VOGONS


First post, by Qbix

User metadata
Rank DOSBox Author
Rank
DOSBox Author

A new version has been released, with the focus on security:

  • Fixed that a very long line inside a bat file would overflow the parsing buffer. (CVE-2019-7165 by Alexandre Bartel)
  • Added a basic permission system so that a program running inside DOSBox can't access the contents of /proc (e.g. /proc/self/mem) when / or /proc were (to be) mounted.(CVE-2019-12594 by Alexandre Bartel)
  • Several other fixes for out of bounds access and buffer overflows.
  • Some fixes to the OpenGL rendering.

Full changelog:

  • Implement basic file access control for files available from within the emulation, so that programs running inside DOSBox can't access /proc (e.g. /proc/self/mem). (CVE-2019-12594)
  • Unify unmounting code and add some protections against out of bound access when DOS_DRIVES is not 26.
  • Use correct type for return value of strlen.
  • Change scan3x to a bit brighter.
  • Fix unitialized access to some isoDrive fields and improve stability when switching CD images.
  • Small fix to hq3x.
  • Fix 256 colour mode encoding in zmbv.dll.
  • Some small aliassing fix.
  • Change SET to check the size of the MCB when adding variables. Fixes hangs with Norton Commander.
  • Check buffer length before doing tab completion.
  • Correct buffer overflow with very long lines in bat files. (CVE-2019-7165)
  • Correct the boundary check for the internal programs array.
  • Increase stability in max cycles mode by increasing the lower bound.
  • Fix command prompt in windows 3.11 with dynrec core.
  • Fix Win64 dynrec core.
  • Always clear buffers before drawing in OpenGL mode. Fixes artifacts with drivers that have more than 2 buffers and overlays.
  • Fix red border that appeared when scaling the image in OpenGL mode with Nvidia on Linux and Mac.
  • Change default output to opengl on Mac, as surface is very slow there in 64 bit.
  • Add workaround for the mouse unlocking problem with X.org 1.20.1.
  • Fix table access when USE_FULL_TLB is undefined (non-default configuration).
  • Several fixes to prevent compilation errors.
  • Update Visual studio file to fix missing files from 0.74-2.

In an ideal world 0.75 would have been released already, but some bugs took way longer than expected as well as real life demanding a lot of attention.
It's still being worked on.

Water flows down the stream
How to ask questions the smart way!

Reply 1 of 16, by eL_PuSHeR

User metadata
Rank l33t++
Rank
l33t++

Excellent.

By the way I have noticed that there is no uninstall entry for DOSBox under Add & Remove programs (Win10 x64). Is this normal? Also after uninstalling 0.74-2 my settings were not preserved.

Intel i7 5960X
Gigabye GA-X99-Gaming 5
8 GB DDR4 (2100)
8 GB GeForce GTX 1070 G1 Gaming (Gigabyte)

Reply 2 of 16, by Qbix

User metadata
Rank DOSBox Author
Rank
DOSBox Author

The settings are preserved, except the configuration file is tied to the version number.
you can copy/rename the 0.74-2 one to the 0.74-3 one.

Water flows down the stream
How to ask questions the smart way!

Reply 3 of 16, by DosFreak

User metadata
Rank l33t++
Rank
l33t++

https://sourceforge.net/p/dosbox/bugs/507/?limit=25#63e7

cue mounting works for me in 0.74-3 in Windows

imgmount d c:\1\war1.cue -t iso

FILE "WAR1.bin" BINARY TRACK 01 MODE1/2352 INDEX 01 00:00:00 TRACK 02 AUDIO INDEX 01 29:41:25 TRACK 03 AUDIO I […]
Show full quote

FILE "WAR1.bin" BINARY
TRACK 01 MODE1/2352
INDEX 01 00:00:00
TRACK 02 AUDIO
INDEX 01 29:41:25
TRACK 03 AUDIO
INDEX 01 30:28:69
TRACK 04 AUDIO
INDEX 01 34:40:54
TRACK 05 AUDIO
INDEX 01 38:27:46
TRACK 06 AUDIO
INDEX 01 42:09:59
TRACK 07 AUDIO
INDEX 01 45:59:10
TRACK 08 AUDIO
INDEX 01 49:37:12

How To Ask Questions The Smart Way
Make your games work offline

Reply 7 of 16, by JonathonWyble

User metadata
Rank Member
Rank
Member

Just 'bout time you guys released a new version of DOSBox. Thanks Qbix! I'll update my DOSBox version when I'm on my main PC. I guess sometimes it can be hard to find time to work on new versions of this stuff.

1998 Pentium II build

1553292341.th.19547.gif

Reply 10 of 16, by DosFreak

User metadata
Rank l33t++
Rank
l33t++

It always amuses me when people copy and past a list of the Daum patches and cry about it without having any knowledge of those patches. Keep crying.

How To Ask Questions The Smart Way
Make your games work offline

Reply 11 of 16, by Qbix

User metadata
Rank DOSBox Author
Rank
DOSBox Author
rcblanke wrote:

Hi guys, is there a known issue with the Mac build? See DOSBox 0.74-3 Broken on Mac

Should be fixed now. Please re-download.

Thanks Lei for spreading the word.

Water flows down the stream
How to ask questions the smart way!

Reply 12 of 16, by gdjacobs

User metadata
Rank l33t++
Rank
l33t++
DosFreak wrote:

It always amuses me when people copy and past a list of the Daum patches and cry about it without having any knowledge of those patches. Keep crying.

They're welcome to create and maintain their own fork.

All hail the Great Capacitor Brand Finder

Reply 15 of 16, by Dominus

User metadata
Rank DOSBox Moderator
Rank
DOSBox Moderator

The overlay mountpoint has not been removed. It has not been implemented in official Dosbox releases. Unless I'm mistaken.
SVN builds do have it

Windows 3.1x guide for DOSBox
60 seconds guide to DOSBox
DOSBox SVN snapshot for macOS (10.4-11.x ppc/intel 32/64bit) notarized for gatekeeper