Fixed bug 2957 - De-reference rz_src without NULL check in SDLgfx_rotateSurface function
Nitz
In function SDLgfx_rotateSurface:
rz_dst =
SDL_CreateRGBSurface(SDL_SWSURFACE, dstwidth, dstheight + GUARD_ROWS,
rz_src->format->Rmask, rz_src->format->Gmask,
rz_src->format->Bmask, rz_src->format->Amask);
Here rz_src get De-referenced without NULL check, which is risky.
diff --git a/src/render/software/SDL_rotate.c b/src/render/software/SDL_rotate.c
index 5418c9e..356f6c1 100644
--- a/src/render/software/SDL_rotate.c
+++ b/src/render/software/SDL_rotate.c
@@ -378,10 +378,12 @@
#endif
);
rz_src = SDL_ConvertSurfaceFormat(src, format, src->flags);
+ if (rz_src == NULL) {
+ return NULL;
+ }
is32bit = 1;
}
-
/* Determine target size */
/* _rotozoomSurfaceSizeTrig(rz_src->w, rz_src->h, angle, &dstwidth, &dstheight, &cangle, &sangle); */
@@ -394,7 +396,6 @@
/*
* Alloc space to completely contain the rotated surface
*/
- rz_dst = NULL;
if (is32bit) {
/*
* Target surface is 32bit with source RGBA/ABGR ordering
