take a copy of SwAccessibleParagraph::GetString()

take a copy of this a11y and not a reference it is not guaranteed that listeners to the a11y events called by FireAccessibleEvent will themselves not call anything which could end up calling ClearPortionData which would leave rText pointing to old released memory seen in the wild with: ==15145==ERROR: AddressSanitizer: heap-use-after-free program/../program/libswlo.so rtl::OUString::equals(rtl::OUString const&) const builddir/libreoffice/include/rtl/ustring.hxx:952 program/../program/libswlo.so rtl::operator==(rtl::OUString const&, rtl::OUString const&) builddir/libreoffice/include/rtl/ustring.hxx:1713 program/../program/libswlo.so SwAccessibleContext::InvalidatePosOrSize(SwRect const&) builddir/libreoffice/sw/source/core/access/acccontext.cxx:1196 and previously allocated by thread T0 here: program/../program/libswlo.so SwAccessibleParagraph::UpdatePortionData() builddir/libreoffice/sw/source/core/access/accpara.cxx:442 with free of: program/../program/libswlo.so std::default_delete<SwAccessiblePortionData>::operator()(SwAccessiblePortionData*) const gcc-7.3.0/lib/gcc/x86_64-pc-linux-gnu/7.3.0/../../../../include/c++/7.3.0/bits/unique_ptr.h:78 program/../program/libswlo.so SwAccessibleParagraph::ClearPortionData() builddir/libreoffice/sw/source/core/access/accpara.cxx:451 program/../program/libswlo.so SwAccessibleParagraph::getCaretPosition() builddir/libreoffice/sw/source/core/access/accpara.cxx:1016 program/libmergedlo.so LOKDocumentFocusListener::updateParagraphInfo(com::sun::star::uno::Reference<com::sun::star::accessibility::XAccessibleText> const&, bool, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >) builddir/libreoffice/sfx2/source/view/viewsh.cxx:685 Change-Id: I72c9894ca842b8f040b27481f0fd8d56542eb530 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/152486 Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com> Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
author: Caolán McNamara <caolan.mcnamara@collabora.com> 2023-06-01 12:32:57 +0100
committer: Caolán McNamara <caolan.mcnamara@collabora.com> 2023-06-01 18:23:03 +0200
commit: 619d022fb0e01a2073b6c2635e2e8dc1c29162bc (patch)
tree: 35be82dd779eb3a1ad2968b98412529357601415
parent: d3996db28d88d219a9a1acc98af0cc862ac3d704 (diff)
1 files changed, 5 insertions, 5 deletions
diff --git a/sw/source/core/access/accpara.cxx b/sw/source/core/access/accpara.cxx
index 05bbacfbbd2a..bf88bda18bc4 100644
--- a/sw/source/core/access/accpara.cxx
+++ b/sw/source/core/access/accpara.cxx
@@ -249,16 +249,16 @@ void SwAccessibleParagraph::InvalidateContent_( bool bVisibleDataFired )
 
     ClearPortionData();
 
-    const OUString& rText = GetString();
+    const OUString sText = GetString();
 
-    if( rText != sOldText )
+    if( sText != sOldText )
     {
         // The text is changed
         AccessibleEventObject aEvent;
         aEvent.EventId = AccessibleEventId::TEXT_CHANGED;
 
-        // determine exact changes between sOldText and rText
-        (void)comphelper::OCommonAccessibleText::implInitTextChangedEvent(sOldText, rText,
+        // determine exact changes between sOldText and sText
+        (void)comphelper::OCommonAccessibleText::implInitTextChangedEvent(sOldText, sText,
                                                                           aEvent.OldValue,
                                                                           aEvent.NewValue);
 
@@ -301,7 +301,7 @@ void SwAccessibleParagraph::InvalidateContent_( bool bVisibleDataFired )
         FireAccessibleEvent( aEvent );
     }
 
-    if( rText == sOldText )
+    if( sText == sOldText )
         return;
 
     OUString sNewDesc( GetDescription() );
author	Caolán McNamara <caolan.mcnamara@collabora.com>	2023-06-01 12:32:57 +0100
committer	Caolán McNamara <caolan.mcnamara@collabora.com>	2023-06-01 18:23:03 +0200
commit	619d022fb0e01a2073b6c2635e2e8dc1c29162bc (patch)
tree	35be82dd779eb3a1ad2968b98412529357601415
parent	d3996db28d88d219a9a1acc98af0cc862ac3d704 (diff)