svx/source/gallery2/galbrws1.cxx | 18 +++++++++++-------
1 file changed, 11 insertions(+), 7 deletions(-)
New commits:
commit 55dfd235c44f9ba8b545496f94017bd553af826f
Author: Xisco Fauli <xiscofa...@libreoffice.org>
AuthorDate: Sat Sep 7 17:59:26 2024 +0200
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Sun Sep 8 21:35:28 2024 +0200
svx: fix Dereference before null check
Seen in
https://crashreport.libreoffice.org/stats/signature/GalleryBrowser1::FillThemeEntries()
Regression from
commit 09c6204b6309321aa25c542f918fde9f5f3f7fe2
Author: Oliver Specht <oliver.spe...@cib.de>
Date: Thu Feb 29 17:15:23 2024 +0100
tdf#81880 Search the Gallery
Change-Id: I4c19920b5f7a56fff37587cd1acf579f3a96ae4c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/172997
Tested-by: Jenkins
Tested-by: Caolán McNamara <caolan.mcnam...@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
Signed-off-by: Xisco Fauli <xiscofa...@libreoffice.org>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/173028
Signed-off-by: Xisco Fauli <xiscofa...@libreoffice.org>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/173032
diff --git a/svx/source/gallery2/galbrws1.cxx b/svx/source/gallery2/galbrws1.cxx
index 553055daa706..4b961203e887 100644
--- a/svx/source/gallery2/galbrws1.cxx
+++ b/svx/source/gallery2/galbrws1.cxx
@@ -1497,17 +1497,19 @@ void GalleryBrowser1::FillThemeEntries()
const GalleryThemeEntry* pThemeInfo = mpGallery->GetThemeInfo( i );
OUString aThemeName = pThemeInfo->GetThemeName();
//sal_uInt32 nId = pThemeInfo->GetId();
- GalleryTheme* pTheme = mpGallery->AcquireTheme(aThemeName,
maLocalListner);
- sal_uInt32 nObjectCount = pTheme->GetObjectCount();
- for (size_t nObject = 0; nObject < nObjectCount; ++nObject)
+ if (GalleryTheme* pTheme = mpGallery->AcquireTheme(aThemeName,
maLocalListner))
{
- if (std::unique_ptr<SgaObject> xSgaObject =
pTheme->AcquireObject(nObject))
+ sal_uInt32 nObjectCount = pTheme->GetObjectCount();
+ for (size_t nObject = 0; nObject < nObjectCount; ++nObject)
{
- OUString aTitle = GetItemText(*xSgaObject,
GalleryItemFlags::Title);
- maAllThemeEntries.push_back(ThemeEntry(aThemeName, aTitle,
nObject));
+ if (std::unique_ptr<SgaObject> xSgaObject =
pTheme->AcquireObject(nObject))
+ {
+ OUString aTitle = GetItemText(*xSgaObject,
GalleryItemFlags::Title);
+ maAllThemeEntries.push_back(ThemeEntry(aThemeName,
aTitle, nObject));
+ }
}
+ mpGallery->ReleaseTheme(pTheme, maLocalListner);
}
- mpGallery->ReleaseTheme(pTheme, maLocalListner);
}
maFoundThemeEntries.assign(maAllThemeEntries.begin(),
maAllThemeEntries.end());
}
commit 9b16eb9b44214852709f32c849ce415bc1f71e1d
Author: Mike Kaganski <mike.kagan...@collabora.com>
AuthorDate: Sun Aug 25 22:26:45 2024 +0200
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Sun Sep 8 21:35:15 2024 +0200
tdf#162593: blind crash fix
The stack trace was:
Thread 1 "soffice.bin" received signal SIGSEGV, Segmentation fault.
0x00007ffff32175ee in rtl::OUString::OUString (this=0x7fffffffaac0,
str=...) at /home/cono/git/lo/libreoffice/include/rtl/ustring.hxx:197
197 pData = str.pData;
#0 0x00007ffff32175ee in rtl::OUString::OUString(rtl::OUString const&)
(this=0x7fffffffaac0, str=...) at
/home/cono/git/lo/libreoffice/include/rtl/ustring.hxx:197
#1 0x00007ffff3521e4f in GalleryBrowser1::GetItemText(SgaObject const&,
GalleryItemFlags) (rObj=..., nItemTextFlags=GalleryItemFlags::Title) at
/home/cono/git/lo/libreoffice/svx/source/gallery2/galbrws1.cxx:1412
#2 0x00007ffff352265d in GalleryBrowser1::FillThemeEntries()
(this=0x55555c0c9240) at
/home/cono/git/lo/libreoffice/svx/source/gallery2/galbrws1.cxx:1505
#3 0x00007ffff351a602 in GalleryBrowser1::GalleryBrowser1(weld::Builder&,
Gallery*) (this=0x55555c0c9240, rBuilder=..., pGallery=0x55555c0a4aa0) at
/home/cono/git/lo/libreoffice/svx/source/gallery2/galbrws1.cxx:196
#4 0x00007ffff354c291 in
svx::sidebar::GalleryControl::GalleryControl(weld::Widget*)
(this=0x55555c04e470, pParent=0x55555be85558) at
/home/cono/git/lo/libreoffice/svx/source/gallery2/GalleryControl.cxx:32
#5 0x00007ffff45c72ea in std::make_unique<svx::sidebar::GalleryControl,
weld::Widget*&>(weld::Widget*&) () at /usr/include/c++/12/bits/unique_ptr.h:1065
#6 0x00007ffff45c5f7a in (anonymous
namespace)::PanelFactory::createUIElement(rtl::OUString const&,
com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&)
(this=0x55555c0494e0, rsResourceURL=..., rArguments=...) at
/home/cono/git/lo/libreoffice/svx/source/sidebar/PanelFactory.cxx:180
#7 0x00007ffff6412417 in (anonymous
namespace)::UIElementFactoryManager::createUIElement(rtl::OUString const&,
com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&)
(this=0x5555564db3e0, ResourceURL=..., Args=...) at
/home/cono/git/lo/libreoffice/framework/source/uifactory/uielementfactorymanager.cxx:440
#8 0x00007ffff5593a35 in
sfx2::sidebar::SidebarController::CreateUIElement(com::sun::star::uno::Reference<com::sun::star::awt::XWindow>
const&, rtl::OUString const&, bool, sfx2::sidebar::Context const&)
(this=0x55555b0a8100, rxWindow=..., rsImplementationURL=...,
bWantsCanvas=false, rContext=...) at
/home/cono/git/lo/libreoffice/sfx2/source/sidebar/SidebarController.cxx:1044
#9 0x00007ffff5593341 in
sfx2::sidebar::SidebarController::CreatePanel(std::basic_string_view<char16_t,
std::char_traits<char16_t> >, weld::Widget*, bool, sfx2::sidebar::Context
const&, VclPtr<sfx2::sidebar::Deck> const&) (this=0x55555b0a8100,
rsPanelId=u"GalleryPanel", pParentWindow=0x55555c040718,
bIsInitiallyExpanded=true, rContext=..., pDeck=...) at
/home/cono/git/lo/libreoffice/sfx2/source/sidebar/SidebarController.cxx:989
#10 0x00007ffff5592150 in
sfx2::sidebar::SidebarController::CreatePanels(std::basic_string_view<char16_t,
std::char_traits<char16_t> >, sfx2::sidebar::Context const&)
(this=0x55555b0a8100, rDeckId=u"GalleryDeck", rContext=...) at
/home/cono/git/lo/libreoffice/sfx2/source/sidebar/SidebarController.cxx:789
#11 0x00007ffff5591dbe in
sfx2::sidebar::SidebarController::CreateDeck(std::basic_string_view<char16_t,
std::char_traits<char16_t> >, sfx2::sidebar::Context const&, bool)
(this=0x55555b0a8100, rDeckId=u"GalleryDeck", rContext=..., bForceCreate=false)
at /home/cono/git/lo/libreoffice/sfx2/source/sidebar/SidebarController.cxx:737
#12 0x00007ffff5592b96 in
sfx2::sidebar::SidebarController::SwitchToDeck(sfx2::sidebar::DeckDescriptor
const&, sfx2::sidebar::Context const&) (this=0x55555b0a8100,
rDeckDescriptor=..., rContext=...) at
/home/cono/git/lo/libreoffice/sfx2/source/sidebar/SidebarController.cxx:899
#13 0x00007ffff5591b89 in
sfx2::sidebar::SidebarController::SwitchToDeck(std::basic_string_view<char16_t,
std::char_traits<char16_t> >) (this=0x55555b0a8100, rsDeckId=u"GalleryDeck") at
/home/cono/git/lo/libreoffice/sfx2/source/sidebar/SidebarController.cxx:708
#14 0x00007ffff5591936 in
sfx2::sidebar::SidebarController::OpenThenToggleDeck(rtl::OUString const&)
(this=0x55555b0a8100, rsDeckId=...) at
/home/cono/git/lo/libreoffice/sfx2/source/sidebar/SidebarController.cxx:664
#15 0x00007ffff558d884 in operator()(rtl::OUString const&) const
(__closure=0x7fffffffb7c0, rsDeckId=...) at
/home/cono/git/lo/libreoffice/sfx2/source/sidebar/SidebarController.cxx:123
#16 0x00007ffff5598e13 in std::__invoke_impl<void,
sfx2::sidebar::SidebarController::SidebarController(sfx2::sidebar::SidebarDockingWindow*,
const SfxViewFrame*)::<lambda(const rtl::OUString&)>&, const
rtl::OUString&>(std::__invoke_other, struct {...} &) (__f=...) at
/usr/include/c++/12/bits/invoke.h:61
#17 0x00007ffff559851c in std::__invoke_r<void,
sfx2::sidebar::SidebarController::SidebarController(sfx2::sidebar::SidebarDockingWindow*,
const SfxViewFrame*)::<lambda(const rtl::OUString&)>&, const
rtl::OUString&>(struct {...} &) (__fn=...) at
/usr/include/c++/12/bits/invoke.h:111
#18 0x00007ffff5597b76 in std::_Function_handler<void(const
rtl::OUString&),
sfx2::sidebar::SidebarController::SidebarController(sfx2::sidebar::SidebarDockingWindow*,
const SfxViewFrame*)::<lambda(const rtl::OUString&)> >::_M_invoke(const
std::_Any_data &, const rtl::OUString &) (__functor=..., __args#0=...) at
/usr/include/c++/12/bits/std_function.h:290
#19 0x00007ffff55e2bed in std::function<void (rtl::OUString
const&)>::operator()(rtl::OUString const&) const (this=0x7fffffffb7c0,
__args#0=...) at /usr/include/c++/12/bits/std_function.h:591
#20 0x00007ffff55e09aa in
sfx2::sidebar::TabBar::Item::HandleClick(rtl::OUString const&)
(this=0x55555b133290) at
/home/cono/git/lo/libreoffice/sfx2/source/sidebar/TabBar.cxx:274
#21 0x00007ffff55e0933 in
sfx2::sidebar::TabBar::Item::LinkStubHandleClick(void*, rtl::OUString const&)
(instance=0x55555b133290, data=...) at
/home/cono/git/lo/libreoffice/sfx2/source/sidebar/TabBar.cxx:264
#22 0x00007fffe688a6b7 in Link<rtl::OUString const&,
void>::Call(rtl::OUString const&) const (this=0x555556f7ee38, data=...) at
/home/cono/git/lo/libreoffice/include/tools/link.hxx:111
#23 0x00007fffe68821c9 in weld::Toolbar::signal_clicked(rtl::OUString
const&) (this=0x555556f7ee30, rIdent=...) at
/home/cono/git/lo/libreoffice/include/vcl/weld.hxx:2512
#24 0x00007fffe683260b in (anonymous
namespace)::GtkInstanceToolbar::signal_item_clicked(GtkToolButton*)
(this=0x555556f7ebe0, pItem=0x55555b13a9a0) at
/home/cono/git/lo/libreoffice/vcl/unx/gtk3/gtkinst.cxx:12009
#25 0x00007fffe6832553 in (anonymous
namespace)::GtkInstanceToolbar::signalItemClicked(GtkToolButton*, gpointer)
(pItem=0x55555b13a9a0, widget=0x555556f7ebe0) at
/home/cono/git/lo/libreoffice/vcl/unx/gtk3/gtkinst.cxx:12000
...
I suspect that there is a corner case of some element giving a nullptr
in xSgaObject; but since I can't repro locally, it's just a guess. Other
places using AcquireObject in the file do check its return, so it seems
reasonable to do the same here.
Change-Id: I40c0d64a7219d483ec94f56c56a6df0ce79e9c51
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/172280
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kagan...@collabora.com>
Signed-off-by: Xisco Fauli <xiscofa...@libreoffice.org>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/173027
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
Signed-off-by: Xisco Fauli <xiscofa...@libreoffice.org>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/173031
Tested-by: Caolán McNamara <caolan.mcnam...@collabora.com>
diff --git a/svx/source/gallery2/galbrws1.cxx b/svx/source/gallery2/galbrws1.cxx
index ec18025b9b01..553055daa706 100644
--- a/svx/source/gallery2/galbrws1.cxx
+++ b/svx/source/gallery2/galbrws1.cxx
@@ -1501,9 +1501,11 @@ void GalleryBrowser1::FillThemeEntries()
sal_uInt32 nObjectCount = pTheme->GetObjectCount();
for (size_t nObject = 0; nObject < nObjectCount; ++nObject)
{
- std::unique_ptr<SgaObject> xSgaObject =
pTheme->AcquireObject(nObject);
- OUString aTitle = GetItemText(*xSgaObject,
GalleryItemFlags::Title);
- maAllThemeEntries.push_back(ThemeEntry(aThemeName, aTitle,
nObject));
+ if (std::unique_ptr<SgaObject> xSgaObject =
pTheme->AcquireObject(nObject))
+ {
+ OUString aTitle = GetItemText(*xSgaObject,
GalleryItemFlags::Title);
+ maAllThemeEntries.push_back(ThemeEntry(aThemeName, aTitle,
nObject));
+ }
}
mpGallery->ReleaseTheme(pTheme, maLocalListner);
}
