Serious bug in RefObjectRef::set()
by Tom Spilman · in Torque Game Engine Advanced · 11/22/2004 (5:21 pm) · 5 replies
I found a very serious bug in RefObjectRef::set() while fixing a crash in the Terrain Painter (http://www.garagegames.com/mg/forums/result.thread.php?qt=23322):
If mObject == object and mRefCount == 1 you'll end up with a dangling pointer as the object is freed but the pointer remains set.
The fix is simple:
With this change you can now change textures in the Terrain Painter without crashing. It was probably effecting other things in the engine also.
void RefObjectRef::set(RefBase *object)
{
decRef();
mObject = object;
incRef();
}If mObject == object and mRefCount == 1 you'll end up with a dangling pointer as the object is freed but the pointer remains set.
The fix is simple:
void RefObjectRef::set(RefBase *object)
{
if ( mObject != object ) {
decRef();
mObject = object;
incRef();
}
}With this change you can now change textures in the Terrain Painter without crashing. It was probably effecting other things in the engine also.
About the author
Tom is a programmer and co-owner of Sickhead Games, LLC.
#2
- Melv.
11/23/2004 (4:39 am)
@Tom: If you haven't already, could you send this to Ben Garney beng@garagegames.com so that he can integrate it.- Melv.
#3
@Melv: Sent... i guess Ben doesn't follow this forum?
11/23/2004 (7:16 am)
@Stevie: You make the change in the set member of the RefObjectRef class in refBase.h.@Melv: Sent... i guess Ben doesn't follow this forum?
#4
keep up the good work!
11/23/2004 (7:20 am)
He does follow all forums he can but it'd be most effective to *email* him the info.keep up the good work!
#5
11/23/2004 (12:38 pm)
Good catch Tom, the fix is checked in. 
Torque 3D Owner arteria3d
WHich file do u alter please???? What is its name
Steve