From f4e6ccc2c4a79e77dc338f8caec6510751c3ee83 Mon Sep 17 00:00:00 2001 From: Andrey Kleshchev Date: Tue, 19 Jul 2022 21:08:51 +0300 Subject: SL-17796 Crash at LLVolumeFace::getVertexData --- indra/llmath/llvolume.cpp | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'indra/llmath') diff --git a/indra/llmath/llvolume.cpp b/indra/llmath/llvolume.cpp index 5099920f32..cc3f3acbad 100644 --- a/indra/llmath/llvolume.cpp +++ b/indra/llmath/llvolume.cpp @@ -4967,6 +4967,17 @@ void LLVolumeFace::optimize(F32 angle_cutoff) { U16 index = mIndices[i]; + if (index >= mNumVertices) + { + // invalid index + // replace with a valid index to avoid crashes + index = mNumVertices - 1; + mIndices[i] = index; + + // Needs better logging + LL_DEBUGS_ONCE("LLVOLUME") << "Invalid index, substituting" << LL_ENDL; + } + LLVolumeFace::VertexData cv; getVertexData(index, cv); @@ -5339,6 +5350,17 @@ bool LLVolumeFace::cacheOptimize() U16 idx = mIndices[i]; U32 tri_idx = i / 3; + if (idx >= mNumVertices) + { + // invalid index + // replace with a valid index to avoid crashes + idx = mNumVertices - 1; + mIndices[i] = idx; + + // Needs better logging + LL_DEBUGS_ONCE("LLVOLUME") << "Invalid index, substituting" << LL_ENDL; + } + vertex_data[idx].mTriangles.push_back(&(triangle_data[tri_idx])); vertex_data[idx].mIdx = idx; triangle_data[tri_idx].mVertex[i % 3] = &(vertex_data[idx]); -- cgit v1.3 From 5a74f7648a7dda28f8634e825cc506de465bd424 Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Thu, 3 Nov 2022 15:18:32 -0400 Subject: DRTVWR-575: A few more tweaks addressing size_t wider than 32 bits. --- indra/llcommon/tests/lleventdispatcher_test.cpp | 2 +- indra/llcorehttp/bufferarray.cpp | 6 +++--- indra/llimage/llimageworker.cpp | 2 +- indra/llimage/llimageworker.h | 2 +- indra/llmath/llvolume.cpp | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) (limited to 'indra/llmath') diff --git a/indra/llcommon/tests/lleventdispatcher_test.cpp b/indra/llcommon/tests/lleventdispatcher_test.cpp index 9da1ecfd67..966dc2c5aa 100644 --- a/indra/llcommon/tests/lleventdispatcher_test.cpp +++ b/indra/llcommon/tests/lleventdispatcher_test.cpp @@ -335,7 +335,7 @@ namespace tut // Full, partial defaults arrays for params for freena(), freenb() LLSD dft_array_full, dft_array_partial; // Start index of partial defaults arrays - const LLSD::Integer partial_offset; + const size_t partial_offset; // Full, partial defaults maps for params for freena(), freenb() LLSD dft_map_full, dft_map_partial; // Most of the above are indexed by "a" or "b". Useful to have an diff --git a/indra/llcorehttp/bufferarray.cpp b/indra/llcorehttp/bufferarray.cpp index e0b2876a00..4c680fdb56 100644 --- a/indra/llcorehttp/bufferarray.cpp +++ b/indra/llcorehttp/bufferarray.cpp @@ -196,7 +196,7 @@ size_t BufferArray::read(size_t pos, void * dst, size_t len) return 0; size_t result(0), offset(0); - const int block_limit(mBlocks.size()); + const auto block_limit(mBlocks.size()); int block_start(findBlock(pos, &offset)); if (block_start < 0) return 0; @@ -228,7 +228,7 @@ size_t BufferArray::write(size_t pos, const void * src, size_t len) return 0; size_t result(0), offset(0); - const int block_limit(mBlocks.size()); + const auto block_limit(mBlocks.size()); int block_start(findBlock(pos, &offset)); if (block_start >= 0) @@ -288,7 +288,7 @@ int BufferArray::findBlock(size_t pos, size_t * ret_offset) if (pos >= mLen) return -1; // Doesn't exist - const int block_limit(mBlocks.size()); + const auto block_limit(mBlocks.size()); for (int i(0); i < block_limit; ++i) { if (pos < mBlocks[i]->mUsed) diff --git a/indra/llimage/llimageworker.cpp b/indra/llimage/llimageworker.cpp index 0dbb744bcf..ff4336d2de 100644 --- a/indra/llimage/llimageworker.cpp +++ b/indra/llimage/llimageworker.cpp @@ -46,7 +46,7 @@ LLImageDecodeThread::~LLImageDecodeThread() // MAIN THREAD // virtual -S32 LLImageDecodeThread::update(F32 max_time_ms) +size_t LLImageDecodeThread::update(F32 max_time_ms) { LL_PROFILE_ZONE_SCOPED_CATEGORY_TEXTURE; LLMutexLock lock(mCreationMutex); diff --git a/indra/llimage/llimageworker.h b/indra/llimage/llimageworker.h index 1bfb0ddfd3..54814c24c5 100644 --- a/indra/llimage/llimageworker.h +++ b/indra/llimage/llimageworker.h @@ -78,7 +78,7 @@ public: handle_t decodeImage(LLImageFormatted* image, U32 priority, S32 discard, BOOL needs_aux, Responder* responder); - S32 update(F32 max_time_ms); + size_t update(F32 max_time_ms); // Used by unit tests to check the consistency of the thread instance S32 tut_size(); diff --git a/indra/llmath/llvolume.cpp b/indra/llmath/llvolume.cpp index f43d07ce5e..bac630f626 100644 --- a/indra/llmath/llvolume.cpp +++ b/indra/llmath/llvolume.cpp @@ -2398,7 +2398,7 @@ bool LLVolume::unpackVolumeFaces(std::istream& is, S32 size) mVolumeFaces.resize(face_count); - for (U32 i = 0; i < face_count; ++i) + for (size_t i = 0; i < face_count; ++i) { LLVolumeFace& face = mVolumeFaces[i]; -- cgit v1.3