Relintai/pandemonium_engine
1
0
Fork 0
mirror of https://github.com/Relintai/pandemonium_engine.git synced 2024-11-21 16:37:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix physics platform behaviour regression

Browse Source 
Lifetime checks for stored `RIDs` for collision objects assumed they had valid `object_ids`.
It turns out that some are not derived from `Object` and thus checking `ObjectDB` returns false for some valid `RIDs`.
To account for this we only perform lifetime checks on valid `object_ids`.
This commit is contained in:
lawnjelly 2024-09-22 08:51:43 +01:00 committed by Relintai
parent bdd55432ee
commit af805132b2
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
scene/3d/physics_body.cpp
View File

@ -1085,7 +1085,12 @@ Vector3 KinematicBody::_move_and_slide_internal(const Vector3 &p_linear_velocity
// We need to check the on_floor_body still exists before accessing. // We need to check the on_floor_body still exists before accessing.
// A valid RID is no guarantee that the object has not been deleted. // A valid RID is no guarantee that the object has not been deleted.
if (ObjectDB::get_instance(on_floor_body_id)) {
// We can only perform the ObjectDB lifetime check on Object derived objects.
// Note that physics also creates RIDs for non-Object derived objects, these cannot
// be lifetime checked through ObjectDB, and therefore there is a still a vulnerability
// to dangling RIDs (access after free) in this scenario.
if (!on_floor_body_id || ObjectDB::get_instance(on_floor_body_id)) {
// This approach makes sure there is less delay between the actual body velocity and the one we saved. // This approach makes sure there is less delay between the actual body velocity and the one we saved.
bs = PhysicsServer::get_singleton()->body_get_direct_state(on_floor_body_rid); bs = PhysicsServer::get_singleton()->body_get_direct_state(on_floor_body_rid);
} }