We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 2957 - De-reference rz_src without NULL check in SDLgfx_rotateSurface function
Summary: De-reference rz_src without NULL check in SDLgfx_rotateSurface function
Status: RESOLVED FIXED
Alias: None
Product: SDL
Classification: Unclassified
Component: render (show other bugs)
Version: 2.0.3
Hardware: x86 Linux
: P2 major
Assignee: Sam Lantinga
QA Contact: Sam Lantinga
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-04-23 06:37 UTC by Nitz
Modified: 2016-10-08 00:30 UTC (History)
0 users

See Also:

Attachments
Patch for rz_src NULL check (496 bytes, patch)
2015-04-23 06:37 UTC, Nitz 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Nitz 2015-04-23 06:37:11 UTC 
Created attachment 2130 [details]
Patch for rz_src NULL check

In function SDLgfx_rotateSurface:

rz_dst =
            SDL_CreateRGBSurface(SDL_SWSURFACE, dstwidth, dstheight + GUARD_ROWS, 
            rz_src->format->Rmask, rz_src->format->Gmask,
            rz_src->format->Bmask, rz_src->format->Amask);

Here rz_src get De-referenced without NULL check, which is risky.

Patch is attached for rz_src NULL check.
Comment 1 Sam Lantinga 2016-10-08 00:30:39 UTC 
Fixed, thanks!
https://hg.libsdl.org/SDL/rev/63cc8dcc2ef9