On Thu, Feb 06, 2020 at 10:36:30PM +0100, Stephan Witt wrote: > But some cases I’d like to point out: > > InsetMathSpace::doDispatch() calls createInsetMath_fromDialogStr() > createInsetMath_fromDialogStr calls mathed_parse_cell() > mathed_parse_cell() calls Parser() with NULL buffer > > Similar is the call to createInsetMath_fromDialogStr in > InsetMathRef::doDispatch() and InsetMathRef::changeTarget(). > > These look dangerous too, IMO. What do you think? > Do you know how to trigger this pieces of code?
It is hard to tell how dangerous they are. As said, in most cases the validity of the buffer member is checked before being used. So, having a null there is not troublesome for most code paths. However, it can bite in certain cases. In the case at hand, the buffer has always been null but, not being used in certain code paths, it has never been a problem. -- Enrico -- lyx-devel mailing list lyx-devel@lists.lyx.org http://lists.lyx.org/mailman/listinfo/lyx-devel
