Commit: dd689eeda4aad172d0e543f4b7bc44a87ef6e1c5
Author: Jacques Lucke
Date: Mon Oct 18 16:17:56 2021 +0200
Branches: master
https://developer.blender.org/rBdd689eeda4aad172d0e543f4b7bc44a87ef6e1c5
Fix: dangling pointer caused use-after-free
The old code only worked when built-in nodes are only unregistered
at most once while Blender is running. However, this is not the case
when running certain unit tests such as `AbstractHierarchy*`
in `blender_test`.
Found by Sybren, thanks.
===================================================================
M source/blender/blenkernel/intern/node.cc
===================================================================
diff --git a/source/blender/blenkernel/intern/node.cc
b/source/blender/blenkernel/intern/node.cc
index 5a4849f1d05..c5fb9030847 100644
--- a/source/blender/blenkernel/intern/node.cc
+++ b/source/blender/blenkernel/intern/node.cc
@@ -1380,6 +1380,7 @@ static void node_free_type(void *nodetype_v)
}
delete nodetype->fixed_declaration;
+ nodetype->fixed_declaration = nullptr;
/* Can be null when the type is not dynamically allocated. */
if (nodetype->free_self) {
_______________________________________________
Bf-blender-cvs mailing list
[email protected]
List details, subscription details or unsubscribe:
https://lists.blender.org/mailman/listinfo/bf-blender-cvs
