[SDL_Tizen] Fix svace issue

- Uninitialized data is read from local variable 'sampleErrorY' at SDL_test_compare.c:106.
  The variable is uninitialized at SDL_test_compare.c:106.
- Buffer 'tempBuf' of size 4 accessed at SDL_test_fuzzer.c:259 can overflow.
  since its index 'return value of SDLTest_RandomUint8() % index' can have value 254 that is out of range,
  as indicated by preceding conditional expression at SDL_test_fuzzer.c:259.

Change-Id: Ia35aeea7f691bc582c40136c4269d70785e68000
Signed-off-by: huiyu.eun <huiyu.eun@samsung.com>

diff --git a/src/test/SDL_test_compare.c b/src/test/SDL_test_compare.c
index 45eb3c6..d06ead9 100644 (file)
--- a/src/test/SDL_test_compare.c
+++ b/src/test/SDL_test_compare.c
@@ -43,7 +43,7 @@ int SDLTest_CompareSurfaces(SDL_Surface *surface, SDL_Surface *referenceSurface,
    int bpp, bpp_reference;
    Uint8 *p, *p_reference;
    int dist;
-   int sampleErrorX, sampleErrorY, sampleDist;
+   int sampleErrorX = 0, sampleErrorY = 0, sampleDist = 0;
    Uint8 R, G, B, A;
    Uint8 Rd, Gd, Bd, Ad;
    char imageFilename[128];

diff --git a/src/test/SDL_test_fuzzer.c b/src/test/SDL_test_fuzzer.c
index 1bd8dfa..c8a7781 100644 (file)
--- a/src/test/SDL_test_fuzzer.c
+++ b/src/test/SDL_test_fuzzer.c
@@ -256,7 +256,12 @@ SDLTest_GenerateUnsignedBoundaryValues(const Uint64 maxValue, Uint64 boundary1,
         return 0;
     }
 
-    return tempBuf[SDLTest_RandomUint8() % index];
+    int bufIdx = SDLTest_RandomUint8() % index;
+    if(bufIdx>=4)
+        return 0;
+
+     return tempBuf[bufIdx];
+
 }
 
 
@@ -388,7 +393,13 @@ SDLTest_GenerateSignedBoundaryValues(const Sint64 minValue, const Sint64 maxValu
         return minValue;
     }
 
-    return tempBuf[SDLTest_RandomUint8() % index];
+
+
+    int bufIdx = SDLTest_RandomUint8() % index;
+    if(bufIdx>=4)
+        return 0;
+
+     return tempBuf[bufIdx];
 }