We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 4838

Summary:	Use after free in SDL_JoystickUpdate
Product:	SDL	Reporter:	Mathieu Eyraud <meyraud705>
Component:	joystick	Assignee:	Sam Lantinga <slouken>
Status:	RESOLVED FIXED	QA Contact:	Sam Lantinga <slouken>
Severity:	normal
Priority:	P2	CC:	sylvain.becker
Version:	2.0.10
Hardware:	All
OS:	All
Attachments:	Fix use after free

Description Mathieu Eyraud 2019-10-21 11:11:52 UTC

Created attachment 3992 [details]
Fix use after free

For loop in SDL_JoystickUpdate uses 'joystick->next' while 'joystick' was potentially freed by SDL_JoystickClose.

Comment 1 Sylvain 2019-10-23 06:51:32 UTC

Thanks ! also in : https://hg.libsdl.org/SDL/rev/78b50cbc7a3b

We are currently migrating Bugzilla to GitHub issues.Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 4838

We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.