From d003a083027bb63f9d79a98cfb173f45318535c8 Mon Sep 17 00:00:00 2001 From: Sergey Sharybin Date: Thu, 23 May 2013 18:19:50 +0000 Subject: Fix stack corruptions in special cases Issue was caused by wrong array length used for result of name_uiprefix_id, which shall actually be 1 byte bugger than MAX_ID_NAME. Reported by Sebastian Koenig in IRC. --- source/blender/editors/interface/interface_layout.c | 1 + source/blender/editors/interface/interface_templates.c | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-) (limited to 'source') diff --git a/source/blender/editors/interface/interface_layout.c b/source/blender/editors/interface/interface_layout.c index 184477ab38f..7522273f562 100644 --- a/source/blender/editors/interface/interface_layout.c +++ b/source/blender/editors/interface/interface_layout.c @@ -1357,6 +1357,7 @@ static void rna_search_cb(const struct bContext *C, void *arg_but, const char *s char name_ui[MAX_ID_NAME]; #if 0 /* this name is used for a string comparison and can't be modified, TODO */ + /* if ever enabled, make name_ui be MAX_ID_NAME+1 */ name_uiprefix_id(name_ui, id); #else BLI_strncpy(name_ui, id->name + 2, sizeof(name_ui)); diff --git a/source/blender/editors/interface/interface_templates.c b/source/blender/editors/interface/interface_templates.c index b87c067a1ab..f07b31eff17 100644 --- a/source/blender/editors/interface/interface_templates.c +++ b/source/blender/editors/interface/interface_templates.c @@ -151,7 +151,10 @@ static void id_search_cb(const bContext *C, void *arg_template, const char *str, continue; if (BLI_strcasestr(id->name + 2, str)) { - char name_ui[MAX_ID_NAME]; + /* +1 is needed because name_uiprefix_id used 3 letter prefix + * followed by ID_NAME-2 characters from id->name + */ + char name_ui[MAX_ID_NAME + 1]; name_uiprefix_id(name_ui, id); iconid = ui_id_icon_get((bContext *)C, id, template->preview); -- cgit v1.2.3