[Bf-blender-cvs] [1504ed99e6d] master: Fix use after free in interface handler
Hans Goudey
noreply at git.blender.org
Tue Oct 27 19:44:54 CET 2020
Commit: 1504ed99e6dd90490b727a0b5114106ac816e85f
Author: Hans Goudey
Date: Tue Oct 27 13:44:47 2020 -0500
Branches: master
https://developer.blender.org/rB1504ed99e6dd90490b727a0b5114106ac816e85f
Fix use after free in interface handler
ASAN reported a use after free in after rB15d78ea85b602c. This commit
removed a reassignment of the `data` variable here that was actually
required because it may have been freed earlier in the function. This
sort of error would be avoided if the same variable wasn't reused for
different purposes.
===================================================================
M source/blender/editors/interface/interface_handlers.c
===================================================================
diff --git a/source/blender/editors/interface/interface_handlers.c b/source/blender/editors/interface/interface_handlers.c
index b77f8bf3b63..4451199bb7c 100644
--- a/source/blender/editors/interface/interface_handlers.c
+++ b/source/blender/editors/interface/interface_handlers.c
@@ -7693,6 +7693,7 @@ static int ui_do_button(bContext *C, uiBlock *block, uiBut *but, const wmEvent *
}
#ifdef USE_DRAG_MULTINUM
+ data = but->active;
if (data) {
if (ELEM(event->type, MOUSEMOVE, INBETWEEN_MOUSEMOVE) ||
/* if we started dragging, progress on any event */
More information about the Bf-blender-cvs
mailing list