From baae87ce86dc502e2ac28ffb241deba891cdcec1 Mon Sep 17 00:00:00 2001 From: Hans Goudey Date: Fri, 29 Apr 2022 09:19:52 -0500 Subject: Fix: Incorrect custom data maxlayers in rare files For a single day in 2015 between rBff3d535bc2a6309 and rB945f32e66d6ada, custom data structs could be written with an incorrect maxlayer field. This means that custom data structs read from those files would think they have more space to add new layers than they actually did, causing a crash if more layers were added. This was found while investigating a crash from D14365 which adds new face corner layers in versioning. The fix is to reset all maxlayer integers to totlayer, which is done when writing files in current Blender anyway. The file tests/render/motion_blur/camera_zoom_blur_perspective.blend has this problem as it was added on 2015-07-21, right between the two commits. Adding three custom data layers in versioning code would crash. The problem was originally found and investigated by Martijn Versteegh (@Baardaap), thanks! Differential Revision: https://developer.blender.org/D14786 --- source/blender/blenkernel/intern/customdata.cc | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source') diff --git a/source/blender/blenkernel/intern/customdata.cc b/source/blender/blenkernel/intern/customdata.cc index a5138856d53..62351a31042 100644 --- a/source/blender/blenkernel/intern/customdata.cc +++ b/source/blender/blenkernel/intern/customdata.cc @@ -5328,6 +5328,11 @@ void CustomData_blend_read(BlendDataReader *reader, CustomData *data, int count) } } + /* Ensure allocated size is set to the size of the read array. While this should always be the + * case (see #CustomData_blend_write_prepare), there can be some corruption in rare cases (e.g. + * files saved between ff3d535bc2a63092 and 945f32e66d6ada2a). */ + data->maxlayer = data->totlayer; + CustomData_update_typemap(data); } -- cgit v1.2.3