isledecomp/isle-portable
1
0
Fork 0
mirror of https://github.com/isledecomp/isle-portable.git synced 2026-05-01 18:13:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix use-after-free in LegoCharacterManager::ReleaseActor (#214) (#793)

Browse Source 
Null out the actor's ROI pointer before deletion to prevent its
destructor from dereferencing the already-freed ROI.
This commit is contained in:
foxtacles 2026-04-05 13:26:37 -07:00 committed by GitHub
parent b3e73aa675
commit e05a741840
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
LEGO1/lego/legoomni/src/common/legocharactermanager.cpp
View File

@ -358,6 +358,7 @@ void LegoCharacterManager::ReleaseActor(const char* p_name)
if (info != NULL) { if (info != NULL) {
if (info->m_actor != NULL) { if (info->m_actor != NULL) {
info->m_actor->SetROI(NULL, FALSE, FALSE);
info->m_actor->ClearFlag(LegoEntity::c_managerOwned); info->m_actor->ClearFlag(LegoEntity::c_managerOwned);
delete info->m_actor; delete info->m_actor;
} }
@ -400,6 +401,7 @@ void LegoCharacterManager::ReleaseActor(LegoROI* p_roi)
if (info != NULL) { if (info != NULL) {
if (info->m_actor != NULL) { if (info->m_actor != NULL) {
info->m_actor->SetROI(NULL, FALSE, FALSE);
info->m_actor->ClearFlag(LegoEntity::c_managerOwned); info->m_actor->ClearFlag(LegoEntity::c_managerOwned);
delete info->m_actor; delete info->m_actor;
} }