Fixed an out of bounds read error.

2021-04-02 13:42:29 -07:00 · 2021-04-02 13:42:29 -07:00 · 33af94dc46
parent 8ea624aeaf
commit 33af94dc46
5 changed files with 25 additions and 9 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -572,6 +572,12 @@ if(CMAKE_COMPILER_IS_GNUCC OR CMAKE_C_COMPILER_ID MATCHES "Clang")
        [HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\LLVM\\LLVM;]/lib/clang/7.0.0/lib/windows
        [HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\LLVM\\LLVM;]/lib/clang/6.0.0/lib/windows
      )
+        find_library(
+          COMPILER_ASAN_LIBRARY_THUNK NAMES clang_rt.asan_dll_thunk-x86_64
+        PATHS
+        [HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\LLVM\\LLVM;]/lib/clang/7.0.0/lib/windows
+        [HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\LLVM\\LLVM;]/lib/clang/6.0.0/lib/windows
+      )
    elseif(APPLE)
      execute_process(COMMAND ${CMAKE_CXX_COMPILER}
        -print-file-name=lib
@ -592,6 +598,7 @@ if(CMAKE_COMPILER_IS_GNUCC OR CMAKE_C_COMPILER_ID MATCHES "Clang")
      )
    endif()

+    mark_as_advanced(COMPILER_ASAN_LIBRARY_THUNK)
    mark_as_advanced(COMPILER_ASAN_LIBRARY)
  endif()
 endif()
@ -907,9 +914,9 @@ if(NOT CMAKE_BUILD_TYPE MATCHES "Release")
      unset(_list_COMPILER_ASAN_CFLAGS)
      unset(_is_CONFIG_DEBUG)
    elseif(COMPILER_ASAN_LIBRARY)
-      set(PLATFORM_LINKLIBS "${PLATFORM_LINKLIBS};${COMPILER_ASAN_LIBRARY}")
-      set(PLATFORM_LINKFLAGS "${COMPILER_ASAN_LIBRARY} ${COMPILER_ASAN_LINKER_FLAGS}")
-      set(PLATFORM_LINKFLAGS_DEBUG "${COMPILER_ASAN_LIBRARY} ${COMPILER_ASAN_LINKER_FLAGS}")
+      set(PLATFORM_LINKLIBS "${PLATFORM_LINKLIBS};\"${COMPILER_ASAN_LIBRARY}\" \"${COMPILER_ASAN_LIBRARY_THUNK}\"")
+      set(PLATFORM_LINKFLAGS "\"${COMPILER_ASAN_LIBRARY}\" \"${COMPILER_ASAN_LIBRARY_THUNK}\" ${COMPILER_ASAN_LINKER_FLAGS}")
+      set(PLATFORM_LINKFLAGS_DEBUG "\"${COMPILER_ASAN_LIBRARY}\" \"${COMPILER_ASAN_LIBRARY_THUNK}\" ${COMPILER_ASAN_LINKER_FLAGS}")
    endif()
  endif()
 endif()
--- a/source/blender/blenkernel/intern/pbvh_bmesh.c
+++ b/source/blender/blenkernel/intern/pbvh_bmesh.c
@ -3590,6 +3590,10 @@ static void BKE_pbvh_bmesh_corect_tree(PBVH *pbvh, PBVHNode *node, PBVHNode *par

 static void pbvh_bmesh_join_nodes(PBVH *bvh)
 {
+  if (bvh->totnode < 2) {
+    return;
+  }
+
  pbvh_count_subtree_verts(bvh, bvh->nodes);
  BKE_pbvh_bmesh_corect_tree(bvh, bvh->nodes, NULL);

@ -3692,6 +3696,11 @@ static void pbvh_bmesh_join_nodes(PBVH *bvh)
  j = 0;
  for (int i = 0; i < bvh->totnode; i++) {
    if (!(bvh->nodes[i].flag & PBVH_Delete)) {
+      if (bvh->nodes[i].children_offset >= bvh->totnode-1) {
+        printf("error %i %i\n", i, bvh->nodes[i].children_offset);
+        continue;
+      }
+
      int i1 = map[bvh->nodes[i].children_offset];
      int i2 = map[bvh->nodes[i].children_offset + 1];

--- a/source/blender/bmesh/intern/bmesh_mesh_convert.c
+++ b/source/blender/bmesh/intern/bmesh_mesh_convert.c
@ -223,6 +223,7 @@ void BM_mesh_bm_from_me(Object *ob, BMesh *bm, const Mesh *me, const struct BMes
  CustomData_MeshMasks_update(&mask, &params->cd_mask_extra);

  MultiresModifierData *mmd = ob ? get_multires_modifier(NULL, ob, true) : NULL;
+
  if (mmd) {
    bm->multires = *mmd;
    bm->haveMultiResSettings = true;
--- a/source/blender/editors/sculpt_paint/sculpt.c
+++ b/source/blender/editors/sculpt_paint/sculpt.c
@ -8398,15 +8398,13 @@ static bool sculpt_stroke_test_start(bContext *C, struct wmOperator *op, const f
  return false;
 }

-static void sculpt_stroke_update_step(bContext *C,
-                                                               struct PaintStroke *stroke,
-                                                               PointerRNA *itemptr)
+static void sculpt_stroke_update_step(bContext *C, struct PaintStroke *stroke, PointerRNA *itemptr)
 {
  UnifiedPaintSettings *ups = &CTX_data_tool_settings(C)->unified_paint_settings;
  Sculpt *sd = CTX_data_tool_settings(C)->sculpt;
  Object *ob = CTX_data_active_object(C);
  SculptSession *ss = ob->sculpt;
-  const Brush *brush = BKE_paint_brush(&sd->paint);
+  Brush *brush = BKE_paint_brush(&sd->paint);

  ss->cache->stroke_distance = stroke->stroke_distance;
  ss->cache->stroke_distance_t = stroke->stroke_distance_t;
@ -8960,10 +8958,12 @@ void ED_object_sculptmode_enter_ex(Main *bmain,
      /* Needed because we may be entering this mode before the undo system loads. */
      wmWindowManager *wm = bmain->wm.first;
      bool has_undo = wm->undo_stack != NULL;
+
      /* Undo push is needed to prevent memory leak. */
      if (has_undo) {
        SCULPT_undo_push_begin(ob, "Dynamic topology enable");
      }
+
      SCULPT_dynamic_topology_enable_ex(bmain, depsgraph, scene, ob);
      if (has_undo) {
        SCULPT_undo_push_node(ob, NULL, SCULPT_UNDO_DYNTOPO_BEGIN);
@ -9444,8 +9444,6 @@ static void do_fake_neighbor_search_task_cb(void *__restrict userdata,
  NearestVertexFakeNeighborTLSData *nvtd = tls->userdata_chunk;
  PBVHVertexIter vd;

-  bool has_bmesh = false;
-
  SCULPT_vertex_random_access_ensure(ss);

  BKE_pbvh_vertex_iter_begin (ss->pbvh, data->nodes[n], vd, PBVH_ITER_UNIQUE) {
--- a/source/blender/editors/sculpt_paint/sculpt_dyntopo.c
+++ b/source/blender/editors/sculpt_paint/sculpt_dyntopo.c
@ -360,6 +360,7 @@ void SCULPT_dynamic_topology_enable_ex(Main *bmain, Depsgraph *depsgraph, Scene
                              .use_toolflags = false,
                          }));

+
  BM_mesh_bm_from_me(NULL,
                     ss->bm,
                     me,