Welcome to mirror list, hosted at ThFree Co, Russian Federation.

git.blender.org/blender.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBastien Montagne <montagne29@wanadoo.fr>2019-08-29 15:49:54 +0300
committerBastien Montagne <montagne29@wanadoo.fr>2019-08-29 15:49:54 +0300
commit7f23c914781268977b464a3c0dcba2f89e01dc36 (patch)
tree75a7e1c73db0b15e7e4310233a57c72695cdcdcc
parent6b33bd1067dc34711e0e076070cfaeaf0e3259a5 (diff)
LibOverride: Fix use-after-free error when freeing whole Main DB.
We do not want to touch to other ID pointers in that case, those might have already been freed...
Diffstat
-rw-r--r--source/blender/blenkernel/BKE_library_override.h4
-rw-r--r--source/blender/blenkernel/intern/library_override.c16
-rw-r--r--source/blender/blenkernel/intern/library_remap.c2
-rw-r--r--source/blender/editors/interface/interface_templates.c2
4 files changed, 13 insertions, 11 deletions
diff --git a/source/blender/blenkernel/BKE_library_override.h b/source/blender/blenkernel/BKE_library_override.h
index 5440b0ebe63..93b2355ce55 100644
--- a/source/blender/blenkernel/BKE_library_override.h
+++ b/source/blender/blenkernel/BKE_library_override.h
@@ -35,8 +35,8 @@ bool BKE_override_library_is_enabled(void);
struct IDOverrideLibrary *BKE_override_library_init(struct ID *local_id, struct ID *reference_id);
void BKE_override_library_copy(struct ID *dst_id, const struct ID *src_id);
-void BKE_override_library_clear(struct IDOverrideLibrary *override);
-void BKE_override_library_free(struct IDOverrideLibrary **override);
+void BKE_override_library_clear(struct IDOverrideLibrary *override, const bool do_id_user);
+void BKE_override_library_free(struct IDOverrideLibrary **override, const bool do_id_user);
struct ID *BKE_override_library_create_from_id(struct Main *bmain, struct ID *reference_id);
bool BKE_override_library_create_from_tag(struct Main *bmain);
diff --git a/source/blender/blenkernel/intern/library_override.c b/source/blender/blenkernel/intern/library_override.c
index ce368575492..ba482359607 100644
--- a/source/blender/blenkernel/intern/library_override.c
+++ b/source/blender/blenkernel/intern/library_override.c
@@ -111,11 +111,11 @@ void BKE_override_library_copy(ID *dst_id, const ID *src_id)
if (dst_id->override_library != NULL) {
if (src_id->override_library == NULL) {
- BKE_override_library_free(&dst_id->override_library);
+ BKE_override_library_free(&dst_id->override_library, true);
return;
}
else {
- BKE_override_library_clear(dst_id->override_library);
+ BKE_override_library_clear(dst_id->override_library, true);
}
}
else if (src_id->override_library == NULL) {
@@ -144,7 +144,7 @@ void BKE_override_library_copy(ID *dst_id, const ID *src_id)
}
/** Clear any overriding data from given \a override. */
-void BKE_override_library_clear(IDOverrideLibrary *override)
+void BKE_override_library_clear(IDOverrideLibrary *override, const bool do_id_user)
{
BLI_assert(override != NULL);
@@ -153,16 +153,18 @@ void BKE_override_library_clear(IDOverrideLibrary *override)
}
BLI_freelistN(&override->properties);
- id_us_min(override->reference);
- /* override->storage should never be refcounted... */
+ if (do_id_user) {
+ id_us_min(override->reference);
+ /* override->storage should never be refcounted... */
+ }
}
/** Free given \a override. */
-void BKE_override_library_free(struct IDOverrideLibrary **override)
+void BKE_override_library_free(struct IDOverrideLibrary **override, const bool do_id_user)
{
BLI_assert(*override != NULL);
- BKE_override_library_clear(*override);
+ BKE_override_library_clear(*override, do_id_user);
MEM_freeN(*override);
*override = NULL;
}
diff --git a/source/blender/blenkernel/intern/library_remap.c b/source/blender/blenkernel/intern/library_remap.c
index 8fe2552c03f..04ea540fac9 100644
--- a/source/blender/blenkernel/intern/library_remap.c
+++ b/source/blender/blenkernel/intern/library_remap.c
@@ -757,7 +757,7 @@ void BKE_libblock_free_data(ID *id, const bool do_id_user)
}
if (id->override_library) {
- BKE_override_library_free(&id->override_library);
+ BKE_override_library_free(&id->override_library, do_id_user);
}
/* XXX TODO remove animdata handling from each type's freeing func,
diff --git a/source/blender/editors/interface/interface_templates.c b/source/blender/editors/interface/interface_templates.c
index fc2c606dfc8..e2f6355e0f5 100644
--- a/source/blender/editors/interface/interface_templates.c
+++ b/source/blender/editors/interface/interface_templates.c
@@ -538,7 +538,7 @@ static void template_id_cb(bContext *C, void *arg_litem, void *arg_event)
break;
case UI_ID_OVERRIDE:
if (id && id->override_library) {
- BKE_override_library_free(&id->override_library);
+ BKE_override_library_free(&id->override_library, true);
/* reassign to get get proper updates/notifiers */
idptr = RNA_property_pointer_get(&template_ui->ptr, template_ui->prop);
RNA_property_pointer_set(&template_ui->ptr, template_ui->prop, idptr, NULL);
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-18 20:32:25 +0300