[Libreoffice] [REVIEW] Fix for fdo#37520
Jonathan Aquilina
eagles051387 at gmail.com
Tue May 24 22:01:49 PDT 2011
On 24/05/2011 22:03, Kohei Yoshida wrote:
> The attached patch fixes the crasher reported in
>
> https://bugs.freedesktop.org/show_bug.cgi?id=37520
>
> The crash occurs in ScRangeList::Join() where the array size is cached
> prior to the for loop, but array may shrink during the loop, in which
> case an out-of-bound array access may occur which in turn results in a
> crash. I'm actually surprised that this didn't cause a crash on
> Linux.
>
Kohei in this case wouldnt it be better to use a linked list instead of
an array since a link list can easily adjust to size instead of an array
which is of a static size?
> Anyhow, the solution is to always dynamically check the size of the
> array via size() method in each iteration, instead of caching it for
> all iterations.
>
> Review appreciated. I'd like this to go into the -3-4-0 branch. So I
> need three sign-off's.
>
> Kohei
>
>
> _______________________________________________
> LibreOffice mailing list
> LibreOffice at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/libreoffice
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/libreoffice/attachments/20110525/084c6bb3/attachment.html>
More information about the LibreOffice
mailing list