[Libreoffice-commits] core.git: basic/source

Julien Nabet serval2412 at yahoo.fr
Sun Apr 10 08:18:21 UTC 2016


 basic/source/runtime/methods.cxx |    2 +-
 basic/source/sbx/sbxscan.cxx     |    2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

New commits:
commit 43109b751bf5fd36318de56b2fb686acc724673f
Author: Julien Nabet <serval2412 at yahoo.fr>
Date:   Sun Apr 10 09:41:56 2016 +0200

    tdf#99089: avoid some crashes in Basic
    
    First stacktrace:
    
    soffice.bin: /home/julien/compile-libreoffice/libreoffice/include/rtl/ustring.hxx:577:
    sal_Unicode rtl::OUString::operator[](sal_Int32) const:
    Assertion `index >= 0 && static_cast<sal_uInt32>(index) < static_cast<sal_uInt32>(getLength())' failed.
    ...
    3  0x00002aaaab327452 in __GI___assert_fail (assertion=0x2aaaaeea62a8 "index >= 0 && static_cast<sal_uInt32>(index) < static_cast<sal_uInt32>(getLength())", file=0x2aaaaeea6260 "/home/julien/compile-libreoffice/libreoffice/include/rtl/ustring.hxx", line=577, function=0x2aaaaeea6860 <rtl::OUString::operator[](int) const::__PRETTY_FUNCTION__> "sal_Unicode rtl::OUString::operator[](sal_Int32) const") at assert.c:101
    4  0x00002aaaaed91e89 in rtl::OUString::operator[](int) const (this=0x7fffffff2770, index=0) at /home/julien/compile-libreoffice/libreoffice/include/rtl/ustring.hxx:577
    5  0x00002aaaaee1c66f in SbRtl_Val(StarBASIC*, SbxArray&, bool) (pBasic=0xa2a7ec0, rPar=..., bWrite=false)
        at /home/julien/compile-libreoffice/libreoffice/basic/source/runtime/methods.cxx:1792
    
    Second stacktrace:
    
    0x00002aaaaee6054d in printfmtstr (rStr="", rRes="", rFmt="\£0.##") at /home/julien/compile-libreoffice/libreoffice/basic/source/sbx/sbxscan.cxx:534
    534             while( *pFmt != '\' );
    (gdb) bt
    0  0x00002aaaaee6054d in printfmtstr(rtl::OUString const&, rtl::OUString&, rtl::OUString const&) (rStr="", rRes="", rFmt="\£0.##")
        at /home/julien/compile-libreoffice/libreoffice/basic/source/sbx/sbxscan.cxx:534
    1  0x00002aaaaee617ce in SbxValue::Format(rtl::OUString&, rtl::OUString const*) const (this=0xb12dd60, rRes="", pFmt=0x7fffffff20e0)
        at /home/julien/compile-libreoffice/libreoffice/basic/source/sbx/sbxscan.cxx:883
    2  0x00002aaaaee217af in SbRtl_Format(StarBASIC*, SbxArray&, bool) (pBasic=0xa2cffa0, rPar=..., bWrite=false)
        at /home/julien/compile-libreoffice/libreoffice/basic/source/runtime/methods.cxx:3519
    
    Change-Id: I1798a1545ce08efa9d6fc39f4696195f9dc96c67
    Reviewed-on: https://gerrit.libreoffice.org/23956
    Tested-by: Jenkins <ci at libreoffice.org>
    Reviewed-by: Julien Nabet <serval2412 at yahoo.fr>

diff --git a/basic/source/runtime/methods.cxx b/basic/source/runtime/methods.cxx
index 6e83e1c..49f277f 100644
--- a/basic/source/runtime/methods.cxx
+++ b/basic/source/runtime/methods.cxx
@@ -1789,7 +1789,7 @@ RTLFUNC(Val)
         OUString aStr( rPar.Get(1)->GetOUString() );
 
         FilterWhiteSpace( aStr );
-        if ( aStr[0] == '&' && aStr.getLength() > 1 )
+        if ( aStr.getLength() > 1 && aStr[0] == '&' )
         {
             int nRadix = 10;
             char aChar = (char)aStr[1];
diff --git a/basic/source/sbx/sbxscan.cxx b/basic/source/sbx/sbxscan.cxx
index f108946..e0c8559 100644
--- a/basic/source/sbx/sbxscan.cxx
+++ b/basic/source/sbx/sbxscan.cxx
@@ -531,7 +531,7 @@ static sal_uInt16 printfmtstr( const OUString& rStr, OUString& rRes, const OUStr
             aTemp.append( *pStr ? *pStr++ : static_cast< sal_Unicode >(' '));
             pFmt++;
         }
-        while( *pFmt != '\\' );
+        while( pFmt && *pFmt != '\\' );
         aTemp.append(*pStr ? *pStr++ : static_cast< sal_Unicode >(' '));
         pFmt++; break;
     case '&':


More information about the Libreoffice-commits mailing list