Date: prev next · Thread: first prev next last
2011 Archives by date, by thread · List index


On 24/05/11 21:03, Kohei Yoshida wrote:
The attached patch fixes the crasher reported in

https://bugs.freedesktop.org/show_bug.cgi?id=37520

The crash occurs in ScRangeList::Join() where the array size is cached
prior to the for loop, but array may shrink during the loop, in which
case an out-of-bound array access may occur which in turn results in a
crash.  I'm actually surprised that this didn't cause a crash on
Linux.

Anyhow, the solution is to always dynamically check the size of the
array via size() method in each iteration, instead of caching it for
all iterations.

Review appreciated.  I'd like this to go into the -3-4-0 branch.  So I
need three sign-off's.

Kohei
the third and pushed to 3.4.0 ( not sure are we finished with that branch though )

Noel

Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.