From 82c52eab6cf536264cb56c847ff31208691ba722 Mon Sep 17 00:00:00 2001 From: Lyuma Date: Fri, 3 Feb 2023 19:19:52 -0800 Subject: [PATCH] StringName: fix returning dangling data from char constructor. Fixes a copy paste mistake in the `StringName(const char *,bool)` constructor, to match the same form as the other two constrcutors. This fixes a case where this constructor can return a dangling pointer and cause use-after-free. --- core/string/string_name.cpp | 65 +++++++++++++++++-------------------- 1 file changed, 29 insertions(+), 36 deletions(-) diff --git a/core/string/string_name.cpp b/core/string/string_name.cpp index 95812fc3110..df9b6b3f1aa 100644 --- a/core/string/string_name.cpp +++ b/core/string/string_name.cpp @@ -226,19 +226,16 @@ StringName::StringName(const char *p_name, bool p_static) { _data = _data->next; } - if (_data) { - if (_data->refcount.ref()) { - // exists - if (p_static) { - _data->static_count.increment(); - } -#ifdef DEBUG_ENABLED - if (unlikely(debug_stringname)) { - _data->debug_references++; - } -#endif + if (_data && _data->refcount.ref()) { + // exists + if (p_static) { + _data->static_count.increment(); } - +#ifdef DEBUG_ENABLED + if (unlikely(debug_stringname)) { + _data->debug_references++; + } +#endif return; } @@ -288,19 +285,17 @@ StringName::StringName(const StaticCString &p_static_string, bool p_static) { _data = _data->next; } - if (_data) { - if (_data->refcount.ref()) { - // exists - if (p_static) { - _data->static_count.increment(); - } -#ifdef DEBUG_ENABLED - if (unlikely(debug_stringname)) { - _data->debug_references++; - } -#endif - return; + if (_data && _data->refcount.ref()) { + // exists + if (p_static) { + _data->static_count.increment(); } +#ifdef DEBUG_ENABLED + if (unlikely(debug_stringname)) { + _data->debug_references++; + } +#endif + return; } _data = memnew(_Data); @@ -348,19 +343,17 @@ StringName::StringName(const String &p_name, bool p_static) { _data = _data->next; } - if (_data) { - if (_data->refcount.ref()) { - // exists - if (p_static) { - _data->static_count.increment(); - } -#ifdef DEBUG_ENABLED - if (unlikely(debug_stringname)) { - _data->debug_references++; - } -#endif - return; + if (_data && _data->refcount.ref()) { + // exists + if (p_static) { + _data->static_count.increment(); } +#ifdef DEBUG_ENABLED + if (unlikely(debug_stringname)) { + _data->debug_references++; + } +#endif + return; } _data = memnew(_Data);