Fix T71260: GPencil: Blender crashes after Malloc returns null while drawing a line
AbandonedPublic
Actions

Authored by Germano Cavalcante (mano-wii) on Nov 2 2019, 12:24 AM.

Details

Reviewers

Antonio Vazquez (antoniov)

Maniphest Tasks

T71260: GPencil: Blender crashes after Malloc returns null while drawing a line when use lot of points

Summary

Two reasons caused the crash.

The buffer pointer is referenced first, then the buffer is reallocated and the original pointer is reused.
gpd->runtime.sbuffer_size is a short and can be clamped to negative values.

I solved these two reasons and added a NULL check for more safeness.
Ref T71260

Diff Detail

Repository

rB Blender

Branch

master

Build Status

Buildable 5529
Build 5529: arc lint + arc unit

Event Timeline

Germano Cavalcante (mano-wii) created this revision.Nov 2 2019, 12:24 AM

Harbormaster completed remote builds in B5529: Diff 19336.Nov 2 2019, 12:24 AM

Germano Cavalcante (mano-wii) edited the summary of this revision. (Show Details)Nov 2 2019, 12:24 AM

Germano Cavalcante (mano-wii) added a task: T71260: GPencil: Blender crashes after Malloc returns null while drawing a line when use lot of points.

@Germano Cavalcante (mano-wii) I think we did the same fix at the same time... make any change to my commit if you think is required.... we don't need unsigned int, the limit is so high that is impossible get that value (other areas of Blender would crash before of that).

I's ok, good to know that has been fixed ;)