[Libreoffice] [PATCH] possible null-dereferencing found by cppcheck
Tor Lillqvist
tlillqvist at novell.com
Tue Jan 18 02:26:14 PST 2011
> Caolán has fixed the code around in a way to ensure pPV always initialized.
Ah OK. I see that now when I pulled a fresher version.
But unless I am mistaken, now then pArgs might in theory be de-references while NULL?
Consider this code path:
const SfxItemSet* pArgs = rReq.GetArgs();
SFX_REQUEST_ARG (rReq, pHelpLineIndex, SfxUInt32Item, ID_VAL_INDEX, FALSE);
// Assume pHelpLineIndex gets set to non-NULL
if (pHelpLineIndex != NULL)
{
// so pArgs gets set to NULL
pArgs = NULL;
}
if ( !pArgs )
{
// Thus this block is entered
SdAbstractDialogFactory* pFact = SdAbstractDialogFactory::Create();
// Assume pFact gets set to NULL. Clearly that is possible as the code right after bothers to check for it?
AbstractSdSnapLineDlg* pDlg = pFact ? pFact->CreateSdSnapLineDlg( NULL, aNewAttr, mpView ) : 0;
// and thus pDlg is NULL
if( pDlg )
{
// so this block is not entered, which is the only place where pArgs gets
// set to non-NULL.
}
}
// Thus pArgs can be NULL here
aHlpPos.X() = ((const SfxUInt32Item&) pArgs->Get(ATTR_SNAPLINE_X)).GetValue();
aHlpPos.Y() = ((const SfxUInt32Item&) pArgs->Get(ATTR_SNAPLINE_Y)).GetValue();
Or am I missing something...
--tml
More information about the LibreOffice
mailing list