From 9458dc07dc0adeb3e033c01c35212532114c4225 Mon Sep 17 00:00:00 2001 From: Susko3 Date: Mon, 20 May 2024 19:35:24 +0200 Subject: [PATCH] Fix double-free on cleanup and general nonsense when deleting fingers --- src/events/SDL_touch.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/events/SDL_touch.c b/src/events/SDL_touch.c index 9682251692..d3bf2647e0 100644 --- a/src/events/SDL_touch.c +++ b/src/events/SDL_touch.c @@ -241,7 +241,12 @@ static int SDL_DelFinger(SDL_Touch *touch, SDL_FingerID fingerid) } if (index < (touch->num_fingers - 1)) { + // Move the deleted finger to the end of the active fingers array and shift the active fingers by one. + // This ensures that the descriptor for the now-deleted finger is located at `touch->fingers[touch->num_fingers]` (after the decrement below) + // and is ready for use in SDL_AddFinger. + SDL_Finger *deleted_finger = touch->fingers[index]; SDL_memmove(&touch->fingers[index], &touch->fingers[index + 1], (touch->num_fingers - index - 1) * sizeof(touch->fingers[index])); + touch->fingers[touch->num_fingers - 1] = deleted_finger; } --touch->num_fingers; return 0;