From 517768074b5ceff3dfd4ad178a643491c893d3b2 Mon Sep 17 00:00:00 2001
From: Jacques Lucke <jacques@blender.org>
Date: Tue, 28 Jan 2025 11:06:37 +0100
Subject: [PATCH] Fix #133693: use-after-free in screw modifier

The mesh was tagged as changed after it has been freed.
It's freed in the call to `mesh_remove_doubles_on_axis`.
---
 source/blender/modifiers/intern/MOD_screw.cc | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/source/blender/modifiers/intern/MOD_screw.cc b/source/blender/modifiers/intern/MOD_screw.cc
index 79ddf95e822..c0671a2b6a8 100644
--- a/source/blender/modifiers/intern/MOD_screw.cc
+++ b/source/blender/modifiers/intern/MOD_screw.cc
@@ -1021,6 +1021,7 @@ static Mesh *modify_mesh(ModifierData *md, const ModifierEvalContext *ctx, Mesh
 #endif
 
   sharp_faces.finish();
+  dst_material_index.finish();
 
   if (edge_face_map) {
     MEM_freeN(edge_face_map);
@@ -1040,8 +1041,6 @@ static Mesh *modify_mesh(ModifierData *md, const ModifierEvalContext *ctx, Mesh
                                          ltmd->merge_dist);
   }
 
-  dst_material_index.finish();
-
   return result;
 }