sw/source/core/fields/reffld.cxx | 6 ++++++
1 file changed, 6 insertions(+)
New commits:
commit 861400eaf9ab3b66245d19b327b4e593093d9909
Author: Noel Grandin <noel.gran...@collabora.co.uk>
AuthorDate: Sat Jan 11 11:48:29 2025 +0200
Commit: Christian Lohmaier <lohmaier+libreoff...@googlemail.com>
CommitDate: Tue Feb 4 15:24:44 2025 +0100
tdf#164620 CRASH: selecting all and deleting
regression from
commit 73a46895c5927d68a222b13dc811ea1cceb811a1
Author: Noel Grandin <noel.gran...@collabora.co.uk>
Date: Thu Dec 5 07:58:44 2024 +0200
tdf#119840 speed up SearchForStyleAnchor
We are dealing with a dangling pointer here, so I'm not sure if this
change will be sufficient.
We are very deep inside a series of listener callbacks and events here,
so no idea how to fix the actual problem i.e. not having a dangling
pointer at all.
Change-Id: I8314cd0f906e3b2652e10e55dfe8396abdf02856
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/180111
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.gran...@collabora.co.uk>
(cherry picked from commit 96ed0ae5e35fbcf0f97a5dc8b6dff211579be893)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/180160
Reviewed-by: Christian Lohmaier <lohmaier+libreoff...@googlemail.com>
diff --git a/sw/source/core/fields/reffld.cxx b/sw/source/core/fields/reffld.cxx
index 99ef95713e1a..419d0b551c85 100644
--- a/sw/source/core/fields/reffld.cxx
+++ b/sw/source/core/fields/reffld.cxx
@@ -1599,6 +1599,12 @@ SwTextNode*
SwGetRefFieldType::FindAnchorRefStyleOther(SwDoc* pDoc,
SwNodeOffset nReference = pReference->GetIndex();
const SwNodes& nodes = pDoc->GetNodes();
+
+ // It is possible to end up here, with a pReference pointer which points
to a node which has already been
+ // removed from the nodes array, which means that calling GetIndex()
returns an incorrect index.
+ if (nReference >= nodes.Count() || nodes[nReference] != pReference)
+ nReference = nodes.Count() - 1;
+
SwTextNode* pTextNd = nullptr;
// 1. Search up until we hit the top of the document
