Fixed bug 1953 - Crash at memcpy X11_DispatchEvent(_THIS) Function
Nitz
In Function X11_DispatchEvent(_THIS), case SelectionNotify :
static void
X11_DispatchEvent(_THIS)
{
// Some Code
case SelectionNotify: {
//Some Code
SDL_bool expect_lf = SDL_FALSE;
char *start = NULL; // Initialised with NULL
char *scan = (char*)p.data;
char *fn;
char *uri;
int length = 0;
while (p.count--) {
if (!expect_lf) {
if (*scan==0x0D) {
expect_lf = SDL_TRUE;
} else if(start == NULL) {
start = scan;
length = 0;
}
length++;
} else {
if (*scan==0x0A && length>0) {
uri = malloc(length--);
memcpy(uri, start, length); // Problem is Here, start is still NULL if control comes to else statement without initialising the start pointer, which is wrong
uri[length] = 0;
fn = X11_URIToLocal(uri);
if (fn) SDL_SendDropFile(fn);
free(uri);
}
expect_lf = SDL_FALSE;
start = NULL;
}
scan++;
}
}
As shown above how start pointer remains NULL, Patch for this issue would be:
if (*scan==0x0D) {
expect_lf = SDL_TRUE;
}
if(start == NULL) {
start = scan;
length = 0;
}
Just replace else if statement with if.
This is a list of the platforms SDL supports, and who maintains them.
Officially supported platforms
==============================
(code compiles, and thoroughly tested for release)
==============================
Windows XP/Vista/7/8
Mac OS X 10.5+
Linux 2.6+
iOS 4.0.1+
Android 2.3.3+
Unofficially supported platforms
================================
(code compiles, but not thoroughly tested)
================================
FreeBSD
NetBSD
OpenBSD
Solaris
Platforms supported by volunteers
=================================
Haiku - maintained by Axel Dörfler <axeld@pinc-software.de>
PSP - maintained by 527721088@qq.com
Pandora - maintained by Scott Smith <pickle136@sbcglobal.net>
Platforms that need maintainers
===============================