Skip to content

Potential security issue in src_c/_sdl2/sdl2.c: Unchecked return from initialization function #188

Description

@monocle-ai

What is a Conditionally Uninitialized Variable? The return value of a function that is potentially used to initialize a local variable is not checked. Therefore, reading the local variable may result in undefined behavior.

1 instance of this defect were found in the following locations:

Instance 1
File : src_c/_sdl2/sdl2.c
Function: PyObject_SetAttr

PyObject_SetAttr(__pyx_cython_runtime, __pyx_n_s_cline_in_traceback, Py_False);

Code extract:

    }
    if (!use_cline) {
        c_line = 0;
        PyObject_SetAttr(__pyx_cython_runtime, __pyx_n_s_cline_in_traceback, Py_False); <------ HERE
    }
    else if (use_cline == Py_False || (use_cline != Py_True && PyObject_Not(use_cline) != 0)) {

How can I fix it?
Correct reference usage found in src_c/pypm.c at line 6419.

if (PyObject_SetAttr(__pyx_m, __pyx_n_s_Input, (PyObject *)&__pyx_type_6pygame_4pypm_Input) < 0) __PYX_ERR(0, 510, __pyx_L1_error)

Code extract:

    }
  }
  #endif
  if (PyObject_SetAttr(__pyx_m, __pyx_n_s_Input, (PyObject *)&__pyx_type_6pygame_4pypm_Input) < 0) __PYX_ERR(0, 510, __pyx_L1_error) <------ HERE
  if (__Pyx_setup_reduce((PyObject*)&__pyx_type_6pygame_4pypm_Input) < 0) __PYX_ERR(0, 510, __pyx_L1_error)
  __pyx_ptype_6pygame_4pypm_Input = &__pyx_type_6pygame_4pypm_Input;

Metadata

Metadata

Assignees

No one assigned

    Labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions