[PATCH libreoffice-3-6] fdo#39135: Prevent integer overflow & update the character d...
Kohei Yoshida (via Code Review)
gerrit at gerrit.libreoffice.org
Tue Feb 5 12:27:52 PST 2013
Hi,
I have submitted a patch for review:
https://gerrit.libreoffice.org/2008
To pull it, you can do:
git pull ssh://gerrit.libreoffice.org:29418/core refs/changes/08/2008/1
fdo#39135: Prevent integer overflow & update the character during loop.
These two errors in the code contributed to the reported bug. Let's
fix them.
Change-Id: If82a1bd4d1e27145b48e722b30388cc9dc4a8a6e
---
M sc/source/core/tool/reffind.cxx
1 file changed, 5 insertions(+), 0 deletions(-)
diff --git a/sc/source/core/tool/reffind.cxx b/sc/source/core/tool/reffind.cxx
index 660bab0..c8e1722 100644
--- a/sc/source/core/tool/reffind.cxx
+++ b/sc/source/core/tool/reffind.cxx
@@ -169,15 +169,20 @@
if (c == '\'')
break;
}
+ if (rStartPos == 0)
+ break;
}
else if (c == ']')
{
// Skip until the opening braket.
for (--rStartPos; rStartPos > 0; --rStartPos)
{
+ c = p[rStartPos];
if (c == '[')
break;
}
+ if (rStartPos == 0)
+ break;
}
else if (!IsText(c))
{
--
To view, visit https://gerrit.libreoffice.org/2008
To unsubscribe, visit https://gerrit.libreoffice.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: If82a1bd4d1e27145b48e722b30388cc9dc4a8a6e
Gerrit-PatchSet: 1
Gerrit-Project: core
Gerrit-Branch: libreoffice-3-6
Gerrit-Owner: Kohei Yoshida <kohei.yoshida at gmail.com>
More information about the LibreOffice
mailing list