Re: [Iup-users] IUP assorted issues (part III)

Sun, 12 Jul 2020 11:33:07 -0700 

*1. Possible dereference null at functions iFlatTreeTextEditVALUECHANGED_CB
andiFlatTreeTextEditKCR_CB (src/iup_flatree.c)Function iFlatTreeGetNode can
return NULL, so, var nodefocus can be NULL*
    That can never happen in the context of that function.




*2. Uninitialized var used (src/win/iupwin_clipboard.c)Var len is used at
iupwinStrToSystemLen*
  Fixed and committed to the SVN. Thanks for reporting.




*3. Argument cannot be negative (src/iup_classinfo.c)function
IupGetClassCallback (line 288) can return negative number qsort(attr_names,
cb_n, sizeof(char*), compare_names); // cb_n cannot be negative number here*

  That can never happen in the context of that function.





*4. Use after free (src/win/iupwin_image.c)If IMAGEDESTROY_CB is defined at
line 889, a function call will be done by passingvariable handle freed.cb
function callback cannot use handle. *

  That is correct. The comment on line 886 explains that. The handle
address can be used only as a reference for memory monitoring.

Best,
Scuri



Em sex., 10 de jul. de 2020 às 22:35, Ranier Vilela <ranier_...@hotmail.com>
escreveu:

> Hi Scuri,
>
> There are some news issues with IUP-3.29
>
> 1. Possible dereference null at functions iFlatTreeTextEditVALUECHANGED_CB
> and
> iFlatTreeTextEditKCR_CB (src/iup_flatree.c)
>
> Function iFlatTreeGetNode can return NULL, so, var nodefocus can be NULL
>
> 2. Uninitialized var used (src/win/iupwin_clipboard.c)
> Var len is used at iupwinStrToSystemLen
>
> 3. Argument cannot be negative (src/iup_classinfo.c)
> function IupGetClassCallback (line 288) can return negative number
>
>  qsort(attr_names, cb_n, sizeof(char*), compare_names); // cb_n cannot be
> negative number here
>
> 4. Use after free (src/win/iupwin_image.c)
> If IMAGEDESTROY_CB is defined at line 889, a function call will be done by
> passing
> variable handle freed.
> cb function callback cannot use handle.
>
> regards,
> Ranier Vilela
>
>
> _______________________________________________
> Iup-users mailing list
> Iup-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/iup-users
>

_______________________________________________
Iup-users mailing list
Iup-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/iup-users






















					Reply via email to