Linux: avoided an out-of-bounds access when using mice with large numbers of buttons

modules/juce_gui_basics/native/juce_linux_X11_Windowing.cpp

@@ -255,7 +255,7 @@ namespace XRender
     static tXRenderFindFormat xRenderFindFormat = nullptr;
     static tXRenderFindVisualFormat xRenderFindVisualFormat = nullptr;
 
-    static bool isAvailable(::Display* display)
+    static bool isAvailable (::Display* display)
     {
         static bool hasLoaded = false;
 
@@ -292,13 +292,13 @@ namespace XRender
         return xRenderQueryVersion != nullptr;
     }
 
-    static bool hasCompositingWindowManager(::Display* display) noexcept
+    static bool hasCompositingWindowManager (::Display* display) noexcept
     {
         return display != nullptr
                 && XGetSelectionOwner (display, Atoms::getCreating ("_NET_WM_CM_S0")) != 0;
     }
 
-    static XRenderPictFormat* findPictureFormat(::Display* display)
+    static XRenderPictFormat* findPictureFormat (::Display* display)
     {
         ScopedXLock xlock (display);
         XRenderPictFormat* pictFormat = nullptr;
@@ -2214,14 +2214,19 @@ public:
     {
         updateKeyModifiers ((int) buttonPressEvent.state);
 
-        switch (pointerMap [buttonPressEvent.button - Button1])
+        auto mapIndex = (uint32) (buttonPressEvent.button - Button1)
+
+        if (mapIndex < numElementsInArray (pointerMap))
         {
-            case Keys::WheelUp:         handleWheelEvent (buttonPressEvent,  50.0f / 256.0f); break;
-            case Keys::WheelDown:       handleWheelEvent (buttonPressEvent, -50.0f / 256.0f); break;
-            case Keys::LeftButton:      handleButtonPressEvent (buttonPressEvent, ModifierKeys::leftButtonModifier); break;
-            case Keys::RightButton:     handleButtonPressEvent (buttonPressEvent, ModifierKeys::rightButtonModifier); break;
-            case Keys::MiddleButton:    handleButtonPressEvent (buttonPressEvent, ModifierKeys::middleButtonModifier); break;
-            default: break;
+            switch (pointerMap[mapIndex])
+            {
+                case Keys::WheelUp:         handleWheelEvent (buttonPressEvent,  50.0f / 256.0f); break;
+                case Keys::WheelDown:       handleWheelEvent (buttonPressEvent, -50.0f / 256.0f); break;
+                case Keys::LeftButton:      handleButtonPressEvent (buttonPressEvent, ModifierKeys::leftButtonModifier); break;
+                case Keys::RightButton:     handleButtonPressEvent (buttonPressEvent, ModifierKeys::rightButtonModifier); break;
+                case Keys::MiddleButton:    handleButtonPressEvent (buttonPressEvent, ModifierKeys::middleButtonModifier); break;
+                default: break;
+            }
         }
 
         clearLastMousePos();
@@ -2234,12 +2239,17 @@ public:
         if (parentWindow != 0)
             updateWindowBounds();
 
-        switch (pointerMap [buttonRelEvent.button - Button1])
+        auto mapIndex = (uint32) (buttonRelEvent.button - Button1)
+
+        if (mapIndex < numElementsInArray (pointerMap))
         {
-            case Keys::LeftButton:      currentModifiers = currentModifiers.withoutFlags (ModifierKeys::leftButtonModifier); break;
-            case Keys::RightButton:     currentModifiers = currentModifiers.withoutFlags (ModifierKeys::rightButtonModifier); break;
-            case Keys::MiddleButton:    currentModifiers = currentModifiers.withoutFlags (ModifierKeys::middleButtonModifier); break;
-            default: break;
+            switch (pointerMap[mapIndex])
+            {
+                case Keys::LeftButton:      currentModifiers = currentModifiers.withoutFlags (ModifierKeys::leftButtonModifier); break;
+                case Keys::RightButton:     currentModifiers = currentModifiers.withoutFlags (ModifierKeys::rightButtonModifier); break;
+                case Keys::MiddleButton:    currentModifiers = currentModifiers.withoutFlags (ModifierKeys::middleButtonModifier); break;
+                default: break;
+            }
         }
 
         if (dragState->dragging)
@@ -3678,7 +3688,7 @@ private:
 
     Array<Atom> srcMimeTypeAtomList;
 
-    int pointerMap[5];
+    int pointerMap[5] = {};
 
     void initialisePointerMap()
     {
@@ -3730,13 +3740,13 @@ namespace WindowingHelpers
             if (! juce_handleXEmbedEvent (nullptr, &event))
            #endif
             {
-                if (LinuxComponentPeer* const peer = LinuxComponentPeer::getPeerFor (event.xany.window))
+                if (auto* peer = LinuxComponentPeer::getPeerFor (event.xany.window))
                     peer->handleWindowMessage (event);
             }
         }
         else if (event.xany.type == KeymapNotify)
         {
-            const XKeymapEvent& keymapEvent = (const XKeymapEvent&) event.xkeymap;
+            auto& keymapEvent = (const XKeymapEvent&) event.xkeymap;
             memcpy (Keys::keyStates, keymapEvent.key_vector, 32);
         }
     }