Uninitialized mouse index in SDL_win32events.c

I noticed in trunk/SDL/src/video/win32/SDL_win32events.c, in this code here…

case WM_INPUT:             /* mouse events */
    {
        LPBYTE lpb;
        const RAWINPUTHEADER *header;
        int index;
        int i;
        int size = 0;
        const RAWMOUSE *raw_mouse = NULL;
        POINT point;
        USHORT flags;
        int w, h;

        /* we're collecting raw data to be able to identify the

mouse (if there are several) */
GetRawInputData((HRAWINPUT) lParam, RID_INPUT, NULL, &size,
sizeof(RAWINPUTHEADER));
lpb = SDL_stack_alloc(BYTE, size);
GetRawInputData((HRAWINPUT) lParam, RID_INPUT, lpb, &size,
sizeof(RAWINPUTHEADER));
raw = (RAWINPUT *) lpb;
header = &raw->header;
flags = raw->data.mouse.usButtonFlags;

        /* we're checking which mouse generated the event */
        for (i = 0; i < total_mice; ++i) {
            if (mice[i] == header->hDevice) {
                index = i;
                break;
            }
        }

… if the device handle isn’t found in mice[], which it won’t be if
the mouse was plugged in after SDL_Init, then you end up with an
uninitialized value in index, which is then passed to various
SDL_SendMouse* functions.

Good catch, I just checked in a fix. Did you already have a patch to
dynamically update the available mice?On Sun, Sep 6, 2009 at 10:53 PM, Kenneth Bull wrote:

I noticed in trunk/SDL/src/video/win32/SDL_win32events.c, in this code here…

? ?case WM_INPUT: ? ? ? ? ? ? /* mouse events */
? ? ? ?{
? ? ? ? ? ?LPBYTE lpb;
? ? ? ? ? ?const RAWINPUTHEADER *header;
? ? ? ? ? ?int index;
? ? ? ? ? ?int i;
? ? ? ? ? ?int size = 0;
? ? ? ? ? ?const RAWMOUSE *raw_mouse = NULL;
? ? ? ? ? ?POINT point;
? ? ? ? ? ?USHORT flags;
? ? ? ? ? ?int w, h;

? ? ? ? ? ?/* we’re collecting raw data to be able to identify the
mouse (if there are several) */
? ? ? ? ? ?GetRawInputData((HRAWINPUT) lParam, RID_INPUT, NULL, &size,
? ? ? ? ? ? ? ? ? ? ? ? ? ?sizeof(RAWINPUTHEADER));
? ? ? ? ? ?lpb = SDL_stack_alloc(BYTE, size);
? ? ? ? ? ?GetRawInputData((HRAWINPUT) lParam, RID_INPUT, lpb, &size,
? ? ? ? ? ? ? ? ? ? ? ? ? ?sizeof(RAWINPUTHEADER));
? ? ? ? ? ?raw = (RAWINPUT *) lpb;
? ? ? ? ? ?header = &raw->header;
? ? ? ? ? ?flags = raw->data.mouse.usButtonFlags;

? ? ? ? ? ?/* we’re checking which mouse generated the event */
? ? ? ? ? ?for (i = 0; i < total_mice; ++i) {
? ? ? ? ? ? ? ?if (mice[i] == header->hDevice) {
? ? ? ? ? ? ? ? ? ?index = i;
? ? ? ? ? ? ? ? ? ?break;
? ? ? ? ? ? ? ?}
? ? ? ? ? ?}

… if the device handle isn’t found in mice[], which it won’t be if
the mouse was plugged in after SDL_Init, then you end up with an
uninitialized value in index, which is then passed to various
SDL_SendMouse* functions.


SDL mailing list
SDL at lists.libsdl.org
http://lists.libsdl.org/listinfo.cgi/sdl-libsdl.org


-Sam Lantinga, Founder and President, Galaxy Gameworks LLC

2009/9/7 Sam Lantinga :

Good catch, I just checked in a fix. ?Did you already have a patch to
dynamically update the available mice?

Not yet, which is why I mentioned it. Updating mice[] would probably
avoid this issue anyway.

You don’t get the same device handle when a mouse is unplugged and
plugged back in. If you just add the new handle without removing the
old one, then eventually you run out of space in mice[] and get a
buffer overflow. Also, if windows reuses one of your old device
handles, you end up with two identical entries in mice[] for two
different devices, and SDL, as it is now, would pick the older out of
date device every time. On the other hand, if you do remove the old
handle, then the indexes change for any mouse detected after the one
you removed, which messes up input in the user’s application.

Best way is probably to switch from device handles to device names in
mice[], but that means you’re comparing strings instead of numbers on
each mouse event, which would be a performance hit. You could use a
hash, but that might actually be worse. Probably shouldn’t matter
since input events are normally fairly infrequent, but WM_INPUT tends
to spam when moving the mouse.