sdl2_image: heap-based buffer overflow in SDL blit functions in video/SDL_blit*.c (CVE-2019-13616)
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
References:
Patch:
https://hg.libsdl.org/SDL_image/rev/ba45f00879ba
Affected branches:
-
master -
3.10-stable -
3.9-stable -
3.8-stable -
3.7-stable