Fix: Buffer overflow in StudioLight

sl->light_ambient is a float[3], copy_v4_fl4 overwrites sl->free_function with a bogus pointer on 32 bit.
author: Ray Molenkamp <github@lazydodo.com> 2019-03-31 22:45:13 +0300
committer: Ray Molenkamp <github@lazydodo.com> 2019-03-31 22:45:26 +0300
commit: a41008964c76014246417b045bd543a44397b3ca (patch)
tree: a0d4fc544447eb33daeb2f89880230f069bedc55 /source/blender/blenkernel/intern/studiolight.c
parent: a4869df4c9d27279b44171d12cdece8989aaf255 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/source/blender/blenkernel/intern/studiolight.c b/source/blender/blenkernel/intern/studiolight.c
index 7fe21053794..38975f9a227 100644
--- a/source/blender/blenkernel/intern/studiolight.c
+++ b/source/blender/blenkernel/intern/studiolight.c
@@ -1184,7 +1184,7 @@ void BKE_studiolight_init(void)
 	        STUDIOLIGHT_INTERNAL | STUDIOLIGHT_SPHERICAL_HARMONICS_COEFFICIENTS_CALCULATED | STUDIOLIGHT_TYPE_STUDIO);
 	BLI_strncpy(sl->name, "Default", FILE_MAXFILE);
 
-	copy_v4_fl4(sl->light_ambient, 0.025000, 0.025000, 0.025000, 1.000000);
+	copy_v3_fl3(sl->light_ambient, 0.025000, 0.025000, 0.025000);
 
 	copy_v4_fl4(sl->light[0].vec, -0.580952, 0.228571, 0.781185, 0.0);
 	copy_v4_fl4(sl->light[0].col, 0.900000, 0.900000, 0.900000, 1.000000);
author	Ray Molenkamp <github@lazydodo.com>	2019-03-31 22:45:13 +0300
committer	Ray Molenkamp <github@lazydodo.com>	2019-03-31 22:45:26 +0300
commit	a41008964c76014246417b045bd543a44397b3ca (patch)
tree	a0d4fc544447eb33daeb2f89880230f069bedc55 /source/blender/blenkernel/intern/studiolight.c
parent	a4869df4c9d27279b44171d12cdece8989aaf255 (diff)