[Bf-blender-cvs] SVN commit: /data/svn/bf-blender [50583] trunk/blender/source/blender: fix for out-of-bounds checks for fcurve modifier and poselib, also check for NULL members of avi structure ( since they are checked for NULL later.)

Campbell Barton ideasman42 at gmail.com
Fri Sep 14 08:15:46 CEST 2012


Revision: 50583
          http://projects.blender.org/scm/viewvc.php?view=rev&root=bf-blender&revision=50583
Author:   campbellbarton
Date:     2012-09-14 06:15:46 +0000 (Fri, 14 Sep 2012)
Log Message:
-----------
fix for out-of-bounds checks for fcurve modifier and poselib, also check for NULL members of avi structure (since they are checked for NULL later.)

Modified Paths:
--------------
    trunk/blender/source/blender/avi/intern/avi.c
    trunk/blender/source/blender/blenkernel/intern/fmodifier.c
    trunk/blender/source/blender/editors/armature/poselib.c

Modified: trunk/blender/source/blender/avi/intern/avi.c
===================================================================
--- trunk/blender/source/blender/avi/intern/avi.c	2012-09-14 05:44:47 UTC (rev 50582)
+++ trunk/blender/source/blender/avi/intern/avi.c	2012-09-14 06:15:46 UTC (rev 50583)
@@ -734,9 +734,10 @@
 
 	fclose(movie->fp);
 
-	for (i = 0; i < movie->header->Streams; i++) {
-		if (movie->streams[i].sf != NULL)
+	for (i = 0; movie->header && (i < movie->header->Streams); i++) {
+		if (movie->streams && (movie->streams[i].sf != NULL)) {
 			MEM_freeN(movie->streams[i].sf);
+		}
 	}
 
 	if (movie->header != NULL)
@@ -1081,9 +1082,10 @@
 
 	fclose(movie->fp);
 
-	for (i = 0; i < movie->header->Streams; i++) {
-		if (movie->streams[i].sf != NULL)
+	for (i = 0; movie->header && (i < movie->header->Streams); i++) {
+		if (movie->streams && (movie->streams[i].sf != NULL)) {
 			MEM_freeN(movie->streams[i].sf);
+		}
 	}
 	if (movie->header != NULL)
 		MEM_freeN(movie->header);

Modified: trunk/blender/source/blender/blenkernel/intern/fmodifier.c
===================================================================
--- trunk/blender/source/blender/blenkernel/intern/fmodifier.c	2012-09-14 05:44:47 UTC (rev 50582)
+++ trunk/blender/source/blender/blenkernel/intern/fmodifier.c	2012-09-14 06:15:46 UTC (rev 50583)
@@ -965,8 +965,8 @@
 	}
 	
 	/* only return for valid types */
-	if ( (type >= FMODIFIER_TYPE_NULL) && 
-	     (type <= FMODIFIER_NUM_TYPES) )
+	if ((type >= FMODIFIER_TYPE_NULL) &&
+	    (type <  FMODIFIER_NUM_TYPES))
 	{
 		/* there shouldn't be any segfaults here... */
 		return fmodifiersTypeInfo[type];

Modified: trunk/blender/source/blender/editors/armature/poselib.c
===================================================================
--- trunk/blender/source/blender/editors/armature/poselib.c	2012-09-14 05:44:47 UTC (rev 50582)
+++ trunk/blender/source/blender/editors/armature/poselib.c	2012-09-14 06:15:46 UTC (rev 50583)
@@ -1006,7 +1006,7 @@
 			/* get search-string */
 			index = pld->search_cursor;
 			
-			if (index >= 0 && index <= sizeof(tempstr) - 1) {
+			if (index >= 0 && index < sizeof(tempstr) - 1) {
 				memcpy(&tempstr[0], &pld->searchstr[0], index);
 				tempstr[index] = '|';
 				memcpy(&tempstr[index + 1], &pld->searchstr[index], (sizeof(tempstr) - 1) - index);




More information about the Bf-blender-cvs mailing list