cppu/source/uno/sequence.cxx | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
New commits:
commit 822b221b3d32b3526e6cc61021ad250902342bbf
Author: Stephan Bergmann <stephan.bergm...@allotropia.de>
AuthorDate: Fri Feb 23 11:41:54 2024 +0100
Commit: Stephan Bergmann <stephan.bergm...@allotropia.de>
CommitDate: Fri Feb 23 15:54:27 2024 +0100
Abort if type information is missing when creating sequences
When the typelib_TypeDescription is null, the following code would
dereference a
null pointer anyway (but which doesn't necessarily cause an immediate crash
on
some platforms like Wasm, so better be explicit). (Also, leave those
checks out
of functions like uno_type_sequence_realloc, which would have been preceded
by a
call to one of the functions creating a sequence of the given type, and
which
would thus already have detected failure to obtain the relevant type
information.)
Change-Id: I36193ea837edeca451fd09a866623cf40d3cdb4d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/163813
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <stephan.bergm...@allotropia.de>
diff --git a/cppu/source/uno/sequence.cxx b/cppu/source/uno/sequence.cxx
index c467f2c38704..2d8b1da19f84 100644
--- a/cppu/source/uno/sequence.cxx
+++ b/cppu/source/uno/sequence.cxx
@@ -20,6 +20,7 @@
#include <sal/config.h>
#include <cassert>
+#include <cstdlib>
#include <string.h>
#include <osl/diagnose.h>
@@ -227,6 +228,9 @@ static bool idefaultConstructElements(
{
typelib_TypeDescription * pElementTypeDescr = nullptr;
TYPELIB_DANGER_GET( &pElementTypeDescr, pElementType );
+ if (pElementTypeDescr == nullptr) {
+ std::abort();
+ }
sal_Int32 eEnum =
reinterpret_cast<typelib_EnumTypeDescription *>(
pElementTypeDescr)->nDefaultEnumValue;
@@ -245,6 +249,9 @@ static bool idefaultConstructElements(
{
typelib_TypeDescription * pElementTypeDescr = nullptr;
TYPELIB_DANGER_GET( &pElementTypeDescr, pElementType );
+ if (pElementTypeDescr == nullptr) {
+ std::abort();
+ }
sal_Int32 nElementSize = pElementTypeDescr->nSize;
if (nAlloc >= 0)
@@ -471,6 +478,9 @@ static bool icopyConstructFromElements(
{
typelib_TypeDescription * pElementTypeDescr = nullptr;
TYPELIB_DANGER_GET( &pElementTypeDescr, pElementType );
+ if (pElementTypeDescr == nullptr) {
+ std::abort();
+ }
sal_Int32 nElementSize = pElementTypeDescr->nSize;
pSeq = reallocSeq( pSeq, nElementSize, nAlloc );
@@ -522,6 +532,9 @@ static bool icopyConstructFromElements(
{
typelib_TypeDescription * pElementTypeDescr = nullptr;
TYPELIB_DANGER_GET( &pElementTypeDescr, pElementType );
+ if (pElementTypeDescr == nullptr) {
+ std::abort();
+ }
typelib_TypeDescriptionReference * pSeqElementType =
reinterpret_cast<typelib_IndirectTypeDescription
*>(pElementTypeDescr)->pType;
uno_Sequence ** pDestElements = reinterpret_cast<uno_Sequence
**>(pSeq->elements);
@@ -664,6 +677,9 @@ sal_Bool SAL_CALL uno_type_sequence_construct(
{
typelib_TypeDescription * pTypeDescr = nullptr;
TYPELIB_DANGER_GET( &pTypeDescr, pType );
+ if (pTypeDescr == nullptr) {
+ std::abort();
+ }
typelib_TypeDescriptionReference * pElementType =
reinterpret_cast<typelib_IndirectTypeDescription
*>(pTypeDescr)->pType;
