Blender Git Commits

Revert "Node selection: Stop operator when mouse selection selected a node"

This reverts commit bf58ec9265eef8c6cd3dc350557829151995ef28.

Cycles: Fix difference in image Clip extension method between CPU and GPU

Our own implementation was behaving different comparing to OSL and GPU,
namely on the border pixels OSL and CUDA was doing interpolation with
black, but we were clamping coordinate.

This partially fixes issue reported in T53452.

Similar change should also be done for 3D interpolation perhaps, but this
is to be investigated separately.

Fix T53850: Lock to Cursor breaks 3D manipulators

Fix manual lookups (data is now lowercase)

Fix old files with changed node socket type not loading correctly.

This would lead to sock.default_value pointing to the wrong data type,
possibly causing crashes. Unfortunately, this bug will still exist for
older Blender versions that try to load newer files, which makes
changing the type of a node socket problematic.

Fix T53832: Particle weight paint crash

Drawing hair weights read before the hair array start.
This code could be improved since it currently copy-pastes,
from do_particle_interpolation, but this would need larger changes.

For now just correct existing logic.

Fix T53823: Particle weight brush crash

Entering particle edit mode w/ the weight brush enabled crashed
on non-hair particle systems.

Fix memory leak in recent curve refactor

5b25605761fb7

Fix buffer overflow vulnerability in curve, font, particles code.

Solves these security issues from T52924:
CVE-2017-12102
CVE-2017-12103
CVE-2017-12104

While the specific overflow issue may be fixed, loading the repro .blend
files may still crash because they are incomplete and corrupt. The way
they crash may be impossible to exploit, but this is difficult to prove.

Differential Revision: https://developer.blender.org/D3002

Fix buffer overflow vulnerabilities in mesh code.

Solves these security issues from T52924:
CVE-2017-12081
CVE-2017-12082
CVE-2017-12086
CVE-2017-12099
CVE-2017-12100
CVE-2017-12101
CVE-2017-12105

While the specific overflow issue may be fixed, loading the repro .blend
files may still crash because they are incomplete and corrupt. The way
they crash may be impossible to exploit, but this is difficult to prove.

Differential Revision: https://developer.blender.org/D3002

Fix Linux/GCC compiler warning in recent fixes.

Fix buffer overflow vulernability in thumbnail file reading.

Fixes CVE-2017-2908 from T52924.

Differential Revision: https://developer.blender.org/D3001

Fix buffer overflows in TIFF, PNG, IRIS, DPX, HDR and AVI loading.

Solves these security issues from T52924:
CVE-2017-2899
CVE-2017-2900
CVE-2017-2901
CVE-2017-2902
CVE-2017-2903
CVE-2017-2904
CVE-2017-2905
CVE-2017-2906
CVE-2017-2907
CVE-2017-2918

Differential Revision: https://developer.blender.org/D2999

Memory: add MEM_malloc_arrayN() function to protect against overflow.

Differential Revision: https://developer.blender.org/D3002

Fix T53810: Crash removing a scene used in render

Header drawing accesses the scene too.

Revert "Fix T53752: Draw curve fails w/ stylus"

This reverts commit d0e0f33f57b02fecf75c08f3c144d07915367781.

Requested by author, since it raised new issues, better not have it in
bugfix release!

Fix T53772: Presets don't support colons

Fix T47212: Luminance Key not working with HDR and out-of-gamut ranges.

Differential Revision: https://developer.blender.org/D2981

Fix T53567: Negative pixel values causing artifacts with denoising

Now negative color values are clamped to zero before the actual denoising.

Cycles: Fixed compilation of CUDA kernels. Follow-up fix for my last commit.