zmike pushed a commit to branch master.
http://git.enlightenment.org/core/efl.git/commit/?id=2f852c92e87ba07df0332405e65ecaa00d64a6e5
commit 2f852c92e87ba07df0332405e65ecaa00d64a6e5
Author: Shinwoo Kim <cinoo....@samsung.com>
Date: Tue Feb 11 09:03:43 2020 -0500
evas_render: initialize variable
Summary:
evas_object_image_load_region_get could be called with following stack.
(#0) evas_object_image_load_region_get
(#1) evas_render_proxy_subrender
(#2) evas_filter_context_proxy_render_all
(#3) evas_filter_object_render
(#4) evas_object_text_render
This means that evas_object_image_load_region_get is called by text object.
In this case, the load region value has garbabe, and it leads to invalid
memory access which is detected by Assan(T8610).
This patch initialize variable before using
evas_object_image_load_region_set.
Reviewers: Hermet, jsuya, bu5hm4n, zmike
Reviewed By: zmike
Subscribers: cedric, #reviewers, #committers
Tags: #efl
Differential Revision: https://phab.enlightenment.org/D11316
---
src/lib/evas/canvas/evas_render.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lib/evas/canvas/evas_render.c
b/src/lib/evas/canvas/evas_render.c
index 27b3c52130..aba4103907 100644
--- a/src/lib/evas/canvas/evas_render.c
+++ b/src/lib/evas/canvas/evas_render.c
@@ -2323,7 +2323,7 @@ evas_render_proxy_subrender(Evas *eo_e, void *output,
Evas_Object *eo_source, Ev
int level = 1;
void *ctx;
int w, h, off_x = 0, off_y = 0;
- Eina_Rectangle lr;
+ Eina_Rectangle lr = {0, 0, 0, 0};
#ifdef REND_DBG
level = __RD_level;
--
