sw: fix heap-use-after-free in SwTextNode::InsertHint()

This is a problem since commit 1dce9ee7e12871ee63434499db805e806b9e9d3c (sw content controls, plain text: apply formatting to the entire contents, 2022-07-21), because I forgot to check if pAttr is still a valid pointer after the input field code is executed. Below code already uses this flag to make sure it's not accessing a dangling pointer, apply the same fix here as well. Change-Id: Ifcba0bc5e3a3c0abd81ff954fb10f6880163461b Reviewed-on: https://gerrit.libreoffice.org/c/core/+/137349 Reviewed-by: Miklos Vajna <vmiklos@collabora.com> Tested-by: Jenkins
author: Miklos Vajna <vmiklos@collabora.com> 2022-07-22 11:50:23 +0200
committer: Miklos Vajna <vmiklos@collabora.com> 2022-07-22 14:15:21 +0200
commit: 5d68b3878fed165bf1bdc6aa47be1df4a8265b96 (patch)
tree: 8e7918251e542e9ec704af07bf150ab7fd93ae49
parent: 4d153517183193f468dee9148c94fe9d874bacb3 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/sw/source/core/txtnode/thints.cxx b/sw/source/core/txtnode/thints.cxx
index 3fade71120d2..e7fb33b8a1c8 100644
--- a/sw/source/core/txtnode/thints.cxx
+++ b/sw/source/core/txtnode/thints.cxx
@@ -1684,6 +1684,7 @@ bool SwTextNode::InsertHint( SwTextAttr * const pAttr, const SetAttrMode nMode )
         }
     }
 
+    if (bInsertHint)
     {
         // Handle the invariant that a plain text content control has the same character formatting
         // for all of its content.
author	Miklos Vajna <vmiklos@collabora.com>	2022-07-22 11:50:23 +0200
committer	Miklos Vajna <vmiklos@collabora.com>	2022-07-22 14:15:21 +0200
commit	5d68b3878fed165bf1bdc6aa47be1df4a8265b96 (patch)
tree	8e7918251e542e9ec704af07bf150ab7fd93ae49
parent	4d153517183193f468dee9148c94fe9d874bacb3 (diff)