We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 855

Summary:	mprotect() in SDL_stretch.c defeats W^X
Product:	SDL	Reporter:	Ludwig Nussel <ludwig.nussel>
Component:	video	Assignee:	Ryan C. Gordon <icculus>
Status:	RESOLVED FIXED	QA Contact:	Sam Lantinga <slouken>
Severity:	normal
Priority:	P2
Version:	HG 1.2
Hardware:	x86
OS:	Linux
Attachments:	patch

Description Ludwig Nussel 2009-10-18 06:31:52 UTC

Created attachment 424 [details]
patch

an mprotect call was added to fix bug 528. However that results in a buffer
that allows writing and code execution. Ie the no-execute security features of
modern operating systems are defeated this way. Two mprotect calls are needed.
One to make the buffer executable but not writeable when done and another one
to make the buffer writeable again if the content needs to be changed.

Comment 1 Sam Lantinga 2009-10-18 10:46:43 UTC

This is fixed, thanks!

We are currently migrating Bugzilla to GitHub issues.Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 855

We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.