A user could craft a malicious string performing another action. // a user could craft a malicious string to perform and undesired action
// Only call this function yourself not with user input or make sure to check the string yourself. // NOTE: Some safety checks have been added to mitigate security issues
// Ref: https://github.com/raysan5/raylib/issues/686
void OpenURL(const char *url) void OpenURL(const char *url)
{ {
// Security check to (partially) avoid malicious code on target platform // Security check to (partially) avoid malicious code
if (strchr(url, '\'') != NULL) TRACELOG(LOG_WARNING, "SYSTEM: Provided URL could be potentially malicious, avoid [\'] character"); if ((strchr(url, '\'') != NULL) || (strchr(url, '\"') != NULL))
{
// Filter characters: ' and "
TRACELOG(LOG_WARNING, "SYSTEM: Provided URL could be potentially malicious, avoid [\'\"] characters");
}
else if ((strncmp(url, "http://", 7) != 0) && (strncmp(url, "https://", 8) != 0))
{
// Only allow URL starting with "http://" or "https://" protocols
TRACELOG(LOG_WARNING, "SYSTEM: Provided URL must start with 'http://' or 'https://' protocols");
}
else else
{ {
// TODO: Load url using default browser // TODO: Load url using default browser

View File

@ -968,13 +968,22 @@ double GetTime(void)
} }
// Open URL with default system browser (if available) // Open URL with default system browser (if available)
// NOTE: This function is only safe to use if the provided URL is safe // WARNING: This function is only safe to use if you control the URL given,
// A user could craft a malicious string performing another action // a user could craft a malicious string to perform and undesired action
// Avoid calling this function with user input non-validated strings // NOTE: Some safety checks have been added to mitigate security issues
void OpenURL(const char *url) void OpenURL(const char *url)
{ {
// Security check to (partially) avoid malicious code on target platform // Security check to (partially) avoid malicious code
if (strchr(url, '\'') != NULL) TRACELOG(LOG_WARNING, "SYSTEM: Provided URL could be potentially malicious, avoid [\'] character"); if ((strchr(url, '\'') != NULL) || (strchr(url, '\"') != NULL))
{
// Filter characters: ' and "
TRACELOG(LOG_WARNING, "SYSTEM: Provided URL could be potentially malicious, avoid [\'\"] characters");
}
else if ((strncmp(url, "http://", 7) != 0) && (strncmp(url, "https://", 8) != 0))
{
// Only allow URL starting with "http://" or "https://" protocols
TRACELOG(LOG_WARNING, "SYSTEM: Provided URL must start with 'http://' or 'https://' protocols");
}
else emscripten_run_script(TextFormat("window.open('%s', '_blank')", url)); else emscripten_run_script(TextFormat("window.open('%s', '_blank')", url));
} }

View File

@ -822,7 +822,7 @@ Wave LoadWaveFromMemory(const char *fileType, const unsigned char *fileData, int
wave.sampleRate = wav.sampleRate; wave.sampleRate = wav.sampleRate;
wave.sampleSize = 16; wave.sampleSize = 16;
wave.channels = wav.channels; wave.channels = wav.channels;
wave.data = (short *)RL_MALLOC((size_t)wave.frameCount*wave.channels*sizeof(short)); wave.data = (short *)RL_CALLOC((size_t)wave.frameCount*wave.channels, sizeof(short));
// NOTE: Forcing conversion to 16bit sample size on reading // NOTE: Forcing conversion to 16bit sample size on reading
drwav_read_pcm_frames_s16(&wav, wave.frameCount, (drwav_int16 *)wave.data); drwav_read_pcm_frames_s16(&wav, wave.frameCount, (drwav_int16 *)wave.data);
@ -845,7 +845,7 @@ Wave LoadWaveFromMemory(const char *fileType, const unsigned char *fileData, int
wave.sampleSize = 16; // By default, ogg data is 16 bit per sample (short) wave.sampleSize = 16; // By default, ogg data is 16 bit per sample (short)
wave.channels = info.channels; wave.channels = info.channels;
wave.frameCount = (unsigned int)stb_vorbis_stream_length_in_samples(oggData); // NOTE: It returns frames! wave.frameCount = (unsigned int)stb_vorbis_stream_length_in_samples(oggData); // NOTE: It returns frames!
wave.data = (short *)RL_MALLOC(wave.frameCount*wave.channels*sizeof(short)); wave.data = (short *)RL_CALLOC(wave.frameCount*wave.channels, sizeof(short));
// NOTE: Get the number of samples to process (be careful! asking for number of shorts, not bytes!) // NOTE: Get the number of samples to process (be careful! asking for number of shorts, not bytes!)
stb_vorbis_get_samples_short_interleaved(oggData, info.channels, (short *)wave.data, wave.frameCount*wave.channels); stb_vorbis_get_samples_short_interleaved(oggData, info.channels, (short *)wave.data, wave.frameCount*wave.channels);
@ -1258,7 +1258,7 @@ void WaveFormat(Wave *wave, int sampleRate, int sampleSize, int channels)
return; return;
} }
void *data = RL_MALLOC(frameCount*channels*(sampleSize/8)); void *data = RL_CALLOC(frameCount*channels*(sampleSize/8), 1);
frameCount = (ma_uint32)ma_convert_frames(data, frameCount, formatOut, channels, sampleRate, wave->data, frameCountIn, formatIn, wave->channels, wave->sampleRate); frameCount = (ma_uint32)ma_convert_frames(data, frameCount, formatOut, channels, sampleRate, wave->data, frameCountIn, formatIn, wave->channels, wave->sampleRate);
if (frameCount == 0) if (frameCount == 0)
@ -1772,7 +1772,7 @@ void UnloadMusicStream(Music music)
{ {
if (false) { } if (false) { }
#if SUPPORT_FILEFORMAT_WAV #if SUPPORT_FILEFORMAT_WAV
else if (music.ctxType == MUSIC_AUDIO_WAV) drwav_uninit((drwav *)music.ctxData); else if (music.ctxType == MUSIC_AUDIO_WAV) { drwav_uninit((drwav *)music.ctxData); RL_FREE(music.ctxData); }
#endif #endif
#if SUPPORT_FILEFORMAT_OGG #if SUPPORT_FILEFORMAT_OGG
else if (music.ctxType == MUSIC_AUDIO_OGG) stb_vorbis_close((stb_vorbis *)music.ctxData); else if (music.ctxType == MUSIC_AUDIO_OGG) stb_vorbis_close((stb_vorbis *)music.ctxData);

View File

@ -1844,8 +1844,6 @@ void SetConfigFlags(unsigned int flags)
FLAG_SET(CORE.Window.flags, flags); FLAG_SET(CORE.Window.flags, flags);
} }
// void OpenURL(const char *url); // Defined per platform
//---------------------------------------------------------------------------------- //----------------------------------------------------------------------------------
// Module Functions Definition: Logging system // Module Functions Definition: Logging system
//---------------------------------------------------------------------------------- //----------------------------------------------------------------------------------
@ -3275,7 +3273,7 @@ unsigned int *ComputeMD5(const unsigned char *data, int dataSize)
memcpy(msg + newDataSize, &bitsLen, 4); // Append the len in bits at the end of the buffer memcpy(msg + newDataSize, &bitsLen, 4); // Append the len in bits at the end of the buffer
// Process the message in successive 512-bit chunks for each 512-bit chunk of message // Process the message in successive 512-bit chunks for each 512-bit chunk of message
for (int offset = 0; offset < newDataSize; offset += (512/8)) for (int offset = 0; offset < newDataSize; offset += 64) // 512/8
{ {
// Break chunk into sixteen 32-bit words w[j], 0 <= j <= 15 // Break chunk into sixteen 32-bit words w[j], 0 <= j <= 15
unsigned int *w = (unsigned int *)(msg + offset); unsigned int *w = (unsigned int *)(msg + offset);
@ -3372,7 +3370,7 @@ unsigned int *ComputeSHA1(const unsigned char *data, int dataSize)
msg[newDataSize - 8] = (unsigned char)(bitsLen >> 56); msg[newDataSize - 8] = (unsigned char)(bitsLen >> 56);
// Process the message in successive 512-bit chunks // Process the message in successive 512-bit chunks
for (int offset = 0; offset < newDataSize; offset += (512/8)) for (int offset = 0; offset < newDataSize; offset += 64) // 512/8
{ {
// Break chunk into sixteen 32-bit words w[j], 0 <= j <= 15 // Break chunk into sixteen 32-bit words w[j], 0 <= j <= 15
unsigned int w[80] = { 0 }; unsigned int w[80] = { 0 };

View File

@ -5316,8 +5316,8 @@ static Image LoadImageFromCgltfImage(cgltf_image *cgltfImage, const char *texPat
{ {
int base64Size = (int)strlen(cgltfImage->uri + i + 1); int base64Size = (int)strlen(cgltfImage->uri + i + 1);
while (cgltfImage->uri[i + base64Size] == '=') base64Size--; // Ignore optional paddings while (cgltfImage->uri[i + base64Size] == '=') base64Size--; // Ignore optional paddings
int numberOfEncodedBits = base64Size*6 - (base64Size*6) % 8 ; // Encoded bits minus extra bits, so it becomes a multiple of 8 bits int numberOfEncodedBits = base64Size*6 - (base64Size*6)%8; // Encoded bits minus extra bits, so it becomes a multiple of 8 bits
int outSize = numberOfEncodedBits/8 ; // Actual encoded bytes int outSize = numberOfEncodedBits >> 3; // Actual encoded bytes
void *data = NULL; void *data = NULL;
cgltf_options options = { 0 }; cgltf_options options = { 0 };