[Libreoffice-commits] core.git: sw/source

Sun, 07 Jan 2018 12:11:00 -0800 

 sw/source/filter/html/htmltab.cxx |   64 +++++++++++++++++++-------------------
 sw/source/filter/html/swhtml.hxx  |    2 +
 2 files changed, 35 insertions(+), 31 deletions(-)

New commits:
commit 6d05e0945054459ed04d50ae16731f933be48664
Author: Caolán McNamara <caol...@redhat.com>
Date:   Sun Jan 7 15:21:28 2018 +0000

    ofz#5007 Null-dereference READ
    
    Change-Id: I830483071ce481fd14b0d1227c90e492e125f35e
    Reviewed-on: https://gerrit.libreoffice.org/47537
    Reviewed-by: Caolán McNamara <caol...@redhat.com>
    Tested-by: Caolán McNamara <caol...@redhat.com>

diff --git a/sw/source/filter/html/htmltab.cxx 
b/sw/source/filter/html/htmltab.cxx
index 59cc59c64e5f..1f44e0bd138c 100644
--- a/sw/source/filter/html/htmltab.cxx
+++ b/sw/source/filter/html/htmltab.cxx
@@ -5042,6 +5042,37 @@ namespace
     };
 }
 
+void SwHTMLParser::DeleteSection(SwStartNode* pSttNd)
+{
+    //if section to be deleted contains a pending m_pMarquee, it will be 
deleted
+    //so clear m_pMarquee pointer if that's the case
+    SwFrameFormat* pObjectFormat = m_pMarquee ? ::FindFrameFormat(m_pMarquee) 
: nullptr;
+    FrameDeleteWatch aWatch(pObjectFormat);
+
+    //similarly for footnotes
+    if (m_pFootEndNoteImpl)
+    {
+        SwNodeIndex aSttIdx(*pSttNd), aEndIdx(*pSttNd->EndOfSectionNode());
+        
m_pFootEndNoteImpl->aTextFootnotes.erase(std::remove_if(m_pFootEndNoteImpl->aTextFootnotes.begin(),
+            m_pFootEndNoteImpl->aTextFootnotes.end(), IndexInRange(aSttIdx, 
aEndIdx)), m_pFootEndNoteImpl->aTextFootnotes.end());
+        if (m_pFootEndNoteImpl->aTextFootnotes.empty())
+        {
+            delete m_pFootEndNoteImpl;
+            m_pFootEndNoteImpl = nullptr;
+        }
+    }
+
+    m_xDoc->getIDocumentContentOperations().DeleteSection(pSttNd);
+
+    if (pObjectFormat)
+    {
+        if (aWatch.WasDeleted())
+            m_pMarquee = nullptr;
+        else
+            pObjectFormat->Remove(&aWatch);
+    }
+}
+
 std::shared_ptr<HTMLTable> SwHTMLParser::BuildTable(SvxAdjust eParentAdjust,
                                                     bool bIsParentHead,
                                                     bool bHasParentSection,
@@ -5256,7 +5287,7 @@ std::shared_ptr<HTMLTable> 
SwHTMLParser::BuildTable(SvxAdjust eParentAdjust,
                 // The section isn't needed anymore
                 m_pPam->SetMark();
                 m_pPam->DeleteMark();
-                m_xDoc->getIDocumentContentOperations().DeleteSection( 
const_cast<SwStartNode *>(pCapStNd) );
+                DeleteSection(const_cast<SwStartNode*>(pCapStNd));
                 m_xTable->SetCaption( nullptr, false );
             }
 
@@ -5305,37 +5336,8 @@ std::shared_ptr<HTMLTable> 
SwHTMLParser::BuildTable(SvxAdjust eParentAdjust,
         {
             m_pPam->SetMark();
             m_pPam->DeleteMark();
-
-            SwStartNode* pSttNd = const_cast<SwStartNode*>(pCapStNd);
-
-            //if section to be deleted contains a pending m_pMarquee, it will 
be deleted
-            //so clear m_pMarquee pointer if that's the case
-            SwFrameFormat* pObjectFormat = m_pMarquee ? 
::FindFrameFormat(m_pMarquee) : nullptr;
-            FrameDeleteWatch aWatch(pObjectFormat);
-
-            //similarly for footnotes
-            if (m_pFootEndNoteImpl)
-            {
-                SwNodeIndex aSttIdx(*pSttNd), 
aEndIdx(*pSttNd->EndOfSectionNode());
-                
m_pFootEndNoteImpl->aTextFootnotes.erase(std::remove_if(m_pFootEndNoteImpl->aTextFootnotes.begin(),
-                    m_pFootEndNoteImpl->aTextFootnotes.end(), 
IndexInRange(aSttIdx, aEndIdx)), m_pFootEndNoteImpl->aTextFootnotes.end());
-                if (m_pFootEndNoteImpl->aTextFootnotes.empty())
-                {
-                    delete m_pFootEndNoteImpl;
-                    m_pFootEndNoteImpl = nullptr;
-                }
-            }
-
-            m_xDoc->getIDocumentContentOperations().DeleteSection(pSttNd);
+            DeleteSection(const_cast<SwStartNode*>(pCapStNd));
             xCurTable->SetCaption( nullptr, false );
-
-            if (pObjectFormat)
-            {
-                if (aWatch.WasDeleted())
-                    m_pMarquee = nullptr;
-                else
-                    pObjectFormat->Remove(&aWatch);
-            }
         }
     }
 
diff --git a/sw/source/filter/html/swhtml.hxx b/sw/source/filter/html/swhtml.hxx
index 92d090bcddc9..e16394053623 100644
--- a/sw/source/filter/html/swhtml.hxx
+++ b/sw/source/filter/html/swhtml.hxx
@@ -661,6 +661,8 @@ class SwHTMLParser : public SfxHTMLParser, public SwClient
     // tags realized via character styles
     void NewCharFormat( HtmlTokenId nToken );
 
+    void DeleteSection(SwStartNode* pSttNd);
+
     // <SDFIELD>
 public:
     static SvxNumType GetNumType( const OUString& rStr, SvxNumType eDfltType );

_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

Reply via email to