From e48baec95692e2df5ad836486444130d578df260 Mon Sep 17 00:00:00 2001
From: Jacek Antonelli
Date: Thu, 3 Sep 2009 19:08:42 -0500
Subject: Backported 1.23 fix for animation joint assertion crash.

---
 linden/indra/llcharacter/llkeyframemotion.cpp | 37 +++++++++++++++++++++++++--
 1 file changed, 35 insertions(+), 2 deletions(-)

(limited to 'linden')

diff --git a/linden/indra/llcharacter/llkeyframemotion.cpp b/linden/indra/llcharacter/llkeyframemotion.cpp
index 212020b..4b138b1 100644
--- a/linden/indra/llcharacter/llkeyframemotion.cpp
+++ b/linden/indra/llcharacter/llkeyframemotion.cpp
@@ -1560,6 +1560,13 @@ BOOL LLKeyframeMotion::deserialize(LLDataPacker& dp)
 			}
 			constraintp->mChainLength = (S32) byte;
 
+			if((U32)constraintp->mChainLength > mJointMotionList->getNumJointMotions())
+			{
+				llwarns << "invalid constraint chain length" << llendl;
+				delete constraintp;
+				return FALSE;
+			}
+
 			if (!dp.unpackU8(byte, "constraint_type"))
 			{
 				llwarns << "can't read constraint type" << llendl;
@@ -1587,7 +1594,14 @@ BOOL LLKeyframeMotion::deserialize(LLDataPacker& dp)
 				delete constraintp;
 				return FALSE;
 			}
-
+			
+			if( !(constraintp->mSourceConstraintOffset.isFinite()) )
+			{
+				llwarns << "non-finite constraint source offset" << llendl;
+				delete constraintp;
+				return FALSE;
+			}
+			
 			if (!dp.unpackBinaryDataFixed(bin_data, BIN_DATA_LENGTH, "target_volume"))
 			{
 				llwarns << "can't read target volume name" << llendl;
@@ -1615,6 +1629,13 @@ BOOL LLKeyframeMotion::deserialize(LLDataPacker& dp)
 				return FALSE;
 			}
 
+			if( !(constraintp->mTargetConstraintOffset.isFinite()) )
+			{
+				llwarns << "non-finite constraint target offset" << llendl;
+				delete constraintp;
+				return FALSE;
+			}
+			
 			if (!dp.unpackVector3(constraintp->mTargetConstraintDir, "target_dir"))
 			{
 				llwarns << "can't read constraint target direction" << llendl;
@@ -1622,6 +1643,13 @@ BOOL LLKeyframeMotion::deserialize(LLDataPacker& dp)
 				return FALSE;
 			}
 
+			if( !(constraintp->mTargetConstraintDir.isFinite()) )
+			{
+				llwarns << "non-finite constraint target direction" << llendl;
+				delete constraintp;
+				return FALSE;
+			}
+
 			if (!constraintp->mTargetConstraintDir.isExactlyZero())
 			{
 				constraintp->mUseTargetOffset = TRUE;
@@ -1685,8 +1713,13 @@ BOOL LLKeyframeMotion::deserialize(LLDataPacker& dp)
 						break;
 					}
 				}
+				if (constraintp->mJointStateIndices[i] < 0 )
+				{
+					llwarns << "No joint index for constraint " << i << llendl;
+					delete constraintp;
+					return FALSE;
+				}
 			}
-
 		}
 	}
 
-- 
cgit v1.1