[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[MiNT] Potential bug on mouse wheel

To: mint@lists.fishpool.fi
Subject: [MiNT] Potential bug on mouse wheel
From: Vincent Rivière <vincent.riviere@freesbee.fr>
Date: Sat, 19 Dec 2009 14:31:01 +0100
In-reply-to: <op.u46m5vaeofd6j1@descaro.cpe.ish>
List-help: <mailto:ecartis@lists.fishpool.fi?Subject=help>
List-id: <mint.lists.fishpool.fi>
List-owner: <mailto:tjhukkan@fishpool.fi>
List-post: <mailto:mint@lists.fishpool.fi>
List-subscribe: <mailto:mint-request@lists.fishpool.fi?Subject=subscribe>
List-unsubscribe: <mailto:mint-request@lists.fishpool.fi?Subject=unsubscribe>
References: <4B2CAA08.9030902@freesbee.fr> <op.u46k1qh5ofd6j1@descaro.cpe.ish> <4B2CAD7D.80102@freesbee.fr> <op.u46ltkocofd6j1@descaro.cpe.ish> <4B2CB454.80806@freesbee.fr> <op.u46m5vaeofd6j1@descaro.cpe.ish>
Sender: mint-bounce@lists.fishpool.fi
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.1.5) Gecko/20091204 Thunderbird/3.0

Helmut Karlowski wrote :

../c_mouse.c: In function 'cXA_wheel_event':
../c_mouse.c:623: warning: array subscript is above array bounds


That could be serious, but there is no obvious array in my sources in
that function.


It was not easy, but I finally found that array.

The functions tagged with the inline keyword are inlined with -O2, so thiswarning is not reported on the right line.


That array comes form the get_widget() function:
xaaes/src.km/widgets.h:96

static inline XA_WIDGET *get_widget(struct xa_window *wind, int n) { return&(wind->widgets[n]); }


Note that the second parameter n is used as subscript in the widgets array.

Now go back to xaaes/src.km/c_mouse.c, in cXA_wheel_event().
Look at the case WHL_SLDRWHEEL:
	short w = -1
followed by some tests that may affect the w variable, then:
	widg = get_widget(wind, w);

In the case where w is unmodified, get_widget() is called with n == -1, andwe really do a subscript out of range.


Now I stop here.
Let's XaAES gurus continue (and provide a patch !).

--
Vincent Rivière

Follow-Ups:
- Re: [MiNT] Potential bug on mouse wheel
  - From: Jean-Luc CECCOLI <Jean-Luc.Ceccoli@wanadoo.fr>
- Re: [MiNT] Potential bug on mouse wheel
  - From: "Helmut Karlowski" <helmut.karlowski@ish.de>

References:
- [MiNT] mshort support
  - From: Vincent Rivière <vincent.riviere@freesbee.fr>
- Re: [MiNT] mshort support
  - From: "Helmut Karlowski" <helmut.karlowski@ish.de>
- Re: [MiNT] mshort support
  - From: Vincent Rivière <vincent.riviere@freesbee.fr>
- Re: [MiNT] mshort support
  - From: "Helmut Karlowski" <helmut.karlowski@ish.de>
- Re: [MiNT] mshort support
  - From: Vincent Rivière <vincent.riviere@freesbee.fr>
- Re: [MiNT] mshort support
  - From: "Helmut Karlowski" <helmut.karlowski@ish.de>

Prev by Date: Re: [MiNT] mshort support
Next by Date: Re: [MiNT] Potential bug on mouse wheel
Previous by thread: Re: [MiNT] mshort support
Next by thread: Re: [MiNT] Potential bug on mouse wheel
Index(es):
- Date
- Thread