From 866c47b88eb494269e55476a13c9aefdd9cbc292 Mon Sep 17 00:00:00 2001 From: danij Date: Thu, 4 Dec 2014 02:37:09 +0000 Subject: [PATCH] Fixed|Map Renderer|Client|Debug: Crash attempting to sort vissprites If rend-dev-freeze 1 was set prior to starting a map, no vissprites were generated during the first frame, meaning visSpriteP == NULL, thus when subtracted from visSprites yielded an completely incorrect count of the number of vissprites in use. Consequently, R_SortVisSprites() trashed whatever happened to be in memory following the fixed-size visSprites array and utterly confused itself when trying to sort the results. Ultimately causing a crash when it attempted to deference an invalid pointer. --- doomsday/client/src/render/rend_main.cpp | 2 +- doomsday/client/src/render/vissprite.cpp | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/doomsday/client/src/render/rend_main.cpp b/doomsday/client/src/render/rend_main.cpp index abd41c4d76..5fb82157f8 100644 --- a/doomsday/client/src/render/rend_main.cpp +++ b/doomsday/client/src/render/rend_main.cpp @@ -3585,7 +3585,7 @@ static void drawMasked() R_SortVisSprites(); - if(visSpriteP > visSprites) + if(visSpriteP && visSpriteP > visSprites) { bool primaryHaloDrawn = false; diff --git a/doomsday/client/src/render/vissprite.cpp b/doomsday/client/src/render/vissprite.cpp index 509e02f927..3bb2235fa3 100644 --- a/doomsday/client/src/render/vissprite.cpp +++ b/doomsday/client/src/render/vissprite.cpp @@ -117,7 +117,9 @@ void VisSprite_SetupModel(vissprite_t *spr, void R_SortVisSprites() { - int count = visSpriteP - visSprites; + if(!visSpriteP) return; + + int const count = visSpriteP - visSprites; if(!count) return; vissprite_t unsorted;