[Libreoffice] Question about Possible null pointer dereference in SpellDialog.cxx (cui one)
ooo at erack.de
Tue Oct 18 16:42:42 PDT 2011
On Friday, 2011-09-16 16:29:57 -0700, julien2412 wrote:
> cppcheck detected this on core/cui/source/dialogs/SpellDialog.cxx
> 1534 nullPointer error Possible null pointer dereference: pNewError
> 1538 nullPointer error Possible null pointer dereference: pNewError
> 1555 nullPointer error Possible null pointer dereference: pNewError
> 1559 nullPointer error Possible null pointer dereference: pNewError
> 1570 nullPointer error Possible null pointer dereference: pNewBack
> 1595 nullPointer error Possible null pointer dereference: pNewError
> 1751 nullPointer error Possible null pointer dereference: pNewBackground
> I tried to understand with the first one :
> 1530 TextAttrib* pNewError = NULL;
> sal_uInt16 nStart = pErrorAttrLeft->GetStart();
> sal_uInt16 nEnd = pErrorAttrLeft->GetEnd();
> pTextEngine->RemoveAttrib( 0, *pErrorAttrLeft );
> 1534 SetAttrib( *pNewError, 0, nStart, ++nEnd );
> I found that before the commit d54c3ad1518e32938117c7e529dda375d4110888,
> most (all?) of these variables were initialized. For example like this :
> TextAttrib* pNewError = pErrorAttrib->GetAttr().Clone();
> I supposed there was certainly a good reason, but I don't know how can it
> works now. Of course, I wouldn't have noticed this without cppcheck report.
doesn't look correct, especially with the commit message
"callcatcher: replace Clone() by NULL" it doesn't make sense. I doubt
callcatcher placed this into unused code.
The pointer is dereferenced and the object accessed under SetAttrib().
I reverted the commit.
Thanks for catching.
PGP/OpenPGP/GnuPG encrypted mail preferred in all private communication.
Key ID: 0x293C05FD - 997A 4C60 CE41 0149 0DB3 9E96 2F1A D073 293C 05FD
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 198 bytes
Desc: Digital signature
More information about the LibreOffice