Fixed bug 1802 - NULL pointer dereference in SDL_AllocRW() if out of memory.

Philipp Wiesemann There is a NULL pointer dereference in SDL_AllocRW() if the system is out of memory. The "type" field is always written. This may be fixed with an early return. Or an else{} or not writing the field and using slower SDL_calloc(). This fault was recently introduced (http://hg.libsdl.org/SDL/rev/681820ca0e78).
2013-04-17 01:32:06 -07:00 · 2013-04-17 01:32:06 -07:00 · eb97bff0bd
commit eb97bff0bd
parent 226fdc16e6
1 changed files with 2 additions and 1 deletions
--- a/src/file/SDL_rwops.c
+++ b/src/file/SDL_rwops.c
@ -628,8 +628,9 @@ SDL_AllocRW(void)
    area = (SDL_RWops *) SDL_malloc(sizeof *area);
    if (area == NULL) {
        SDL_OutOfMemory();
+    } else {
+        area->type = SDL_RWOPS_UNKNOWN;
    }
-    area->type = SDL_RWOPS_UNKNOWN;
    return (area);
 }