[Bf-blender-cvs] [071799d4fc4] master: Fix T89265: Crash when tabbing through num inputs
Falk David
noreply at git.blender.org
Wed Jun 23 07:01:01 CEST 2021
Commit: 071799d4fc44f422abacbdad09bb45fb95de89f2
Author: Falk David
Date: Wed Jun 23 14:56:36 2021 +1000
Branches: master
https://developer.blender.org/rB071799d4fc44f422abacbdad09bb45fb95de89f2
Fix T89265: Crash when tabbing through num inputs
Fix by reverting the part of ec30cf0b742f5181c4de91b474ca01d6a809c593
that assigned `but->editval` in `ui_numedit_begin_set_values`.
Causing access freed memory when using tab to switch
to a numeric input and then leaving the textbox by clicking outside.
This was because `ui_numedit_begin_set_values` shouldn't need to set
`but->editval` and overwrite the pointer.
This would set a pointer that had previously been freed,
causing a `NULL` check to fail later on.
Ref D11679
===================================================================
M source/blender/editors/interface/interface_handlers.c
===================================================================
diff --git a/source/blender/editors/interface/interface_handlers.c b/source/blender/editors/interface/interface_handlers.c
index a5b7f3820fc..1c55ce0f348 100644
--- a/source/blender/editors/interface/interface_handlers.c
+++ b/source/blender/editors/interface/interface_handlers.c
@@ -3906,7 +3906,6 @@ static void ui_numedit_begin_set_values(uiBut *but, uiHandleButtonData *data)
data->startvalue = ui_but_value_get(but);
data->origvalue = data->startvalue;
data->value = data->origvalue;
- but->editval = &data->value;
}
static void ui_numedit_begin(uiBut *but, uiHandleButtonData *data)
@@ -3935,6 +3934,7 @@ static void ui_numedit_begin(uiBut *but, uiHandleButtonData *data)
}
else {
ui_numedit_begin_set_values(but, data);
+ but->editval = &data->value;
float softmin = but->softmin;
float softmax = but->softmax;
More information about the Bf-blender-cvs
mailing list