Fix casts that should be using uintptr_t

This is needed to support CHERI, and thus Arm's experimental Morello
prototype, where pointers are implemented using unforgeable capabilities
that include bounds and permissions metadata to provide fine-grained
spatial and referential memory safety, as well as revocation by sweeping
memory to provide heap temporal memory safety.

On most systems (anything with a flat memory hierarchy rather than using
segment-based addressing), size_t and uintptr_t are the same type.
However, on CHERI, size_t is just an integer offset, whereas uintptr_t
is still a capability as described above. Casting a pointer to size_t
will strip the metadata and validity tag, and casting from size_t to a
pointer will result in a null-derived capability whose validity tag is
not set, and thus cannot be dereferenced without faulting.

The audio and cursor casts were harmless as they intend to stuff an
integer into a pointer, but using uintptr_t is the idiomatic way to do
that and silences our compiler warnings (which our build tool makes
fatal by default as they often indicate real problems). The iconv and
egl casts were true positives as SDL_iconv_t and iconv_t are pointer
types, as is NativeDisplayType on most OSes, so this would have trapped
at run time when using the round-tripped pointers. The gles2 casts were
also harmless; the OpenGL API defines this argument to be a pointer type
(and uses the argument name "pointer"), but it in fact represents an
integer offset, so like audio and cursor the additional idiomatic cast
is needed to silence the warning.
This commit is contained in:
Jessica Clarke 2021-07-29 18:02:47 +01:00 committed by Sam Lantinga
parent c8b4edf3d0
commit 8f38ba4d68
6 changed files with 16 additions and 16 deletions

View File

@ -955,8 +955,8 @@ SDL_BuildAudioResampleCVT(SDL_AudioCVT * cvt, const int dst_channels,
if (cvt->filter_index >= (SDL_AUDIOCVT_MAX_FILTERS-2)) { if (cvt->filter_index >= (SDL_AUDIOCVT_MAX_FILTERS-2)) {
return SDL_SetError("Too many filters needed for conversion, exceeded maximum of %d", SDL_AUDIOCVT_MAX_FILTERS-2); return SDL_SetError("Too many filters needed for conversion, exceeded maximum of %d", SDL_AUDIOCVT_MAX_FILTERS-2);
} }
cvt->filters[SDL_AUDIOCVT_MAX_FILTERS-1] = (SDL_AudioFilter) (size_t) src_rate; cvt->filters[SDL_AUDIOCVT_MAX_FILTERS-1] = (SDL_AudioFilter) (uintptr_t) src_rate;
cvt->filters[SDL_AUDIOCVT_MAX_FILTERS] = (SDL_AudioFilter) (size_t) dst_rate; cvt->filters[SDL_AUDIOCVT_MAX_FILTERS] = (SDL_AudioFilter) (uintptr_t) dst_rate;
if (src_rate < dst_rate) { if (src_rate < dst_rate) {
const double mult = ((double) dst_rate) / ((double) src_rate); const double mult = ((double) dst_rate) / ((double) src_rate);

View File

@ -65,7 +65,7 @@ test_device(const int iscapture, const char *fname, int flags, int (*test) (int
* information, making this information inaccessible at * information, making this information inaccessible at
* enumeration time * enumeration time
*/ */
SDL_AddAudioDevice(iscapture, fname, NULL, (void *) dummyhandle); SDL_AddAudioDevice(iscapture, fname, NULL, (void *) (uintptr_t) dummyhandle);
} }
} }
} }

View File

@ -961,7 +961,7 @@ SetDrawState(GLES2_RenderData *data, const SDL_RenderCommand *cmd, const GLES2_I
} }
if (texture) { if (texture) {
data->glVertexAttribPointer(GLES2_ATTRIBUTE_TEXCOORD, 2, GL_FLOAT, GL_FALSE, 0, (const GLvoid *) (cmd->data.draw.first + (sizeof (GLfloat) * 8))); data->glVertexAttribPointer(GLES2_ATTRIBUTE_TEXCOORD, 2, GL_FLOAT, GL_FALSE, 0, (const GLvoid *) (uintptr_t) (cmd->data.draw.first + (sizeof (GLfloat) * 8)));
} }
if (GLES2_SelectProgram(data, imgsrc, texture ? texture->w : 0, texture ? texture->h : 0) < 0) { if (GLES2_SelectProgram(data, imgsrc, texture ? texture->w : 0, texture ? texture->h : 0) < 0) {
@ -1004,7 +1004,7 @@ SetDrawState(GLES2_RenderData *data, const SDL_RenderCommand *cmd, const GLES2_I
} }
/* all drawing commands use this */ /* all drawing commands use this */
data->glVertexAttribPointer(GLES2_ATTRIBUTE_POSITION, 2, GL_FLOAT, GL_FALSE, 0, (const GLvoid *) cmd->data.draw.first); data->glVertexAttribPointer(GLES2_ATTRIBUTE_POSITION, 2, GL_FLOAT, GL_FALSE, 0, (const GLvoid *) (uintptr_t) cmd->data.draw.first);
if (is_copy_ex != was_copy_ex) { if (is_copy_ex != was_copy_ex) {
if (is_copy_ex) { if (is_copy_ex) {
@ -1018,8 +1018,8 @@ SetDrawState(GLES2_RenderData *data, const SDL_RenderCommand *cmd, const GLES2_I
} }
if (is_copy_ex) { if (is_copy_ex) {
data->glVertexAttribPointer(GLES2_ATTRIBUTE_ANGLE, 2, GL_FLOAT, GL_FALSE, 0, (const GLvoid *) (cmd->data.draw.first + (sizeof (GLfloat) * 16))); data->glVertexAttribPointer(GLES2_ATTRIBUTE_ANGLE, 2, GL_FLOAT, GL_FALSE, 0, (const GLvoid *) (uintptr_t) (cmd->data.draw.first + (sizeof (GLfloat) * 16)));
data->glVertexAttribPointer(GLES2_ATTRIBUTE_CENTER, 2, GL_FLOAT, GL_FALSE, 0, (const GLvoid *) (cmd->data.draw.first + (sizeof (GLfloat) * 24))); data->glVertexAttribPointer(GLES2_ATTRIBUTE_CENTER, 2, GL_FLOAT, GL_FALSE, 0, (const GLvoid *) (uintptr_t) (cmd->data.draw.first + (sizeof (GLfloat) * 24)));
} }
return 0; return 0;

View File

@ -55,13 +55,13 @@ SDL_COMPILE_TIME_ASSERT(iconv_t, sizeof (iconv_t) <= sizeof (SDL_iconv_t));
SDL_iconv_t SDL_iconv_t
SDL_iconv_open(const char *tocode, const char *fromcode) SDL_iconv_open(const char *tocode, const char *fromcode)
{ {
return (SDL_iconv_t) ((size_t) iconv_open(tocode, fromcode)); return (SDL_iconv_t) ((uintptr_t) iconv_open(tocode, fromcode));
} }
int int
SDL_iconv_close(SDL_iconv_t cd) SDL_iconv_close(SDL_iconv_t cd)
{ {
return iconv_close((iconv_t) ((size_t) cd)); return iconv_close((iconv_t) ((uintptr_t) cd));
} }
size_t size_t
@ -71,9 +71,9 @@ SDL_iconv(SDL_iconv_t cd,
{ {
size_t retCode; size_t retCode;
#ifdef ICONV_INBUF_NONCONST #ifdef ICONV_INBUF_NONCONST
retCode = iconv((iconv_t) ((size_t) cd), (char **) inbuf, inbytesleft, outbuf, outbytesleft); retCode = iconv((iconv_t) ((uintptr_t) cd), (char **) inbuf, inbytesleft, outbuf, outbytesleft);
#else #else
retCode = iconv((iconv_t) ((size_t) cd), inbuf, inbytesleft, outbuf, outbytesleft); retCode = iconv((iconv_t) ((uintptr_t) cd), inbuf, inbytesleft, outbuf, outbytesleft);
#endif #endif
if (retCode == (size_t) - 1) { if (retCode == (size_t) - 1) {
switch (errno) { switch (errno) {

View File

@ -507,12 +507,12 @@ SDL_EGL_LoadLibrary(_THIS, const char *egl_path, NativeDisplayType native_displa
} }
if (_this->egl_data->eglGetPlatformDisplay) { if (_this->egl_data->eglGetPlatformDisplay) {
_this->egl_data->egl_display = _this->egl_data->eglGetPlatformDisplay(platform, (void *)(size_t)native_display, NULL); _this->egl_data->egl_display = _this->egl_data->eglGetPlatformDisplay(platform, (void *)(uintptr_t)native_display, NULL);
} else { } else {
if (SDL_EGL_HasExtension(_this, SDL_EGL_CLIENT_EXTENSION, "EGL_EXT_platform_base")) { if (SDL_EGL_HasExtension(_this, SDL_EGL_CLIENT_EXTENSION, "EGL_EXT_platform_base")) {
_this->egl_data->eglGetPlatformDisplayEXT = SDL_EGL_GetProcAddress(_this, "eglGetPlatformDisplayEXT"); _this->egl_data->eglGetPlatformDisplayEXT = SDL_EGL_GetProcAddress(_this, "eglGetPlatformDisplayEXT");
if (_this->egl_data->eglGetPlatformDisplayEXT) { if (_this->egl_data->eglGetPlatformDisplayEXT) {
_this->egl_data->egl_display = _this->egl_data->eglGetPlatformDisplayEXT(platform, (void *)(size_t)native_display, NULL); _this->egl_data->egl_display = _this->egl_data->eglGetPlatformDisplayEXT(platform, (void *)(uintptr_t)native_display, NULL);
} }
} }
} }

View File

@ -77,7 +77,7 @@ X11_CreateDefaultCursor()
cursor = SDL_calloc(1, sizeof(*cursor)); cursor = SDL_calloc(1, sizeof(*cursor));
if (cursor) { if (cursor) {
/* None is used to indicate the default cursor */ /* None is used to indicate the default cursor */
cursor->driverdata = (void*)None; cursor->driverdata = (void*)(uintptr_t)None;
} else { } else {
SDL_OutOfMemory(); SDL_OutOfMemory();
} }
@ -216,7 +216,7 @@ X11_CreateCursor(SDL_Surface * surface, int hot_x, int hot_y)
if (x11_cursor == None) { if (x11_cursor == None) {
x11_cursor = X11_CreatePixmapCursor(surface, hot_x, hot_y); x11_cursor = X11_CreatePixmapCursor(surface, hot_x, hot_y);
} }
cursor->driverdata = (void*)x11_cursor; cursor->driverdata = (void*)(uintptr_t)x11_cursor;
} else { } else {
SDL_OutOfMemory(); SDL_OutOfMemory();
} }
@ -257,7 +257,7 @@ X11_CreateSystemCursor(SDL_SystemCursor id)
x11_cursor = X11_XCreateFontCursor(GetDisplay(), shape); x11_cursor = X11_XCreateFontCursor(GetDisplay(), shape);
cursor->driverdata = (void*)x11_cursor; cursor->driverdata = (void*)(uintptr_t)x11_cursor;
} else { } else {
SDL_OutOfMemory(); SDL_OutOfMemory();
} }