*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Marc Deslauriers (mdeslaur):
Please refer to the git repository of htop, the bug is https://github.com/hishamhm/htop/issues/882 In InfoScreen.c file, there is a potential use of uninitialised variable bug. In Line 133, it calls the function getmouse(&mevent) and mevent may be uninitialised after the function return. As we can see below, the library function getmouse would return ERR without initialising its parameter aevent (when the path condition at Line 1761-1764 is false, it will directly return ERR and not initialise aevent). Then, in the file InfoScreen.c, at Line 133, the path condition is false, and the Line 133-136 will not be executed. However, the Line 137, "if (mevent.y == LINES - 1)" will be executed, and mevent.y is not initialised at all. I guess there is a missing "else" in Line 137, which is the root cause of this bug. ** Affects: htop Importance: Unknown Status: Unknown ** Affects: htop (Ubuntu) Importance: Undecided Status: New -- A potential bug of use of uninitialised variable https://bugs.launchpad.net/bugs/1813556 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
