[Libreoffice-commits] core.git: 8 commits - basic/source filter/source sc/inc sc/source sw/source vcl/source
Markus Mohrhard
markus.mohrhard at googlemail.com
Sun Jan 19 09:16:33 PST 2014
basic/source/classes/sb.cxx | 4 +++-
filter/source/msfilter/msdffimp.cxx | 3 +++
sc/inc/documentstreamaccess.hxx | 3 ++-
sc/source/core/opencl/formulagroupcl.cxx | 16 ++++++++--------
sc/source/core/opencl/opencl_device_selection.h | 1 +
sw/source/core/access/accpara.cxx | 3 ++-
sw/source/filter/ww8/docxattributeoutput.hxx | 6 ++++--
vcl/source/gdi/outdev.cxx | 4 ++--
8 files changed, 25 insertions(+), 15 deletions(-)
New commits:
commit 9fda4ee058d07d5909fdd0b39bb63527954e9b8a
Author: Markus Mohrhard <markus.mohrhard at googlemail.com>
Date: Sun Jan 19 18:03:43 2014 +0100
CID#1158520: use after free
diff --git a/sw/source/core/access/accpara.cxx b/sw/source/core/access/accpara.cxx
index 8219aed..01ec322 100644
--- a/sw/source/core/access/accpara.cxx
+++ b/sw/source/core/access/accpara.cxx
@@ -3674,7 +3674,8 @@ sal_Bool SAL_CALL SwAccessibleParagraph::removeSelection( sal_Int32 selectionInd
}
}
// else: this PaM is collapsed and doesn't select anything
- pCrsr = static_cast<SwPaM*>( pCrsr->GetNext() );
+ if(!bRet)
+ pCrsr = static_cast<SwPaM*>( pCrsr->GetNext() );
}
while( !bRet && (pCrsr != pRingStart) );
}
commit d27fcc53c87fc31fa24cc9446da637d420730b56
Author: Markus Mohrhard <markus.mohrhard at googlemail.com>
Date: Sun Jan 19 17:58:12 2014 +0100
CID#1157755 and CID#1157756: resource leaks
diff --git a/sw/source/filter/ww8/docxattributeoutput.hxx b/sw/source/filter/ww8/docxattributeoutput.hxx
index 74f76ac..c0dbac1 100644
--- a/sw/source/filter/ww8/docxattributeoutput.hxx
+++ b/sw/source/filter/ww8/docxattributeoutput.hxx
@@ -39,6 +39,8 @@
#include <oox/export/drawingml.hxx>
#include <docxtablestyleexport.hxx>
+#include <boost/scoped_ptr.hpp>
+
class SwGrfNode;
class SdrObject;
@@ -790,8 +792,8 @@ private:
};
- TableReference *m_tableReference;
- TableReference *m_oldTableReference;
+ boost::scoped_ptr<TableReference> m_tableReference;
+ boost::scoped_ptr<TableReference> m_oldTableReference;
std::map< OUString, EmbeddedFontRef > fontFilesMap; // font file url to data
commit 6c88dc6f2707808d44a901a93a3978981202706c
Author: Markus Mohrhard <markus.mohrhard at googlemail.com>
Date: Sun Jan 19 17:53:14 2014 +0100
Revert "cppcheck: reduce scope", CID#1158238
This reverts commit 943e2930e7453857f229efe04ade85cb1dc87faf.
That commit introduces memory corruption because the variables are still
used through a pointer.
diff --git a/vcl/source/gdi/outdev.cxx b/vcl/source/gdi/outdev.cxx
index 640c505..8009275 100644
--- a/vcl/source/gdi/outdev.cxx
+++ b/vcl/source/gdi/outdev.cxx
@@ -233,6 +233,8 @@ void OutputDevice::ImplDrawPolyPolygon( sal_uInt16 nPoly, const PolyPolygon& rPo
return;
sal_uInt32 aStackAry1[OUTDEV_POLYPOLY_STACKBUF];
+ PCONSTSALPOINT aStackAry2[OUTDEV_POLYPOLY_STACKBUF];
+ sal_uInt8* aStackAry3[OUTDEV_POLYPOLY_STACKBUF];
sal_uInt32* pPointAry;
PCONSTSALPOINT* pPointAryAry;
const sal_uInt8** pFlagAryAry;
@@ -246,8 +248,6 @@ void OutputDevice::ImplDrawPolyPolygon( sal_uInt16 nPoly, const PolyPolygon& rPo
}
else
{
- PCONSTSALPOINT aStackAry2[OUTDEV_POLYPOLY_STACKBUF];
- sal_uInt8* aStackAry3[OUTDEV_POLYPOLY_STACKBUF];
pPointAry = aStackAry1;
pPointAryAry = aStackAry2;
pFlagAryAry = (const sal_uInt8**)aStackAry3;
commit f170ca9c91f8092659d6fe5afcf53db7514f224a
Author: Markus Mohrhard <markus.mohrhard at googlemail.com>
Date: Sun Jan 19 17:46:10 2014 +0100
CID#1158216: resource leak
diff --git a/sc/source/core/opencl/opencl_device_selection.h b/sc/source/core/opencl/opencl_device_selection.h
index d6f775a..74d2f1f 100644
--- a/sc/source/core/opencl/opencl_device_selection.h
+++ b/sc/source/core/opencl/opencl_device_selection.h
@@ -363,6 +363,7 @@ inline ds_status readProFile(const char* fileName, char** content, size_t* conte
binary = (char*)malloc(size);
if (binary == NULL)
{
+ fclose(input);
return DS_FILE_ERROR;
}
size_t bytesRead = fread(binary, sizeof(char), size, input);
commit 05d160d4663f2fa4c169cc0c997624ef32805c1b
Author: Markus Mohrhard <markus.mohrhard at googlemail.com>
Date: Sun Jan 19 17:43:06 2014 +0100
CID#1157787: new[]/delete mismatch
diff --git a/sc/source/core/opencl/formulagroupcl.cxx b/sc/source/core/opencl/formulagroupcl.cxx
index d1d601e..cf9847c 100644
--- a/sc/source/core/opencl/formulagroupcl.cxx
+++ b/sc/source/core/opencl/formulagroupcl.cxx
@@ -55,6 +55,7 @@ static const unsigned long __nan[2] = {0xffffffff, 0x7fffffff};
#include <memory>
#include <boost/scoped_ptr.hpp>
+#include <boost/scoped_array.hpp>
#undef NO_FALLBACK_TO_SWINTERP /* undef this for non-TDD runs */
@@ -1098,12 +1099,12 @@ public:
if ( dynamic_cast<OpAverage*>(mpCodeGen.get()))
{
/*average need more reduction kernel for count computing*/
- double *pAllBuffer = new double[2*w];
- double *resbuf = (double*)clEnqueueMapBuffer(kEnv.mpkCmdQueue,
- mpClmem2,
- CL_TRUE, CL_MAP_READ, 0,
- sizeof(double)*w, 0, NULL, NULL,
- &err);
+ boost::scoped_array<double> pAllBuffer(new double[2*w]);
+ double *resbuf = (double*)clEnqueueMapBuffer(kEnv.mpkCmdQueue,
+ mpClmem2,
+ CL_TRUE, CL_MAP_READ, 0,
+ sizeof(double)*w, 0, NULL, NULL,
+ &err);
if (err != CL_SUCCESS)
throw OpenCLError(err, __FILE__, __LINE__);
@@ -1163,10 +1164,9 @@ public:
}
mpClmem2 = clCreateBuffer(kEnv.mpkContext,
(cl_mem_flags) CL_MEM_READ_WRITE|CL_MEM_COPY_HOST_PTR,
- w*sizeof(double)*2, pAllBuffer, &err);
+ w*sizeof(double)*2, pAllBuffer.get(), &err);
if (CL_SUCCESS != err)
throw OpenCLError(err, __FILE__, __LINE__);
- delete pAllBuffer;
}
// set kernel arg
err = clSetKernelArg(k, argno, sizeof(cl_mem), (void*)&(mpClmem2));
commit 5c36882d3a1965f3dcc846f81100b368049a99b0
Author: Markus Mohrhard <markus.mohrhard at googlemail.com>
Date: Sun Jan 19 17:37:35 2014 +0100
CID#1157754: fix memory leak
diff --git a/sc/inc/documentstreamaccess.hxx b/sc/inc/documentstreamaccess.hxx
index 9fa2d78..eda2c8d 100644
--- a/sc/inc/documentstreamaccess.hxx
+++ b/sc/inc/documentstreamaccess.hxx
@@ -11,6 +11,7 @@
#define SC_DOCUMENTSTREAMACCESS_HXX
#include <rtl/ustring.hxx>
+#include <boost/scoped_ptr.hpp>
class ScDocument;
class ScAddress;
@@ -26,7 +27,7 @@ struct DocumentStreamAccessImpl;
*/
class DocumentStreamAccess
{
- DocumentStreamAccessImpl* mpImpl;
+ boost::scoped_ptr<DocumentStreamAccessImpl> mpImpl;
DocumentStreamAccess();
commit d8239d0b03a0225d593f2ac06727975a17515809
Author: Markus Mohrhard <markus.mohrhard at googlemail.com>
Date: Sun Jan 19 17:31:38 2014 +0100
CID#705650: fix memory leak
diff --git a/filter/source/msfilter/msdffimp.cxx b/filter/source/msfilter/msdffimp.cxx
index 1d3e30e..8fb4385 100644
--- a/filter/source/msfilter/msdffimp.cxx
+++ b/filter/source/msfilter/msdffimp.cxx
@@ -5366,7 +5366,10 @@ SdrObject* SvxMSDffManager::ProcessObj(SvStream& rSt,
+ pImpRec->aTextId.nSequence, pObj );
}
else
+ {
delete pImpRec;
+ delete pTextImpRec,
+ }
}
return pObj;
commit d3b60aa648079e29f74e3e0fa1316e4eb3014ad9
Author: Markus Mohrhard <markus.mohrhard at googlemail.com>
Date: Sun Jan 19 17:23:32 2014 +0100
CID#706118: possibly invalid cast
diff --git a/basic/source/classes/sb.cxx b/basic/source/classes/sb.cxx
index 84dac3f..496108d 100644
--- a/basic/source/classes/sb.cxx
+++ b/basic/source/classes/sb.cxx
@@ -1892,9 +1892,11 @@ sal_Bool StarBASIC::LoadData( SvStream& r, sal_uInt16 nVer )
r >> nMod;
for( sal_uInt16 i = 0; i < nMod; i++ )
{
- SbModule* pMod = (SbModule*) SbxBase::Load( r );
+ SbxBase* pBase = SbxBase::Load( r );
+ SbModule* pMod = dynamic_cast<SbModule*>(pBase);
if( !pMod )
{
+ delete pBase;
return sal_False;
}
else if( pMod->ISA(SbJScriptModule) )
More information about the Libreoffice-commits
mailing list