We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 4839

Summary:	Read of uninitialized memory in Win32_ResizeWindowShape
Product:	SDL	Reporter:	Mathieu Eyraud <meyraud705>
Component:	video	Assignee:	Sam Lantinga <slouken>
Status:	RESOLVED FIXED	QA Contact:	Sam Lantinga <slouken>
Severity:	normal
Priority:	P2	CC:	sylvain.becker
Version:	2.0.10
Hardware:	All
OS:	Windows (All)

Description Mathieu Eyraud 2019-10-21 11:26:39 UTC

In file src/video/windows/SDL_windowsshape.c ( https://hg.libsdl.org/SDL/file/74ac66d0e8ca/src/video/windows/SDL_windowsshape.c ):

Memory is allocated on line 32 by malloc in Win32_CreateShaper;
Member 'hasshape' is not initialized;
Calling Win32_ResizeWindowShape on line 41;
Win32_ResizeWindowShape read 'hasshape' on line 101.

Comment 1 Sylvain 2019-10-23 07:19:28 UTC

Thanks ! Fixed in https://hg.libsdl.org/SDL/rev/c6296591b16f

( the way it would be initialized afterwards https://hg.libsdl.org/SDL/file/c6296591b16f/src/video/SDL_shape.c#l48 )

We are currently migrating Bugzilla to GitHub issues.Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 4839

We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.