Skip to content

Potential security issue in src_c/imageext.c: Unchecked return from initialization function #202

Description

@monocle-ai

What is a Conditionally Uninitialized Variable? The return value of a function that is potentially used to initialize a local variable is not checked. Therefore, reading the local variable may result in undefined behavior.

1 instance of this defect were found in the following locations:

Instance 1
File : src_c/imageext.c
Function: SDL_GetSurfaceBlendMode

SDL_GetSurfaceBlendMode(surface, &surf_mode);

Code extract:

#else /* IS_SDLv2 */
    SDL_GetSurfaceAlphaMod(surface, &surf_alpha);
    SDL_SetSurfaceAlphaMod(surface, 255);
    SDL_GetSurfaceBlendMode(surface, &surf_mode); <------ HERE
    SDL_SetSurfaceBlendMode(surface, SDL_BLENDMODE_NONE);

How can I fix it?
Correct reference usage found in src_c/transform.c at line 92.

if (SDL_GetSurfaceBlendMode(surf, &mode) < 0) {

Code extract:

{
    if (SDL_ISPIXELFORMAT_ALPHA(surf->format->format)) {
        SDL_BlendMode mode;
        if (SDL_GetSurfaceBlendMode(surf, &mode) < 0) { <------ HERE
            return -1;
        }

Metadata

Metadata

Assignees

No one assigned

    Labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions