[Libreoffice-commits] core.git: sw/source

Fri, 02 Feb 2018 09:31:17 -0800 

 sw/source/core/bastyp/swcache.cxx |   32 +++++++++++++++++++++++++-------
 1 file changed, 25 insertions(+), 7 deletions(-)

New commits:
commit 269d6d3366eea8541d965181dfdda1fdc5ef2d00
Author: Michael Stahl <mst...@redhat.com>
Date:   Fri Feb 2 15:11:25 2018 +0100

    ofz#5435 sw: fix SwCache::Insert() stale pointers
    
    If SwCache::Insert() happens to delete the object that m_pFirst or
    m_pRealFirst point to, which is unlikely as it means every other object
    is locked, then these pointers must be updated.
    
    This sometimes happens in the bugdoc after scrolling around for some
    time.
    
    Change-Id: I13f04d28c37969469efa4e1109c7f5b751ceba96
    Reviewed-on: https://gerrit.libreoffice.org/49151
    Tested-by: Jenkins <c...@libreoffice.org>
    Reviewed-by: Michael Stahl <mst...@redhat.com>

diff --git a/sw/source/core/bastyp/swcache.cxx 
b/sw/source/core/bastyp/swcache.cxx
index f84c9241c07c..e7ba4d8c702e 100644
--- a/sw/source/core/bastyp/swcache.cxx
+++ b/sw/source/core/bastyp/swcache.cxx
@@ -389,16 +389,34 @@ bool SwCache::Insert( SwCacheObj *pNew )
 
         nPos = pObj->GetCachePos();
         if ( pObj == m_pLast )
-        { OSL_ENSURE( pObj->GetPrev(), "Last but no Prev" );
+        {
             m_pLast = pObj->GetPrev();
-            m_pLast->SetNext( nullptr );
+            assert(m_pLast); // must have capacity > 1
         }
-        else
+        if (pObj == m_pFirst)
         {
-            if ( pObj->GetPrev() )
-                pObj->GetPrev()->SetNext( pObj->GetNext() );
-            if ( pObj->GetNext() )
-                pObj->GetNext()->SetPrev( pObj->GetPrev() );
+            if (pObj->GetNext())
+            {
+                m_pFirst = pObj->GetNext();
+            }
+            else
+            {
+                m_pFirst = pObj->GetPrev();
+            }
+            assert(m_pFirst); // must have capacity > 1
+        }
+        if (pObj == m_pRealFirst)
+        {
+            m_pRealFirst = pObj->GetNext();
+            assert(m_pRealFirst); // must have capacity > 1
+        }
+        if (pObj->GetPrev())
+        {
+            pObj->GetPrev()->SetNext( pObj->GetNext() );
+        }
+        if (pObj->GetNext())
+        {
+            pObj->GetNext()->SetPrev( pObj->GetPrev() );
         }
         delete pObj;
         m_aCacheObjects[nPos] = pNew;
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

Reply via email to