Commit: ebb49ddd834cba2ea59f375e4866890ece57eae5 Author: Falk David Date: Wed Mar 30 11:41:27 2022 +0200 Branches: master https://developer.blender.org/rBebb49ddd834cba2ea59f375e4866890ece57eae5
GPencil: Fix double-free issue in update cache When a `GPencilUpdateCacheNode` is created, it always allocates the `children` pointer. This should not be freed until the whole cache is deleted. The `cache_node_update` would free the `children` pointer in a specific case, causing a double-free later when the cache was removed. =================================================================== M source/blender/blenkernel/intern/gpencil_update_cache.c =================================================================== diff --git a/source/blender/blenkernel/intern/gpencil_update_cache.c b/source/blender/blenkernel/intern/gpencil_update_cache.c index bbe576eb847..9113f2e2ab9 100644 --- a/source/blender/blenkernel/intern/gpencil_update_cache.c +++ b/source/blender/blenkernel/intern/gpencil_update_cache.c @@ -51,10 +51,8 @@ static void cache_node_free(void *node); static void update_cache_free(GPencilUpdateCache *cache) { - if (cache->children != NULL) { - BLI_dlrbTree_free(cache->children, cache_node_free); - MEM_freeN(cache->children); - } + BLI_dlrbTree_free(cache->children, cache_node_free); + MEM_SAFE_FREE(cache->children); MEM_freeN(cache); } @@ -83,9 +81,8 @@ static void cache_node_update(void *node, void *data) /* In case the new cache does a full update, remove its children since they will be all * updated by this cache. */ - if (new_update_cache->flag == GP_UPDATE_NODE_FULL_COPY && update_cache->children != NULL) { + if (new_update_cache->flag == GP_UPDATE_NODE_FULL_COPY) { BLI_dlrbTree_free(update_cache->children, cache_node_free); - MEM_freeN(update_cache->children); } update_cache_free(new_update_cache); _______________________________________________ Bf-blender-cvs mailing list Bf-blender-cvs@blender.org List details, subscription details or unsubscribe: https://lists.blender.org/mailman/listinfo/bf-blender-cvs