From 151eed752b01970fdd3cbf69405211b310b80f74 Mon Sep 17 00:00:00 2001 From: Peter Kim Date: Fri, 6 Aug 2021 17:55:00 +0900 Subject: Fix invalid XR action map indices after alloc Although the relevant structs (wmXrRuntime/XrActionMap/ XrActionMapItem) are zero-allocated, the selected and active action map indices need to be initialized to -1 to prevent potential out-of-bounds list access. --- source/blender/windowmanager/xr/intern/wm_xr.c | 1 + source/blender/windowmanager/xr/intern/wm_xr_actionmap.c | 2 ++ 2 files changed, 3 insertions(+) (limited to 'source') diff --git a/source/blender/windowmanager/xr/intern/wm_xr.c b/source/blender/windowmanager/xr/intern/wm_xr.c index 716a0936a24..3091a3a19f1 100644 --- a/source/blender/windowmanager/xr/intern/wm_xr.c +++ b/source/blender/windowmanager/xr/intern/wm_xr.c @@ -149,6 +149,7 @@ bool wm_xr_events_handle(wmWindowManager *wm) wmXrRuntimeData *wm_xr_runtime_data_create(void) { wmXrRuntimeData *runtime = MEM_callocN(sizeof(*runtime), __func__); + runtime->actactionmap = runtime->selactionmap = -1; return runtime; } diff --git a/source/blender/windowmanager/xr/intern/wm_xr_actionmap.c b/source/blender/windowmanager/xr/intern/wm_xr_actionmap.c index 7673f2aa212..f9ad34b5a9b 100644 --- a/source/blender/windowmanager/xr/intern/wm_xr_actionmap.c +++ b/source/blender/windowmanager/xr/intern/wm_xr_actionmap.c @@ -256,6 +256,7 @@ XrActionMapItem *WM_xr_actionmap_item_new(XrActionMap *actionmap, if (ami_prev) { WM_xr_actionmap_item_ensure_unique(actionmap, ami); } + ami->selbinding = -1; BLI_addtail(&actionmap->items, ami); @@ -398,6 +399,7 @@ XrActionMap *WM_xr_actionmap_new(wmXrRuntimeData *runtime, const char *name, boo if (am_prev) { WM_xr_actionmap_ensure_unique(runtime, am); } + am->selitem = -1; BLI_addtail(&runtime->actionmaps, am); -- cgit v1.2.3