From 7eb3436bad4b0deace67923308f86f519248f329 Mon Sep 17 00:00:00 2001
From: terminx <terminx@1a8010ca-5511-0410-912e-c29ae57300e0>
Date: Sun, 7 Oct 2018 05:19:55 +0000
Subject: [PATCH] Fix potential null pointer dereferences when rendering a
 model with no animations (?)

git-svn-id: https://svn.eduke32.com/eduke32@6997 1a8010ca-5511-0410-912e-c29ae57300e0
---
 source/build/src/mdsprite.cpp | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/source/build/src/mdsprite.cpp b/source/build/src/mdsprite.cpp
index f6e51fdd6..ad9e6629a 100644
--- a/source/build/src/mdsprite.cpp
+++ b/source/build/src/mdsprite.cpp
@@ -1105,16 +1105,12 @@ void updateanimation(md2model_t *m, const uspritetype *tspr, uint8_t lpal)
         goto prep_return;
     }
 
-    fps = smooth->mdsmooth ?
-          Blrintf((1.0f / ((float)tile2model[tile].smoothduration * (1.f / (float)UINT16_MAX))) * 66.f) :
-          anim->fpssc;
+    fps = smooth->mdsmooth ? Blrintf((1.0f / ((float)tile2model[tile].smoothduration * (1.f / (float)UINT16_MAX))) * 66.f) : anim ? anim->fpssc : 1;
 
-    i = (mdtims - sprext->mdanimtims)*((fps*timerticspersec)/120);
+    i = (mdtims - sprext->mdanimtims) * ((fps * timerticspersec) / 120);
+
+    j = (smooth->mdsmooth || !anim) ? 65536 : ((anim->endframe + 1 - anim->startframe) << 16);
 
-    if (smooth->mdsmooth)
-        j = 65536;
-    else
-        j = ((anim->endframe+1-anim->startframe)<<16);
     // XXX: Just in case you play the game for a VERY long time...
     if (i < 0) { i = 0; sprext->mdanimtims = mdtims; }
     //compare with j*2 instead of j to ensure i stays > j-65536 for MDANIM_ONESHOT
@@ -1153,13 +1149,16 @@ void updateanimation(md2model_t *m, const uspritetype *tspr, uint8_t lpal)
     }
     else
     {
-        m->cframe = (i>>16)+anim->startframe;
+        if (anim)
+            m->cframe = (i>>16)+anim->startframe;
+
 #ifdef DEBUGGINGAIDS
         if (m->cframe >= m->numframes)
             OSD_Printf("6: c > n\n");
 #endif
         m->nframe = m->cframe+1;
-        if (m->nframe > anim->endframe)  // VERIFY: (!(r_animsmoothing && smooth->mdsmooth)) implies (anim!=NULL) ?
+
+        if (anim && m->nframe > anim->endframe)  // VERIFY: (!(r_animsmoothing && smooth->mdsmooth)) implies (anim!=NULL) ?
             m->nframe = anim->startframe;
 
         smooth->mdoldframe = m->cframe;