Fixed bug 1953 - Crash at memcpy X11_DispatchEvent(_THIS) Function Nitz In Function X11_DispatchEvent(_THIS), case SelectionNotify : static void X11_DispatchEvent(_THIS) { // Some Code case SelectionNotify: { //Some Code SDL_bool expect_lf = SDL_FALSE; char *start = NULL; // Initialised with NULL char *scan = (char*)p.data; char *fn; char *uri; int length = 0; while (p.count--) { if (!expect_lf) { if (*scan==0x0D) { expect_lf = SDL_TRUE; } else if(start == NULL) { start = scan; length = 0; } length++; } else { if (*scan==0x0A && length>0) { uri = malloc(length--); memcpy(uri, start, length); // Problem is Here, start is still NULL if control comes to else statement without initialising the start pointer, which is wrong uri[length] = 0; fn = X11_URIToLocal(uri); if (fn) SDL_SendDropFile(fn); free(uri); } expect_lf = SDL_FALSE; start = NULL; } scan++; } } As shown above how start pointer remains NULL, Patch for this issue would be: if (*scan==0x0D) { expect_lf = SDL_TRUE; } if(start == NULL) { start = scan; length = 0; } Just replace else if statement with if.

# Makefile to build the SDL library

INCLUDE = -I./include
CFLAGS  = -g -O2 $(INCLUDE)
AR	= ar
RANLIB	= ranlib

TARGET  = libSDL.a
SOURCES = \
	src/*.c \
	src/audio/*.c \
	src/audio/dummy/*.c \
	src/cpuinfo/*.c \
	src/events/*.c \
	src/file/*.c \
	src/haptic/*.c \
	src/haptic/dummy/*.c \
	src/joystick/*.c \
	src/joystick/dummy/*.c \
	src/loadso/dummy/*.c \
	src/power/*.c \
	src/render/*.c \
	src/render/software/*.c \
	src/stdlib/*.c \
	src/thread/*.c \
	src/thread/generic/*.c \
	src/timer/*.c \
	src/timer/dummy/*.c \
	src/video/*.c \
	src/video/dummy/*.c \

OBJECTS = $(shell echo $(SOURCES) | sed -e 's,\.c,\.o,g')

all: $(TARGET)

$(TARGET): $(OBJECTS)
	$(AR) crv $@ $^
	$(RANLIB) $@

clean:
	rm -f $(TARGET) $(OBJECTS)