sw/source/ui/fldui/flddb.cxx | 12 +++++++++---
sw/source/ui/fldui/flddinf.cxx | 22 +++++++++++++++++-----
sw/source/ui/fldui/fldref.cxx | 21 ++++++++++++++++++---
3 files changed, 44 insertions(+), 11 deletions(-)
New commits:
commit 5b450e20af175e76e858d205e49b1c1e93644359
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Fri Dec 17 18:46:29 2021 +0100
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Wed Dec 22 13:57:06 2021 +0100
tdf#145062 sw: try to fix UBSan crash in UITest
/sw/source/ui/fldui/fldref.cxx:470:32: runtime error: downcast of address
0x60700065f330 which does not point to an object of type 'SwGetRefField'
0x60700065f330: note: object is of type 'SwInputField'
a8 04 00 78 30 d8 f7 f1 8c 2b 00 00 60 9a d4 4c 8c 2b 00 00 00 b6 57
00 10 61 00 00 00 00 00 00
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'SwInputField'
#0 0x2b917d44b1fc in SwFieldRefPage::UpdateSubType(rtl::OUString
const&) /sw/source/ui/fldui/fldref.cxx:470:32
#1 0x2b917d463aa9 in SwFieldRefPage::TypeHdl(weld::TreeView&)
/sw/source/ui/fldui/fldref.cxx:358:5
#2 0x2b917d45f9e4 in SwFieldRefPage::Reset(SfxItemSet const*)
/sw/source/ui/fldui/fldref.cxx:258:5
#3 0x2b917d436efd in SwFieldPage::EditNewField(bool)
/sw/source/ui/fldui/fldpage.cxx:110:5
#4 0x2b917d48e725 in
SwFieldDlg::ReInitTabPage(std::basic_string_view<char, std::char_traits<char>
>, bool) /sw/source/ui/fldui/fldtdlg.cxx:214:16
#5 0x2b917d48f411 in SwFieldDlg::Activate()
/sw/source/ui/fldui/fldtdlg.cxx:233:9
#9 0x2b8c8ac6f2b8 in Timer::Invoke() /vcl/source/app/timer.cxx:75:21
#16 0x2b8c8abaec67 in Application::Yield()
/vcl/source/app/svapp.cxx:532:5
#17 0x2b8c87842191 in Dialog::Execute()
/vcl/source/window/dialog.cxx:1056:9
#18 0x2b8c8a7bfabd in SalInstanceDialog::run()
/vcl/source/app/salvtables.cxx:1685:23
#19 0x2b917cc6879c in weld::DialogController::run()
/include/vcl/weld.hxx:2516:47
#20 0x2b917cf6e99c in SwFieldInputDlg::run()
/sw/source/uibase/inc/inpdlg.hxx:56:47
Apparently SwFieldPage::Init() is called from SwFieldRefPage::Reset()
and replaces m_pCurField with whatever is at the cursor position now.
This should avoid crashes but it's kind of ugly. Should the dialog
perhaps switch to a different tab page?
Change-Id: I9c46665680090a5f164fd5d594fd3e7b1ab31f48
(cherry picked from commit d73f2e3132786a20794e3ac66f9b487fc737d514)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/127307
Tested-by: Michael Stahl <michael.st...@allotropia.de>
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
diff --git a/sw/source/ui/fldui/flddb.cxx b/sw/source/ui/fldui/flddb.cxx
index 01b9065cd36e..937c2b265c71 100644
--- a/sw/source/ui/fldui/flddb.cxx
+++ b/sw/source/ui/fldui/flddb.cxx
@@ -299,12 +299,18 @@ void SwFieldDBPage::TypeHdl(const weld::TreeView* pBox)
OUString sColumnName;
if (nTypeId == SwFieldTypesEnum::Database)
{
- aData = static_cast<SwDBField*>(GetCurField())->GetDBData();
- sColumnName =
static_cast<SwDBFieldType*>(GetCurField()->GetTyp())->GetColumnName();
+ if (auto const*const pField =
dynamic_cast<SwDBField*>(GetCurField()))
+ {
+ aData = pField->GetDBData();
+ sColumnName =
static_cast<SwDBFieldType*>(GetCurField()->GetTyp())->GetColumnName();
+ }
}
else
{
- aData =
static_cast<SwDBNameInfField*>(GetCurField())->GetDBData(pSh->GetDoc());
+ if (auto *const pField =
dynamic_cast<SwDBNameInfField*>(GetCurField()))
+ {
+ aData = pField->GetDBData(pSh->GetDoc());
+ }
}
m_xDatabaseTLB->Select(aData.sDataSource, aData.sCommand, sColumnName);
}
diff --git a/sw/source/ui/fldui/flddinf.cxx b/sw/source/ui/fldui/flddinf.cxx
index 92d263a6efd1..4fe4d8b41aaa 100644
--- a/sw/source/ui/fldui/flddinf.cxx
+++ b/sw/source/ui/fldui/flddinf.cxx
@@ -99,10 +99,13 @@ void SwFieldDokInfPage::Reset(const SfxItemSet* )
if (IsFieldEdit())
{
const SwField* pCurField = GetCurField();
- nSubType = static_cast<const SwDocInfoField*>(pCurField)->GetSubType()
& 0xff;
+ nSubType = pCurField->GetSubType() & 0xff;
if( nSubType == DI_CUSTOM )
{
- m_sOldCustomFieldName = static_cast<const
SwDocInfoField*>(pCurField)->GetName();
+ if (auto const pField = dynamic_cast<SwDocInfoField
const*>(pCurField))
+ {
+ m_sOldCustomFieldName = pField->GetName();
+ }
}
m_xFormatLB->SetAutomaticLanguage(pCurField->IsAutomaticLanguage());
SwWrtShell *pSh = GetWrtShell();
@@ -311,12 +314,17 @@ IMPL_LINK_NOARG(SwFieldDokInfPage, SubTypeHdl,
weld::TreeView&, void)
bEnable = true;
}
- sal_uInt32 nFormat = IsFieldEdit() ?
static_cast<SwDocInfoField*>(GetCurField())->GetFormat() : 0;
+ sal_uInt32 nFormat = 0;
- sal_uInt16 nOldSubType = IsFieldEdit() ?
(static_cast<SwDocInfoField*>(GetCurField())->GetSubType() & 0xff00) : 0;
+ sal_uInt16 nOldSubType = 0;
if (IsFieldEdit())
{
+ if (auto const pField = dynamic_cast<SwDocInfoField
const*>(GetCurField()))
+ {
+ nFormat = pField->GetFormat();
+ nOldSubType = pField->GetSubType() & 0xff00;
+ }
nPos = m_xSelectionLB->get_selected_index();
if (nPos != -1)
{
@@ -367,10 +375,14 @@ sal_Int32 SwFieldDokInfPage::FillSelectionLB(sal_uInt16
nSubType)
sal_uInt16 nSize = 0;
sal_Int32 nSelPos = -1;
- sal_uInt16 nExtSubType = IsFieldEdit() ?
(static_cast<SwDocInfoField*>(GetCurField())->GetSubType() & 0xff00) : 0;
+ sal_uInt16 nExtSubType = 0;
if (IsFieldEdit())
{
+ if (auto const pField = dynamic_cast<SwDocInfoField
const*>(GetCurField()))
+ {
+ nExtSubType = pField->GetSubType() & 0xff00;
+ }
m_xFixedCB->set_active((nExtSubType & DI_SUB_FIXED) != 0);
nExtSubType = ((nExtSubType & ~DI_SUB_FIXED) >> 8) - 1;
}
diff --git a/sw/source/ui/fldui/fldref.cxx b/sw/source/ui/fldui/fldref.cxx
index 95935b115177..2b29583e7c8a 100644
--- a/sw/source/ui/fldui/fldref.cxx
+++ b/sw/source/ui/fldui/fldref.cxx
@@ -330,9 +330,15 @@ IMPL_LINK_NOARG(SwFieldRefPage, TypeHdl, weld::TreeView&,
void)
break;
case REF_SEQUENCEFLD:
- sName =
static_cast<SwGetRefField*>(GetCurField())->GetSetRefName();
+ {
+ SwGetRefField const*const
pRefField(dynamic_cast<SwGetRefField*>(GetCurField()));
+ if (pRefField)
+ {
+ sName = pRefField->GetSetRefName();
+ }
nFlag = REFFLDFLAG;
break;
+ }
}
if (m_xTypeLB->find_text(sName) == -1) // reference to deleted
mark
@@ -468,9 +474,14 @@ void SwFieldRefPage::UpdateSubType(const OUString&
filterString)
SwWrtShell *pSh = GetWrtShell();
if(!pSh)
pSh = ::GetActiveWrtShell();
- SwGetRefField* pRefField = static_cast<SwGetRefField*>(GetCurField());
+ SwGetRefField const*const
pRefField(dynamic_cast<SwGetRefField*>(GetCurField()));
const sal_uInt16 nTypeId = m_xTypeLB->get_id(GetTypeSel()).toUInt32();
+ if (!pRefField)
+ {
+ return;
+ }
+
OUString sOldSel;
// #i83479#
if ( m_xSelectionLB->get_visible() )
@@ -950,7 +961,11 @@ bool SwFieldRefPage::FillItemSet(SfxItemSet* )
}
}
- SwGetRefField* pRefField = static_cast<SwGetRefField*>(GetCurField());
+ SwGetRefField const*const
pRefField(dynamic_cast<SwGetRefField*>(GetCurField()));
+ if (!pRefField)
+ {
+ return false;
+ }
if (REFFLDFLAG & nTypeId)
{
