Hi, If RN_DATA::Add is called with a BOARD_ITEM* aItem where aItem->IsConnected() fails (and it's not a module or netinfo item), the index into the vector is uninitialised, which could segfault the vector access.
The attached patch initialises it to the ORPHANED value, and then makes sure it's been set to something valid so the vector can be safely indexed. I also added an assert to document that all paths (i.e. first if statement) must correctly lengthen the vector if needed. Cheers, John
From 5f2a8bcfdc3e5e7a9c99545491ba73592ec834b6 Mon Sep 17 00:00:00 2001 From: John Beard <[email protected]> Date: Fri, 23 Sep 2016 22:16:31 +0800 Subject: [PATCH] Protect against uninitialised netcodes when adding to RN_DATA --- pcbnew/ratsnest_data.cpp | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/pcbnew/ratsnest_data.cpp b/pcbnew/ratsnest_data.cpp index 96783c6..be19548 100644 --- a/pcbnew/ratsnest_data.cpp +++ b/pcbnew/ratsnest_data.cpp @@ -1069,7 +1069,7 @@ void RN_NET::processPads() bool RN_DATA::Add( const BOARD_ITEM* aItem ) { - int net; + int net = NETINFO_LIST::ORPHANED; if( aItem->IsConnected() ) { @@ -1112,6 +1112,12 @@ bool RN_DATA::Add( const BOARD_ITEM* aItem ) return true; } + if( net == NETINFO_LIST::ORPHANED ) + return false; + + // If the netcode is set, it should be valid for indexing into vector + assert( net < (int) m_nets.size() ); + switch( aItem->Type() ) { case PCB_PAD_T: -- 2.9.3
_______________________________________________ Mailing list: https://launchpad.net/~kicad-developers Post to : [email protected] Unsubscribe : https://launchpad.net/~kicad-developers More help : https://help.launchpad.net/ListHelp
