From f6c08d45108d713fc42786885d1d38a4b95c10ac Mon Sep 17 00:00:00 2001 From: Mike Antipov Date: Thu, 22 Jul 2010 12:46:57 +0300 Subject: EXT-8459 FIXED preventing crashes: 1) ensure that pointer to inventory item is still valid when landmark is loaded from notecard and 2) adding a check for region capability There are two reasons of the crash reported in the bug: * absence of the "CopyInventoryFromNotecard" capability in region (which leads to crash while logging of a LL_ERRS) * referencing to an invalid pointer to LLInventoryItem in callback. The first issue is fixed by preventing sending of the "CopyInventoryFromNotecard" message if it is not supported (in the "copy_inventory_from_notecard()") The second issue caused by such reason: * Notecard stores LLPointer to each embedded inventory item * When Landmark is clicked it should be opened in Places Panel and inventory item should copied into agent inventory * If it is unknown to agent it is requested and pointer (but not LLPointer!) to inventory item was bound to an appropriate callback * Then when landmark is loaded that inventory item is copied to inventory. * If notecard was closed before callback was trigged all instances to embedded inventory items were destroyed. This leads to crash when trigged callback tries to reference to bound pointer to inventory item (for landmarks) Fix is to pass LLPointer instead of pointer to inventory item into callback to ensure item is valid when it is needed. Details: * updated LLEmbeddedItems::getEmbeddedItem() to return LLPointer to inventory item (and renamed to getEmbeddedItemPtr) * updated LLViewerTextEditor::openEmbeddedItem() to get LLPointer to inventory item * updated LLViewerTextEditor::openEmbeddedLandmark() to get LLPointer to inventory item Patch also contains some more places where pointer is replaced with LLPointer to be consistent. NOTE: there are several LLViewerTextEditor::openEmbeddedXXX() methods which still get pointer to inventory item. It is safe for now because they use it synchronously. I have added a note at their declaration. Reviewed by Vadim Savchuk at https://codereview.productengine.com/secondlife/r/784/ --HG-- branch : product-engine --- indra/newview/llviewertexteditor.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'indra/newview/llviewertexteditor.h') diff --git a/indra/newview/llviewertexteditor.h b/indra/newview/llviewertexteditor.h index ba0c40cb2e..74b6d70640 100644 --- a/indra/newview/llviewertexteditor.h +++ b/indra/newview/llviewertexteditor.h @@ -104,13 +104,16 @@ private: virtual llwchar pasteEmbeddedItem(llwchar ext_char); BOOL openEmbeddedItemAtPos( S32 pos ); - BOOL openEmbeddedItem(LLInventoryItem* item, llwchar wc); + BOOL openEmbeddedItem(LLPointer item, llwchar wc); S32 insertEmbeddedItem(S32 pos, LLInventoryItem* item); + // *NOTE: most of openEmbeddedXXX methods except openEmbeddedLandmark take pointer to LLInventoryItem. + // Be sure they don't bind it to callback function to avoid situation when it gets invalid when + // callback is trigged after text editor is closed. See EXT-8459. void openEmbeddedTexture( LLInventoryItem* item, llwchar wc ); void openEmbeddedSound( LLInventoryItem* item, llwchar wc ); - void openEmbeddedLandmark( LLInventoryItem* item, llwchar wc ); + void openEmbeddedLandmark( LLPointer item_ptr, llwchar wc ); void openEmbeddedNotecard( LLInventoryItem* item, llwchar wc); void openEmbeddedCallingcard( LLInventoryItem* item, llwchar wc); void showCopyToInvDialog( LLInventoryItem* item, llwchar wc ); -- cgit v1.2.3