core.git: drawinglayer/source include/drawinglayer

Tue, 29 Apr 2025 00:33:02 -0700 

 drawinglayer/source/primitive2d/BufferedDecompositionGroupPrimitive2D.cxx  |   
 8 ++++++++
 drawinglayer/source/primitive2d/BufferedDecompositionPrimitive2D.cxx       |   
 8 ++++++++
 include/drawinglayer/primitive2d/BufferedDecompositionGroupPrimitive2D.hxx |   
 2 +-
 include/drawinglayer/primitive2d/BufferedDecompositionPrimitive2D.hxx      |   
 2 +-
 4 files changed, 18 insertions(+), 2 deletions(-)

New commits:
commit ac6c7b4f826f053ce0ebe496b906a963c8c52342
Author:     Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Mon Apr 28 21:29:09 2025 +0100
Commit:     Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Tue Apr 29 09:32:19 2025 +0200

    ofz#409354664 Heap-use-after-free
    
    there is no DeInitVCL in fuzzing, so if the BufferedDecompositionFlusher
    thread is started nothing causes it to exit before _exit.
    
    Change-Id: I62463ce8126a0cf0c67f4218bdf66a140f3a021d
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/184731
    Tested-by: Jenkins
    Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>

diff --git 
a/drawinglayer/source/primitive2d/BufferedDecompositionGroupPrimitive2D.cxx 
b/drawinglayer/source/primitive2d/BufferedDecompositionGroupPrimitive2D.cxx
index 0662bc155187..ae83c158f2ba 100644
--- a/drawinglayer/source/primitive2d/BufferedDecompositionGroupPrimitive2D.cxx
+++ b/drawinglayer/source/primitive2d/BufferedDecompositionGroupPrimitive2D.cxx
@@ -19,6 +19,7 @@
 
 #include <sal/config.h>
 
+#include <comphelper/configuration.hxx>
 #include <drawinglayer/primitive2d/BufferedDecompositionGroupPrimitive2D.hxx>
 #include <drawinglayer/geometry/viewinformation2d.hxx>
 #include <drawinglayer/primitive2d/BufferedDecompositionFlusher.hxx>
@@ -97,6 +98,13 @@ void 
BufferedDecompositionGroupPrimitive2D::get2DDecomposition(
     }
 }
 
+void BufferedDecompositionGroupPrimitive2D::activateFlushOnTimer()
+{
+    if (comphelper::IsFuzzing())
+        return;
+    mbFlushOnTimer = true;
+}
+
 } // end of namespace drawinglayer::primitive2d
 
 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git 
a/drawinglayer/source/primitive2d/BufferedDecompositionPrimitive2D.cxx 
b/drawinglayer/source/primitive2d/BufferedDecompositionPrimitive2D.cxx
index f51f37c85966..491c1fe07665 100644
--- a/drawinglayer/source/primitive2d/BufferedDecompositionPrimitive2D.cxx
+++ b/drawinglayer/source/primitive2d/BufferedDecompositionPrimitive2D.cxx
@@ -19,6 +19,7 @@
 
 #include <sal/config.h>
 
+#include <comphelper/configuration.hxx>
 #include <drawinglayer/primitive2d/BufferedDecompositionPrimitive2D.hxx>
 #include <drawinglayer/geometry/viewinformation2d.hxx>
 #include <drawinglayer/primitive2d/BufferedDecompositionFlusher.hxx>
@@ -96,6 +97,13 @@ void BufferedDecompositionPrimitive2D::get2DDecomposition(
     }
 }
 
+void BufferedDecompositionPrimitive2D::activateFlushOnTimer()
+{
+    if (comphelper::IsFuzzing())
+        return;
+    mbFlushOnTimer = true;
+}
+
 } // end of namespace drawinglayer::primitive2d
 
 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git 
a/include/drawinglayer/primitive2d/BufferedDecompositionGroupPrimitive2D.hxx 
b/include/drawinglayer/primitive2d/BufferedDecompositionGroupPrimitive2D.hxx
index 0956dd51ac81..fd50fb20ffd1 100644
--- a/include/drawinglayer/primitive2d/BufferedDecompositionGroupPrimitive2D.hxx
+++ b/include/drawinglayer/primitive2d/BufferedDecompositionGroupPrimitive2D.hxx
@@ -64,7 +64,7 @@ protected:
     // callback mechanism to flush buffered content timer-based will be 
activated.
     // it is protected since the idea is that this gets called in the 
constructor
     // of derived classes.
-    void activateFlushOnTimer() { mbFlushOnTimer = true; }
+    void activateFlushOnTimer();
 
 public:
     /// constructor/destructor. For GroupPrimitive2D we need the child 
parameter, too.
diff --git 
a/include/drawinglayer/primitive2d/BufferedDecompositionPrimitive2D.hxx 
b/include/drawinglayer/primitive2d/BufferedDecompositionPrimitive2D.hxx
index bc24a51a5fb4..126f5dc2f8cb 100644
--- a/include/drawinglayer/primitive2d/BufferedDecompositionPrimitive2D.hxx
+++ b/include/drawinglayer/primitive2d/BufferedDecompositionPrimitive2D.hxx
@@ -92,7 +92,7 @@ protected:
     // callback mechanism to flush buffered content timer-based will be 
activated.
     // it is protected since the idea is that this gets called in the 
constructor
     // of derived classes.
-    void activateFlushOnTimer() { mbFlushOnTimer = true; }
+    void activateFlushOnTimer();
 
 public:
     // constructor/destructor

Reply via email to