diff options
author | Bastien Montagne <montagne29@wanadoo.fr> | 2015-06-03 17:42:08 +0300 |
---|---|---|
committer | Bastien Montagne <montagne29@wanadoo.fr> | 2015-06-03 17:42:08 +0300 |
commit | e4ab526ad186973455da72a9a27959c16ebd470e (patch) | |
tree | f222640ec5b790c6f0f5ad7e40c37f85def66631 | |
parent | b9c563061cbb645064d1b27fafd3f421ca49297b (diff) |
Make reading previews from .blend file more robust.
Hit a case here where rect pointer was not NULL, when h & w were both zero...
Shall not happen, but better not crash on such cases!
-rw-r--r-- | source/blender/blenloader/intern/readblenentry.c | 24 |
1 files changed, 18 insertions, 6 deletions
diff --git a/source/blender/blenloader/intern/readblenentry.c b/source/blender/blenloader/intern/readblenentry.c index 95440158277..20ec27a1f4b 100644 --- a/source/blender/blenloader/intern/readblenentry.c +++ b/source/blender/blenloader/intern/readblenentry.c @@ -176,26 +176,38 @@ LinkNode *BLO_blendhandle_get_previews(BlendHandle *bh, int ofblocktype, int *to prv = BLO_library_read_struct(fd, bhead, "PreviewImage"); if (prv) { memcpy(new_prv, prv, sizeof(PreviewImage)); - if (prv->rect[0]) { + if (prv->rect[0] && prv->w[0] && prv->h[0]) { unsigned int *rect = NULL; - new_prv->rect[0] = MEM_callocN(new_prv->w[0] * new_prv->h[0] * sizeof(unsigned int), "prvrect"); + size_t len = new_prv->w[0] * new_prv->h[0] * sizeof(unsigned int); + new_prv->rect[0] = MEM_callocN(len, __func__); bhead = blo_nextbhead(fd, bhead); rect = (unsigned int *)(bhead + 1); - memcpy(new_prv->rect[0], rect, bhead->len); + BLI_assert(len == bhead->len); + memcpy(new_prv->rect[0], rect, len); } else { + /* This should not be needed, but can happen in 'broken' .blend files, + * better handle this gracefully than crashing. */ + BLI_assert(prv->rect[0] == NULL && prv->w[0] == 0 && prv->h[0] == 0); new_prv->rect[0] = NULL; + new_prv->w[0] = new_prv->h[0] = 0; } - if (prv->rect[1]) { + if (prv->rect[1] && prv->w[1] && prv->h[1]) { unsigned int *rect = NULL; - new_prv->rect[1] = MEM_callocN(new_prv->w[1] * new_prv->h[1] * sizeof(unsigned int), "prvrect"); + size_t len = new_prv->w[1] * new_prv->h[1] * sizeof(unsigned int); + new_prv->rect[1] = MEM_callocN(len, __func__); bhead = blo_nextbhead(fd, bhead); rect = (unsigned int *)(bhead + 1); - memcpy(new_prv->rect[1], rect, bhead->len); + BLI_assert(len == bhead->len); + memcpy(new_prv->rect[1], rect, len); } else { + /* This should not be needed, but can happen in 'broken' .blend files, + * better handle this gracefully than crashing. */ + BLI_assert(prv->rect[1] == NULL && prv->w[1] == 0 && prv->h[1] == 0); new_prv->rect[1] = NULL; + new_prv->w[1] = new_prv->h[1] = 0; } MEM_freeN(prv); } |