From f7655dd322dd64d2a007857d2aff7d76bd86b60a Mon Sep 17 00:00:00 2001
From: Julian Eisel <julian@blender.org>
Date: Mon, 28 Sep 2020 12:04:39 +0200
Subject: [PATCH] UI Code Quality: Clear layout pointer on layout destruction

The layout pointer is quite ugly, but currently needed to work around
design issues. At least it should be cleared to avoid use-after-free.
---
 source/blender/editors/interface/interface_layout.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/source/blender/editors/interface/interface_layout.c b/source/blender/editors/interface/interface_layout.c
index 23f29760a5e..ac1b9a972f0 100644
--- a/source/blender/editors/interface/interface_layout.c
+++ b/source/blender/editors/interface/interface_layout.c
@@ -5586,6 +5586,9 @@ static void ui_layout_free(uiLayout *layout)
 {
   LISTBASE_FOREACH_MUTABLE (uiItem *, item, &layout->items) {
     if (item->type == ITEM_BUTTON) {
+      uiButtonItem *bitem = (uiButtonItem *)item;
+
+      bitem->but->layout = NULL;
       MEM_freeN(item);
     }
     else {