[Bf-blender-cvs] [7afd84df409] master: Fix possible use-after-free on error handling during VR view drawing
Julian Eisel
noreply at git.blender.org
Tue Dec 14 20:14:28 CET 2021
Commit: 7afd84df409ac40bc92faaa74181fa13015fe781
Author: Julian Eisel
Date: Tue Dec 14 20:10:05 2021 +0100
Branches: master
https://developer.blender.org/rB7afd84df409ac40bc92faaa74181fa13015fe781
Fix possible use-after-free on error handling during VR view drawing
Whenever an exception happens in VR session code, we cancel the entire
session. Alongside that, we removed the "surface" item used to draw into
an offscreen context. But this may still be stored as active surface,
leading to a use-after-free when deactivating this active surface, for
example.
===================================================================
M source/blender/windowmanager/intern/wm_surface.c
===================================================================
diff --git a/source/blender/windowmanager/intern/wm_surface.c b/source/blender/windowmanager/intern/wm_surface.c
index 72b68788e79..39bff205cbd 100644
--- a/source/blender/windowmanager/intern/wm_surface.c
+++ b/source/blender/windowmanager/intern/wm_surface.c
@@ -119,6 +119,9 @@ void wm_surface_add(wmSurface *surface)
void wm_surface_remove(wmSurface *surface)
{
+ if (surface == g_drawable) {
+ wm_surface_clear_drawable();
+ }
BLI_remlink(&global_surface_list, surface);
surface->free_data(surface);
MEM_freeN(surface);
More information about the Bf-blender-cvs
mailing list