We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 4838 - Use after free in SDL_JoystickUpdate

Summary: Use after free in SDL_JoystickUpdate

Status:	RESOLVED FIXED

Alias:	None

Product:	SDL
Classification:	Unclassified
Component:	joystick (show other bugs)
Version:	2.0.10
Hardware:	All All

Importance:	P2 normal
Assignee:	Sam Lantinga
QA Contact:	Sam Lantinga

URL:
Keywords:

Depends on:
Blocks:

Reported:	2019-10-21 11:11 UTC by Mathieu Eyraud
Modified:	2019-10-23 06:51 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Fix use after free (771 bytes, patch) 2019-10-21 11:11 UTC, Mathieu Eyraud	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Mathieu Eyraud 2019-10-21 11:11:52 UTC

Created attachment 3992 [details]
Fix use after free

For loop in SDL_JoystickUpdate uses 'joystick->next' while 'joystick' was potentially freed by SDL_JoystickClose.

Comment 1 Sylvain 2019-10-23 06:51:32 UTC

Thanks ! also in : https://hg.libsdl.org/SDL/rev/78b50cbc7a3b

We are currently migrating Bugzilla to GitHub issues.Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.