diff options
| author | Miklos Vajna <vmiklos@collabora.com> | 2020-02-11 21:06:06 +0100 |
|---|---|---|
| committer | Tamás Zolnai <tamas.zolnai@collabora.com> | 2021-02-04 16:31:07 +0100 |
| commit | 7c4435b8c69ca3a9d5ff1d280152cec1bfc51a1e (patch) | |
| tree | fcbe4c3768500e0cf7d7ecbf475ed5d74414d45a | |
| parent | 0753fc64eaa17e16941e07f9f52b955b59a37fca (diff) | |
vcl: fix UB in Window::ImplGetFirstOverlapWindow()
mpWindowImpl can be nullptr here, see online.git's
unit-load-torture test:
vcl/source/window/window2.cxx:882:24: runtime error: member access within null pointer of type 'WindowImpl'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior vcl/source/window/window2.cxx:882:24 in
Surrouding code already checks for nullptr mpWindowImpl, so fix it directly
where the problem is reported, not a caller.
(Also fix a similar case in Window::ImplCallFocusChangeActivate().)
Change-Id: I34dee0fd49483c428a78fd48b54c00b2f0a26417
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/88474
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit d1378b92c6697c09def7b3db8b36c3cf883b55c4)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110418
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Tamás Zolnai <tamas.zolnai@collabora.com>
| -rw-r--r-- | vcl/source/window/event.cxx | 10 | ||||
| -rw-r--r-- | vcl/source/window/window2.cxx | 5 |
2 files changed, 15 insertions, 0 deletions
diff --git a/vcl/source/window/event.cxx b/vcl/source/window/event.cxx index 797d40a79912..e7752ae77043 100644 --- a/vcl/source/window/event.cxx +++ b/vcl/source/window/event.cxx @@ -576,7 +576,17 @@ void Window::ImplCallFocusChangeActivate( vcl::Window* pNewOverlapWindow, bool bCallActivate = true; bool bCallDeactivate = true; + if (!pOldOverlapWindow) + { + return; + } + pOldRealWindow = pOldOverlapWindow->ImplGetWindow(); + if (!pNewOverlapWindow) + { + return; + } + pNewRealWindow = pNewOverlapWindow->ImplGetWindow(); if ( (pOldRealWindow->GetType() != WindowType::FLOATINGWINDOW) || pOldRealWindow->GetActivateMode() != ActivateModeFlags::NONE ) diff --git a/vcl/source/window/window2.cxx b/vcl/source/window/window2.cxx index 61ea3d80c3d0..3037491703fd 100644 --- a/vcl/source/window/window2.cxx +++ b/vcl/source/window/window2.cxx @@ -893,6 +893,11 @@ vcl::Window* Window::ImplGetBorderWindow() const vcl::Window* Window::ImplGetFirstOverlapWindow() { + if (!mpWindowImpl) + { + return nullptr; + } + if ( mpWindowImpl->mbOverlapWin ) return this; else |