griefith/test
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Fix T37712: Point cache index lookup crashed with 0 points stored.

Browse Source 
The BKE_ptcache_mem_index_find is using unsigned ints for binary search
"high" values - but this leads to integer overflow if the totpoint
number is 0 and causes invalid array access.
This commit is contained in:
Lukas Tönne
2013-12-09 11:02:41 +01:00
parent 5245900dde
commit 793b73edc2
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
source/blender/blenkernel/intern/pointcache.c
View File

@@ -1769,7 +1769,7 @@ static void ptcache_file_pointers_init(PTCacheFile *pf)
/* Check to see if point number "index" is in pm, uses binary search for index data. */
int BKE_ptcache_mem_index_find(PTCacheMem *pm, unsigned int index)
{
if (pm->data[BPHYS_DATA_INDEX]) {
if (pm->totpoint > 0 && pm->data[BPHYS_DATA_INDEX]) {
unsigned int *data = pm->data[BPHYS_DATA_INDEX];
unsigned int mid, low = 0, high = pm->totpoint - 1;