Hi!
This will immediately crash in chart2uno with a null pointer dereference.
Looking at
http://cgit.freedesktop.org/libreoffice/core/commit/?id=db3786ee3aa0d8911042c9bbcea02cf36d96dfa1
I noticed that at least ScTokenPtrMap can contain "key -> 0" pairs:
for ( ChartTokenMap::const_iterator it2 = pCols->begin(); it2 !=
pCols->end(); ++it2 )
{
ScTokenPtrMap* pCol = it2->second;
(*pCol)[nKey] = NULL;
}
but the following change omits the "pToken != 0" condition:
- ScToken* pToken = static_cast<ScToken*>(pCol->First());
+ ScTokenPtrMap* pCol = aColIter->second;
+ ScTokenPtrMap::iterator tokenIter = pCol->begin();
for (SCROW nRow = 0; !bFoundValues && nRow < nSmallestValueRowIndex; ++nRow)
{
- if (pToken && nRow>=nHeaderRowCount)
+ if (tokenIter != pCol->end() && nRow>=nHeaderRowCount)
{
+ ScToken* pToken = tokenIter->second;
Also, this change looks *very* suspiciously:
- pCol = static_cast<Table*>(pCols->First());
- if (pCol)
+ if ( !pCols->empty() )
{
+ nAllRowCount = static_cast<SCSIZE>(pCols->begin()->second->size());
if (mbDummyUpperLeft)
- pCol->Insert(0, NULL); // Dummy fuer Beschriftung
- nAllRowCount = static_cast<SCSIZE>(pCol->Count());
+ (*pCols)[ 0 ] = NULL; // Dummy fuer Beschriftung
}
Maybe someone will find more slips. Oh, those tricky conversions...
HTH,
Ivan
_______________________________________________
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice
