[Bf-blender-cvs] [05715eaea14] master: Fix: Use after free when removing attribute on instances

[Hans Goudey]

Commit: 05715eaea144b3812c2a788e5ef413a5aa601a06
Author: Hans Goudey
Date:   Thu Apr 14 13:04:16 2022 -0500
Branches: master
https://developer.blender.org/rB05715eaea144b3812c2a788e5ef413a5aa601a06

Fix: Use after free when removing attribute on instances

Assume that only one layer matches the id and return instead
of continuing to iterate over attributes after the layers have
been potentially reallocated.

===================================================================

M	source/blender/blenkernel/intern/attribute_access.cc

===================================================================

diff --git a/source/blender/blenkernel/intern/attribute_access.cc b/source/blender/blenkernel/intern/attribute_access.cc
index d0420b4170a..0ae9fa4356b 100644
--- a/source/blender/blenkernel/intern/attribute_access.cc
+++ b/source/blender/blenkernel/intern/attribute_access.cc
@@ -746,15 +746,14 @@ bool CustomDataAttributes::create_by_move(const AttributeIDRef &attribute_id,
 
 bool CustomDataAttributes::remove(const AttributeIDRef &attribute_id)
 {
-  bool result = false;
   for (const int i : IndexRange(data.totlayer)) {
     const CustomDataLayer &layer = data.layers[i];
     if (custom_data_layer_matches_attribute_id(layer, attribute_id)) {
       CustomData_free_layer(&data, layer.type, size_, i);
-      result = true;
+      return true;
     }
   }
-  return result;
+  return false;
 }
 
 void CustomDataAttributes::reallocate(const int size)