| commit | e095af113f72e53b984c2862e9ff0e9bf1da3e4a | |
| author | Michael Meeks <michael.meeks@collabora.com> | |
| Sat, 8 Jun 2024 13:38:34 +0000 (8 14:38 +0100) | ||
| committer | Andras Timar <andras.timar@collabora.com> | |
| Mon, 10 Jun 2024 15:01:53 +0000 (10 17:01 +0200) | ||
| tree | e9a268c8ade518d5630305085193ade5b7fa36b5 | treesnapshot (tar.gz zip) |
| parent | 3e88fa3cffe7eb5008f9fe7ff8fc9cbf15ce2b97 | commitdiff |
Avoid potential negative array index access to cached text.
if ((nIndex != 0 || nLen != text.getLength()) && !skipGlyphSubsets)
seems unlikely to protect us from this:
/opt/rh/devtoolset-12/root/usr/include/c++/12/string_view:239: constexpr const std::basic_string_view<_CharT, _Traits>::value_type& std::basic_string_view<_CharT, _Traits>::operator[](size_type) const [with _CharT = char16_t; _Traits = std::char_traits<char16_t>; const_reference = const char16_t&; size_type = long unsigned int]: Assertion '__pos < this->_M_len' failed.
coolwsd[16958] ... SIG Fatal signal received: SIGABRT code: 18446744073709551610 for address: 0x7300004e16
SalLayoutGlyphsCache::GetLayoutGlyphs(VclPtr<OutputDevice const>, rtl::OUString const&, int, int, long, vcl::text::TextLayoutCache const*)
/home/collabora/jenkins/workspace/build_core_co-24.04_for_online_snapshot/vcl/source/gdi/impglyphitem.cxx:399
GetTextArray(OutputDevice const&, rtl::OUString const&, KernArray&, int, int, bool, vcl::text::TextLayoutCache const*)
/home/collabora/jenkins/workspace/build_core_co-24.04_for_online_snapshot/include/rtl/ref.hxx:128
SwFntObj::GetTextSize(SwDrawTextInfo&)
/home/collabora/jenkins/workspace/build_core_co-24.04_for_online_snapshot/sw/source/core/txtnode/fntcache.cxx:766
SwSubFont::GetTextSize_(SwDrawTextInfo&)
/home/collabora/jenkins/workspace/build_core_co-24.04_for_online_snapshot/sw/source/core/txtnode/swfont.cxx:1022
SwTextSizeInfo::GetTextSize() const
/home/collabora/jenkins/workspace/build_core_co-24.04_for_online_snapshot/sw/source/core/inc/swfont.hxx:314
blind fix - but seeing a lot of these.
Change-Id: Icb6ca25e4b8c6ef8a5e5b89dfa01b56bb788378d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/168575
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
if ((nIndex != 0 || nLen != text.getLength()) && !skipGlyphSubsets)
seems unlikely to protect us from this:
/opt/rh/devtoolset-12/root/usr/include/c++/12/string_view:239: constexpr const std::basic_string_view<_CharT, _Traits>::value_type& std::basic_string_view<_CharT, _Traits>::operator[](size_type) const [with _CharT = char16_t; _Traits = std::char_traits<char16_t>; const_reference = const char16_t&; size_type = long unsigned int]: Assertion '__pos < this->_M_len' failed.
coolwsd[16958] ... SIG Fatal signal received: SIGABRT code: 18446744073709551610 for address: 0x7300004e16
SalLayoutGlyphsCache::GetLayoutGlyphs(VclPtr<OutputDevice const>, rtl::OUString const&, int, int, long, vcl::text::TextLayoutCache const*)
/home/collabora/jenkins/workspace/build_core_co-24.04_for_online_snapshot/vcl/source/gdi/impglyphitem.cxx:399
GetTextArray(OutputDevice const&, rtl::OUString const&, KernArray&, int, int, bool, vcl::text::TextLayoutCache const*)
/home/collabora/jenkins/workspace/build_core_co-24.04_for_online_snapshot/include/rtl/ref.hxx:128
SwFntObj::GetTextSize(SwDrawTextInfo&)
/home/collabora/jenkins/workspace/build_core_co-24.04_for_online_snapshot/sw/source/core/txtnode/fntcache.cxx:766
SwSubFont::GetTextSize_(SwDrawTextInfo&)
/home/collabora/jenkins/workspace/build_core_co-24.04_for_online_snapshot/sw/source/core/txtnode/swfont.cxx:1022
SwTextSizeInfo::GetTextSize() const
/home/collabora/jenkins/workspace/build_core_co-24.04_for_online_snapshot/sw/source/core/inc/swfont.hxx:314
blind fix - but seeing a lot of these.
Change-Id: Icb6ca25e4b8c6ef8a5e5b89dfa01b56bb788378d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/168575
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
| vcl/source/gdi/impglyphitem.cxx | diffblobblamehistory |