phaneron/Kelsidavis-WoWee
1
0
Fork 0
mirror of https://github.com/Kelsidavis/WoWee.git synced 2026-05-07 09:33:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

fix(wom): sanitize bone pivot NaN + clamp out-of-range parentBone

Browse source 
Bones with NaN pivots produce broken skeleton matrices that ripple into
every child bone via the parent-chain multiplication. Out-of-range
parentBone indices would cause a use-after-free during bone-matrix
computation. Both now defensively clamped.
This commit is contained in:
Kelsi 2026-05-06 05:19:24 -07:00
parent 15648e21ec
commit f0abd1794b
1 changed files with 12 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/pipeline/wowee_model.cpp
View file

@ -109,6 +109,18 @@ WoweeModel WoweeModelLoader::load(const std::string& basePath) {
f.read(reinterpret_cast<char*>(&bone.parentBone), 2);
f.read(reinterpret_cast<char*>(&bone.pivot), 12);
f.read(reinterpret_cast<char*>(&bone.flags), 4);
// Sanitize pivot — bones with NaN pivots produce broken
// skeleton matrices that ripple into every child bone.
if (!std::isfinite(bone.pivot.x)) bone.pivot.x = 0.0f;
if (!std::isfinite(bone.pivot.y)) bone.pivot.y = 0.0f;
if (!std::isfinite(bone.pivot.z)) bone.pivot.z = 0.0f;
// parentBone must be < boneCount (or -1) — out-of-range
// parents would cause a use-after-free during bone-matrix
// computation that walks the parent chain.
if (bone.parentBone >= 0 &&
static_cast<uint32_t>(bone.parentBone) >= boneCount) {
bone.parentBone = -1;
}
}
}