mirrors/SDL
1
0
Fork 0
mirror of https://github.com/libsdl-org/SDL.git synced 2025-09-11 22:08:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Prevent crashes if freed objects are passed to SDL API functions

Browse Source 
Instead of using the magic tag in the object, we'll actually keep track of valid objects

Fixes https://github.com/libsdl-org/SDL/issues/9869
Fixes https://github.com/libsdl-org/SDL/issues/9235
This commit is contained in:
Sam Lantinga
2024-06-03 04:09:28 -07:00
parent 57a15933cd
commit b0e93e4e63
28 changed files with 191 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/SDL_hashtable.c
View File

@@ -83,6 +83,10 @@ SDL_bool SDL_InsertIntoHashTable(SDL_HashTable *table, const void *key, const vo
SDL_HashItem *item;
const Uint32 hash = calc_hash(table, key);
if (!table) {
return SDL_FALSE;
}
if ( (!table->stackable) && (SDL_FindInHashTable(table, key, NULL)) ) {
return SDL_FALSE;
}
@@ -107,6 +111,10 @@ SDL_bool SDL_FindInHashTable(const SDL_HashTable *table, const void *key, const
void *data = table->data;
SDL_HashItem *i;
if (!table) {
return SDL_FALSE;
}
for (i = table->table[hash]; i; i = i->next) {
if (table->keymatch(key, i->key, data)) {
if (_value) {
@@ -126,6 +134,10 @@ SDL_bool SDL_RemoveFromHashTable(SDL_HashTable *table, const void *key)
SDL_HashItem *prev = NULL;
void *data = table->data;
if (!table) {
return SDL_FALSE;
}
for (item = table->table[hash]; item; item = item->next) {
if (table->keymatch(key, item->key, data)) {
if (prev) {
@@ -134,7 +146,9 @@ SDL_bool SDL_RemoveFromHashTable(SDL_HashTable *table, const void *key)
table->table[hash] = item->next;
}
table->nuke(item->key, item->value, data);
if (table->nuke) {
table->nuke(item->key, item->value, data);
}
SDL_free(item);
return SDL_TRUE;
}
@@ -149,6 +163,10 @@ SDL_bool SDL_IterateHashTableKey(const SDL_HashTable *table, const void *key, co
{
SDL_HashItem *item = *iter ? ((SDL_HashItem *) *iter)->next : table->table[calc_hash(table, key)];
if (!table) {
return SDL_FALSE;
}
while (item) {
if (table->keymatch(key, item->key, table->data)) {
*_value = item->value;
@@ -169,6 +187,10 @@ SDL_bool SDL_IterateHashTable(const SDL_HashTable *table, const void **_key, con
SDL_HashItem *item = (SDL_HashItem *) *iter;
Uint32 idx = 0;
if (!table) {
return SDL_FALSE;
}
if (item) {
const SDL_HashItem *orig = item;
item = item->next;
@@ -219,7 +241,9 @@ void SDL_DestroyHashTable(SDL_HashTable *table)
SDL_HashItem *item = table->table[i];
while (item) {
SDL_HashItem *next = item->next;
table->nuke(item->key, item->value, data);
if (table->nuke) {
table->nuke(item->key, item->value, data);
}
SDL_free(item);
item = next;
}