supertux Fix out-of-bounds accesses in ProfileMenu::menu_action and a potential nullptr dereference in Sector::Sector

Fix out-of-bounds accesses in ProfileMenu::menu_action and a potential nullptr dereference in Sector::Sector

Open HybridDog opened this issue 3 years ago • 0 comments

I found these with TscanCode; they were introduced in these commits: https://github.com/SuperTux/supertux/commit/5ca4dc6e3d1a0be8cc9f57a66b0a3f03ad7988be#diff-abbbfc03a6342c2fa8924bc76f71cde054fc628a58f9fe46f3287d29d0fb8c20R94 https://github.com/SuperTux/supertux/commit/0de68b210e6d525b0edca4fa392289cef80c8882#diff-f9de83bde22e94086caae91611106a59d1284054bb5d8a156622ff6a7f419207R180

TscanCode has some additional detections; I think three of them are false positives:

[[…]/object/player.cpp:1658]: (Serious) Comparing [m_target] to null at line 1656 implies that [m_target ] might be null.Dereferencing null pointer [m_target].
[[…]/object/player.cpp:377]: (Serious) Comparing [m_target] to null at line 375 implies that [m_target ] might be null.Dereferencing null pointer [m_target].
[[…]/supertux/menu/addon_preview_menu.cpp:109]: (Serious) When i==desc.size(), desc[i] is out of bounds.
[[…]/video/bitmap_font.cpp:254]: (Serious) Null - checking [surface] suggests that it may be null, but it has already been dereferenced at line 225.

I've ommited the fix in addon_preview_menu.cpp because it's already part of PR #2294: https://github.com/SuperTux/supertux/pull/2294/commits/f9765b9a947a41fa7fe0f072ffc6a486ced62808

Sep 13 '22 12:09 HybridDog

supertux supertux copied to clipboard

Fix out-of-bounds accesses in ProfileMenu::menu_action and a potential nullptr dereference in Sector::Sector

supertux
supertux copied to clipboard