mirror of
https://github.com/Ryujinx/SDL.git
synced 2024-09-23 23:48:37 +02:00
79a846d486
romain.lacroix For the windows implementation of SDL_ShowMessageBox() : ./src/video/windows/SDL_windowsmessagebox.c:345 WIN_ShowMessageBox() The implementation in 2.0.4 uses "button index" for parameter "id" of function AddDialogButton(). It then expects the value provided in param wParam of function MessageBoxDialogProc() to be a valid index of a button. It uses this value to index in the array of buttons when DialogBoxIndirect() returns (line 474 : *buttonid = buttons[which].buttonid;) However, when dismissing this box with Escape, the return value of DialogBoxIndirect will be SDL_MESSAGEBOX_BUTTON_ESCAPEKEY_DEFAULT (=2) which is not always a valid index of array buttons. When the array buttons has a length less or equal than 2, the memory access is invalid; I can see that the value written to *buttonId is uninitialized memory (random value). The fix I propose : use value "buttonid" (field of button) for parameter "id" of AddDialogButton(), then copy return value of DialogBoxIndirect() in *buttonid. This way, we will not use an out-of-bounds index in array buttons. |
||
|---|---|---|
| .. | ||
| SDL_msctf.h | ||
| SDL_vkeys.h | ||
| SDL_windowsclipboard.c | ||
| SDL_windowsclipboard.h | ||
| SDL_windowsevents.c | ||
| SDL_windowsevents.h | ||
| SDL_windowsframebuffer.c | ||
| SDL_windowsframebuffer.h | ||
| SDL_windowskeyboard.c | ||
| SDL_windowskeyboard.h | ||
| SDL_windowsmessagebox.c | ||
| SDL_windowsmessagebox.h | ||
| SDL_windowsmodes.c | ||
| SDL_windowsmodes.h | ||
| SDL_windowsmouse.c | ||
| SDL_windowsmouse.h | ||
| SDL_windowsopengl.c | ||
| SDL_windowsopengl.h | ||
| SDL_windowsopengles.c | ||
| SDL_windowsopengles.h | ||
| SDL_windowsshape.c | ||
| SDL_windowsshape.h | ||
| SDL_windowsvideo.c | ||
| SDL_windowsvideo.h | ||
| SDL_windowswindow.c | ||
| SDL_windowswindow.h | ||
| wmmsg.h | ||