pandory500/SDL-mirror
2
0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed bug 1802 - NULL pointer dereference in SDL_AllocRW() if out of memory.

Browse source 
Philipp Wiesemann

There is a NULL pointer dereference in SDL_AllocRW() if the system is out of memory. The "type" field is always written. This may be fixed with an early return.

Or an else{} or not writing the field and using slower SDL_calloc().

This fault was recently introduced (http://hg.libsdl.org/SDL/rev/681820ca0e78).
This commit is contained in:
Sam Lantinga 2013-04-17 01:32:06 -07:00
parent 226fdc16e6
commit eb97bff0bd
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/file/SDL_rwops.c
View file

@ -628,8 +628,9 @@ SDL_AllocRW(void)
area = (SDL_RWops *) SDL_malloc(sizeof *area); area = (SDL_RWops *) SDL_malloc(sizeof *area);
if (area == NULL) { if (area == NULL) {
SDL_OutOfMemory(); SDL_OutOfMemory();
} } else {
area->type = SDL_RWOPS_UNKNOWN; area->type = SDL_RWOPS_UNKNOWN;
}
return (area); return (area);
} }