269987085f
description:
- The current implementation has faulty reallocation logic when parsing a CSM file
- Issue 1
- 4ad1d2aa30/code/AssetLib/CSM/CSMLoader.cpp (L205)
- By assigning s->mNumPositionKeys = alloc*2 right before resizing the buffer, making s->mNumPositionKeys equivalent to the
max number of aiVectorKey that can be stored in s->mPositionKeys
- the code later attempts to get the next write location by doing: aiVectorKey* sub = s->mPositionKeys + s->mNumPositionKeys;
- this points to the end of the array, not after the last element in the array
- Issue 2
- 4ad1d2aa30/code/AssetLib/CSM/CSMLoader.cpp (L178-L184)
- if the CSM file does not declare last frame data, then mPositionKeys will never be initialized
fix:
- we preserve s->mNumPositionKeys to still contain the actual number of aiVectorKeys and ensure that we will not write out of bounds
- we initialize mPositionKeys with a default value and if we find last frame info, we just re-initialize it
Co-authored-by: Vinz Spring <vinzs@amazon.de>
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>