diff options
| author | Martijn Versteegh <Baardaap> | 2021-11-11 18:25:10 +0300 |
|---|---|---|
| committer | Hans Goudey <h.goudey@me.com> | 2021-11-11 18:25:10 +0300 |
| commit | 7aa39b40f40c2b037f97e009eabf8d4698c41ee4 (patch) | |
| tree | 1da38dfe15f714c4eeb060100a9944f81014b1d2 | |
| parent | d26d3cfe193793728cac77be9b44463a84a0f57e (diff) | |
Fix: Prevent use of uninitialized memory when creating Bezier spline
When Constructing bezier splines from dna, the positions of the
left/right handles were set directly in the internal vectors, by
requesting a reference to them. The problem is that
BezierSpline::handle_positions_left() calls ensure_auto_handles()
before returning the reference. That function does some calculations on
uninitialized memory if the positions array is not yet filled.
Differential Revision: https://developer.blender.org/D13107
| -rw-r--r-- | source/blender/blenkernel/BKE_spline.hh | 16 | ||||
| -rw-r--r-- | source/blender/blenkernel/intern/curve_eval.cc | 4 | ||||
| -rw-r--r-- | source/blender/blenkernel/intern/spline_bezier.cc | 13 |
3 files changed, 25 insertions, 8 deletions
diff --git a/source/blender/blenkernel/BKE_spline.hh b/source/blender/blenkernel/BKE_spline.hh index 8509b730709..55a4f6ffcfd 100644 --- a/source/blender/blenkernel/BKE_spline.hh +++ b/source/blender/blenkernel/BKE_spline.hh @@ -306,11 +306,23 @@ class BezierSpline final : public Spline { blender::Span<HandleType> handle_types_left() const; blender::MutableSpan<HandleType> handle_types_left(); blender::Span<blender::float3> handle_positions_left() const; - blender::MutableSpan<blender::float3> handle_positions_left(); + /** + * Get writable access to the hande position. + * + * \param write_only: pass true for an uninitialized spline, this prevents accessing + * uninitialized memory while autogenerating handles. + */ + blender::MutableSpan<blender::float3> handle_positions_left(bool write_only = false); blender::Span<HandleType> handle_types_right() const; blender::MutableSpan<HandleType> handle_types_right(); blender::Span<blender::float3> handle_positions_right() const; - blender::MutableSpan<blender::float3> handle_positions_right(); + /** + * Get writable access to the hande position. + * + * \param write_only: pass true for an uninitialized spline, this prevents accessing + * uninitialized memory while autogenerating handles. + */ + blender::MutableSpan<blender::float3> handle_positions_right(bool write_only = false); void ensure_auto_handles() const; void translate(const blender::float3 &translation) override; diff --git a/source/blender/blenkernel/intern/curve_eval.cc b/source/blender/blenkernel/intern/curve_eval.cc index bb745d5b20d..ff0478f2543 100644 --- a/source/blender/blenkernel/intern/curve_eval.cc +++ b/source/blender/blenkernel/intern/curve_eval.cc @@ -225,8 +225,8 @@ static SplinePtr spline_from_dna_bezier(const Nurb &nurb) Span<const BezTriple> src_points{nurb.bezt, nurb.pntsu}; spline->resize(src_points.size()); MutableSpan<float3> positions = spline->positions(); - MutableSpan<float3> handle_positions_left = spline->handle_positions_left(); - MutableSpan<float3> handle_positions_right = spline->handle_positions_right(); + MutableSpan<float3> handle_positions_left = spline->handle_positions_left(true); + MutableSpan<float3> handle_positions_right = spline->handle_positions_right(true); MutableSpan<BezierSpline::HandleType> handle_types_left = spline->handle_types_left(); MutableSpan<BezierSpline::HandleType> handle_types_right = spline->handle_types_right(); MutableSpan<float> radii = spline->radii(); diff --git a/source/blender/blenkernel/intern/spline_bezier.cc b/source/blender/blenkernel/intern/spline_bezier.cc index e760bf3495e..166fe0f5464 100644 --- a/source/blender/blenkernel/intern/spline_bezier.cc +++ b/source/blender/blenkernel/intern/spline_bezier.cc @@ -142,11 +142,14 @@ Span<float3> BezierSpline::handle_positions_left() const this->ensure_auto_handles(); return handle_positions_left_; } -MutableSpan<float3> BezierSpline::handle_positions_left() +MutableSpan<float3> BezierSpline::handle_positions_left(const bool write_only) { - this->ensure_auto_handles(); + if (!write_only) { + this->ensure_auto_handles(); + } return handle_positions_left_; } + Span<BezierSpline::HandleType> BezierSpline::handle_types_right() const { return handle_types_right_; @@ -160,9 +163,11 @@ Span<float3> BezierSpline::handle_positions_right() const this->ensure_auto_handles(); return handle_positions_right_; } -MutableSpan<float3> BezierSpline::handle_positions_right() +MutableSpan<float3> BezierSpline::handle_positions_right(const bool write_only) { - this->ensure_auto_handles(); + if (!write_only) { + this->ensure_auto_handles(); + } return handle_positions_right_; } |