From 54f5d01190d0952c5d4fcae1f34d7e3bba0a14e5 Mon Sep 17 00:00:00 2001 From: Alex Date: Wed, 31 May 2023 11:37:15 +0000 Subject: [PATCH 1/2] Fix Heap-buffer-overflow WRITE in Assimp::ObjFileImporter::createVertexArray --- code/AssetLib/Obj/ObjFileImporter.cpp | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/code/AssetLib/Obj/ObjFileImporter.cpp b/code/AssetLib/Obj/ObjFileImporter.cpp index cf4515794..173ef2074 100644 --- a/code/AssetLib/Obj/ObjFileImporter.cpp +++ b/code/AssetLib/Obj/ObjFileImporter.cpp @@ -323,7 +323,7 @@ aiMesh *ObjFileImporter::createTopology(const ObjFile::Model *pModel, const ObjF return nullptr; } - aiMesh *pMesh = new aiMesh; + std::unique_ptr pMesh(new aiMesh); if (!pObjMesh->m_name.empty()) { pMesh->mName.Set(pObjMesh->m_name); } @@ -385,9 +385,9 @@ aiMesh *ObjFileImporter::createTopology(const ObjFile::Model *pModel, const ObjF } // Create mesh vertices - createVertexArray(pModel, pData, meshIndex, pMesh, uiIdxCount); + createVertexArray(pModel, pData, meshIndex, pMesh.get(), uiIdxCount); - return pMesh; + return pMesh.release(); } // ------------------------------------------------------------------------------------------------ @@ -498,6 +498,10 @@ void ObjFileImporter::createVertexArray(const ObjFile::Model *pModel, if (vertexIndex) { if (!last) { + if (pMesh->mNumVertices <= newIndex + 1) { + throw DeadlyImportError("OBJ: bad vertex index"); + } + pMesh->mVertices[newIndex + 1] = pMesh->mVertices[newIndex]; if (!sourceFace->m_normals.empty() && !pModel->mNormals.empty()) { pMesh->mNormals[newIndex + 1] = pMesh->mNormals[newIndex]; From 1538669f70e3c49449630e9f8e58d2d5f1e12291 Mon Sep 17 00:00:00 2001 From: Kim Kulling Date: Wed, 31 May 2023 20:45:51 +0200 Subject: [PATCH 2/2] Update_ Use latest ubuntu image and switch to ninja --- Dockerfile | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index b65d131a4..5da5458f8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,14 +1,9 @@ -FROM ubuntu:14.04 +FROM ubuntu:22.04 -RUN apt-get update && apt-get install -y \ +RUN apt-get update && apt-get install -y ninja-build \ git cmake build-essential software-properties-common -RUN add-apt-repository ppa:ubuntu-toolchain-r/test && apt-get update && apt-get install -y gcc-4.9 g++-4.9 && \ - cd /usr/bin && \ - rm gcc g++ cpp && \ - ln -s gcc-4.9 gcc && \ - ln -s g++-4.9 g++ && \ - ln -s cpp-4.9 cpp +RUN add-apt-repository ppa:ubuntu-toolchain-r/test && apt-get update WORKDIR /opt @@ -19,7 +14,8 @@ WORKDIR /opt/assimp RUN git checkout master \ && mkdir build && cd build && \ - cmake \ + cmake -G 'Ninja' \ -DCMAKE_BUILD_TYPE=Release \ + -DASSIMP_BUILD_ASSIMP_TOOLS=ON \ .. && \ - make && make install + ninja -j4 && ninja install