[Libreoffice-commits] core.git: hwpfilter/source
Caolán McNamara (via logerrit)
logerrit at kemper.freedesktop.org
Sat Nov 2 17:30:20 UTC 2019
hwpfilter/source/hwpread.cxx | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
New commits:
commit da90b1d02f603b1dcdfc7a4d2ef33fc966f6893a
Author: Caolán McNamara <caolanm at redhat.com>
AuthorDate: Sat Nov 2 15:05:26 2019 +0000
Commit: Caolán McNamara <caolanm at redhat.com>
CommitDate: Sat Nov 2 18:29:21 2019 +0100
cid#1455209 Wrapper object use after free
Change-Id: I5883d2d954d62301c8d6ca47ceedd6401aee1dc6
Reviewed-on: https://gerrit.libreoffice.org/81935
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
diff --git a/hwpfilter/source/hwpread.cxx b/hwpfilter/source/hwpread.cxx
index d03f1226aab9..12f29a38925e 100644
--- a/hwpfilter/source/hwpread.cxx
+++ b/hwpfilter/source/hwpread.cxx
@@ -371,17 +371,17 @@ namespace
{
private:
HIODev* m_pOldMem;
- HIODev* m_pNewMem;
+ std::unique_ptr<HMemIODev> m_xNewMem;
public:
- ChangeMemGuard(HMemIODev* pNewMem)
+ ChangeMemGuard(unsigned char* data, size_t nLen)
: m_pOldMem(hmem)
- , m_pNewMem(pNewMem)
+ , m_xNewMem(std::make_unique<HMemIODev>(reinterpret_cast<char*>(data), nLen))
{
- hmem = m_pNewMem;
+ hmem = m_xNewMem.get();
}
~ChangeMemGuard()
{
- assert(hmem == m_pNewMem);
+ assert(hmem == m_xNewMem.get());
hmem = m_pOldMem;
}
};
@@ -489,12 +489,10 @@ bool Picture::Read(HWPFile & hwpf)
if (pictype == PICTYPE_DRAW)
{
- auto xNewMem(std::make_unique<HMemIODev>(reinterpret_cast<char*>(follow.data()), follow_block_size));
- auto xGuard(std::make_unique<ChangeMemGuard>(xNewMem.get()));
+ auto xGuard(std::make_unique<ChangeMemGuard>(follow.data(), follow_block_size));
LoadDrawingObjectBlock(this);
style.cell = picinfo.picdraw.hdo;
xGuard.reset();
- xNewMem.reset();
}
else if (follow_block_size >= 4)
{
More information about the Libreoffice-commits
mailing list