We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 855

Summary: mprotect() in SDL_stretch.c defeats W^X
Product: SDL Reporter: Ludwig Nussel <ludwig.nussel>
Component: videoAssignee: Ryan C. Gordon <icculus>
Status: RESOLVED FIXED QA Contact: Sam Lantinga <slouken>
Severity: normal    
Priority: P2    
Version: HG 1.2   
Hardware: x86   
OS: Linux   
Attachments: patch

Description Ludwig Nussel 2009-10-18 06:31:52 UTC
Created attachment 424 [details]
patch

an mprotect call was added to fix bug 528. However that results in a buffer
that allows writing and code execution. Ie the no-execute security features of
modern operating systems are defeated this way. Two mprotect calls are needed.
One to make the buffer executable but not writeable when done and another one
to make the buffer writeable again if the content needs to be changed.
Comment 1 Sam Lantinga 2009-10-18 10:46:43 UTC
This is fixed, thanks!