comphelper/source/streaming/seqoutputstreamserv.cxx | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
New commits:
commit 512e8c5ebb8cc398ae3ca316de70f008b9646011
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Thu Jan 20 12:48:50 2022 +0100
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Fri Jan 21 18:24:12 2022 +0100
comphelper: fix UAF in SequenceOutputStreamService dtor
Change-Id: I91f77ee9ab4d509ebee3d04f94a3c63986de0ef1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/128657
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 03e8e1a408eef3c8acc5545416eda9d0938e21f7)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/128669
Reviewed-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
diff --git a/comphelper/source/streaming/seqoutputstreamserv.cxx
b/comphelper/source/streaming/seqoutputstreamserv.cxx
index 84900014aad4..a9a0ae8f5a98 100644
--- a/comphelper/source/streaming/seqoutputstreamserv.cxx
+++ b/comphelper/source/streaming/seqoutputstreamserv.cxx
@@ -63,8 +63,9 @@ private:
std::mutex m_aMutex;
- uno::Reference< io::XOutputStream > m_xOutputStream;
+ // WARNING: dtor of m_xOutputStream writes into m_aSequence so that must
live longer!
uno::Sequence< ::sal_Int8 > m_aSequence;
+ uno::Reference< io::XOutputStream > m_xOutputStream;
};
SequenceOutputStreamService::SequenceOutputStreamService()
{
