[Libreoffice-commits] core.git: vcl/inc
Stephan Bergmann (via logerrit)
logerrit at kemper.freedesktop.org
Mon May 4 09:55:13 UTC 2020
vcl/inc/graphic/DetectorTools.hxx | 2 --
1 file changed, 2 deletions(-)
New commits:
commit a05ad2aab70de111aa52d856c1f2c1c94313129b
Author: Stephan Bergmann <sbergman at redhat.com>
AuthorDate: Mon May 4 11:10:25 2020 +0200
Commit: Stephan Bergmann <sbergman at redhat.com>
CommitDate: Mon May 4 11:54:16 2020 +0200
Remove what looks like debug printf
...left over presumably accidentally by bb459008de9d410e6e7ea982ce30aa22f70ae849
"vcl: add DetectorTools + tests, refactor array string matching", but which
causes heap-buffer-overflow during CppunitTest_vcl_filters_test when printing an
apparently not null-terminated string, see
<https://ci.libreoffice.org/job/lo_ubsan/1614/>:
> ==12896==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61d0000e5480 at pc 0x000000454f7f bp 0x7fffaff10200 sp 0x7fffaff0f9b0
> READ of size 2049 at 0x61d0000e5480 thread T0
> #0 0x454f7e in printf_common(void*, char const*, __va_list_tag*) /home/tdf/lode/packages/llvm-472c6ef8b0f53061b049039f9775ab127beafbe4.src/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors_format.inc:547
> #1 0x45568b in vprintf /home/tdf/lode/packages/llvm-472c6ef8b0f53061b049039f9775ab127beafbe4.src/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:1631
> #2 0x45575e in printf /home/tdf/lode/packages/llvm-472c6ef8b0f53061b049039f9775ab127beafbe4.src/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:1689
> #3 0x2b0e63a119ca in vcl::checkArrayForMatchingStrings(char const*, int, std::__debug::vector<rtl::OString, std::allocator<rtl::OString> > const&) /vcl/inc/graphic/DetectorTools.hxx:57:9
> #4 0x2b0e63a1ad0a in vcl::GraphicFormatDetector::checkXBM() /vcl/source/filter/GraphicFormatDetector.cxx:426:9
[...]
> 0x61d0000e5480 is located 0 bytes to the right of 2048-byte region [0x61d0000e4c80,0x61d0000e5480)
> allocated by thread T0 here:
> #0 0x4f5648 in operator new[](unsigned long) /home/tdf/lode/packages/llvm-472c6ef8b0f53061b049039f9775ab127beafbe4.src/compiler-rt/lib/asan/asan_new_delete.cc:108
> #1 0x2b0e63a1a839 in vcl::GraphicFormatDetector::checkXBM() /vcl/source/filter/GraphicFormatDetector.cxx:419:42
> #2 0x2b0e639685b8 in ImpPeekGraphicFormat(SvStream&, rtl::OUString&, bool) /vcl/source/filter/graphicfilter.cxx:394:23
> #3 0x2b0e639693b0 in GraphicFilter::ImpTestOrFindFormat(rtl::OUString const&, SvStream&, unsigned short&) /vcl/source/filter/graphicfilter.cxx:455:13
> #4 0x2b0e63970153 in GraphicFilter::ImportGraphic(Graphic&, rtl::OUString const&, SvStream&, unsigned short, unsigned short*, GraphicFilterImportFlags, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const*, WmfExternal const*) /vcl/source/filter/graphicfilter.cxx:1437:19
Change-Id: I8d88a417083c14e4f1a9a78f9e1354390283d83c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/93403
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman at redhat.com>
diff --git a/vcl/inc/graphic/DetectorTools.hxx b/vcl/inc/graphic/DetectorTools.hxx
index b9163de135d9..3847457fcfd8 100644
--- a/vcl/inc/graphic/DetectorTools.hxx
+++ b/vcl/inc/graphic/DetectorTools.hxx
@@ -50,11 +50,9 @@ bool checkArrayForMatchingStrings(const char* pSource, sal_Int32 nSourceSize,
for (OString const& rString : rStrings)
{
sal_Int32 nCurrentSize = nSourceSize - sal_Int32(pCurrent - pBegin);
- printf("Current size %d -> %d\n", nCurrentSize, nSourceSize);
pCurrent = matchArray(pCurrent, nCurrentSize, rString.getStr(), rString.getLength());
if (pCurrent == nullptr)
return false;
- printf("%s\n", pCurrent);
}
return true;
}
More information about the Libreoffice-commits
mailing list