Blind fix crash in ScDBData::UpdateReference(), tdf#126926 follow-up

Crash reports at
https://crashreport.libreoffice.org/stats/signature/ScDBData::UpdateReference(ScDocument%20const%20*,UpdateRefMode,short,long,short,short,long,short,short,long,short)

No reproducer yet, for a possible reproducer see
https://bugs.documentfoundation.org/show_bug.cgi?id=126926#c12
but creating such a scenario with 8 AutoFilters / sheets wasn't
sufficient.

However, ScDBCollection::NamedDBs (maNamedDBs) uses a std::set so after
erase(iterator++) iterator is still valid, but ScDBCollection::AnonDBs
maAnonDBs uses a std::vector for which after erase(iterator++) iterator
may be invalid if vector was shrunk and reallocated.

So use the iterator returning erase() instead to have a valid following
iterator, and for consistency do that for both.

A reproducer may need a bunch of sheets / anonymous AutoFilter for a
vector to shrink and be reallocated, and it may depend on the
plattform/compiler's implementation.

Change-Id: Ib57294d8af9f486b734f4294d8d310ce0fa20551
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123224
Reviewed-by: Eike Rathke <erack@redhat.com>
Tested-by: Jenkins
(cherry picked from commit 9a0d52c95b6fd8639a56df2c2ceff07277253183)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123160
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>

2 files changed, 9 insertions, 8 deletions

diff --git a/sc/inc/dbdata.hxx b/sc/inc/dbdata.hxx
index 8ecd2faf602f..4f328ce88a6a 100644
--- a/sc/inc/dbdata.hxx
+++ b/sc/inc/dbdata.hxx
@@ -263,7 +263,7 @@ public:
          */
         bool insert(std::unique_ptr<ScDBData> p);
 
-        void erase(const iterator& itr);
+        iterator erase(const iterator& itr);
         bool empty() const;
         size_t size() const;
         bool operator== (const NamedDBs& r) const;
@@ -295,7 +295,7 @@ public:
         void deleteOnTab(SCTAB nTab);
         ScDBData* getByRange(const ScRange& rRange);
         void insert(ScDBData* p);
-        void erase(const iterator& itr);
+        iterator erase(const iterator& itr);
         bool empty() const;
         bool has( const ScDBData* p ) const;
         bool operator== (const AnonDBs& r) const;
diff --git a/sc/source/core/tool/dbdata.cxx b/sc/source/core/tool/dbdata.cxx
index 4e38b2aaa676..0cde23c6042d 100644
--- a/sc/source/core/tool/dbdata.cxx
+++ b/sc/source/core/tool/dbdata.cxx
@@ -1175,9 +1175,9 @@ bool ScDBCollection::NamedDBs::insert(std::unique_ptr<ScDBData> pData)
     return r.second;
 }
 
-void ScDBCollection::NamedDBs::erase(const iterator& itr)
+ScDBCollection::NamedDBs::iterator ScDBCollection::NamedDBs::erase(const iterator& itr)
 {
-    m_DBs.erase(itr);
+    return m_DBs.erase(itr);
 }
 
 bool ScDBCollection::NamedDBs::empty() const
@@ -1256,8 +1256,9 @@ void ScDBCollection::AnonDBs::insert(ScDBData* p)
     m_DBs.push_back(std::unique_ptr<ScDBData>(p));
 }
 
-void ScDBCollection::AnonDBs::erase(const iterator& itr) {
-    m_DBs.erase(itr);
+ScDBCollection::AnonDBs::iterator ScDBCollection::AnonDBs::erase(const iterator& itr)
+{
+    return m_DBs.erase(itr);
 }
 
 bool ScDBCollection::AnonDBs::empty() const
@@ -1461,7 +1462,7 @@ void ScDBCollection::UpdateReference(UpdateRefMode eUpdateRefMode,
         // Delete the database range, if some part of the reference became invalid.
         if (it->get()->UpdateReference(&rDoc, eUpdateRefMode, nCol1, nRow1, nTab1, nCol2, nRow2,
                                        nTab2, nDx, nDy, nDz))
-            maNamedDBs.erase(it++);
+            it = maNamedDBs.erase(it);
         else
             ++it;
     }
@@ -1470,7 +1471,7 @@ void ScDBCollection::UpdateReference(UpdateRefMode eUpdateRefMode,
         // Delete the database range, if some part of the reference became invalid.
         if (it->get()->UpdateReference(&rDoc, eUpdateRefMode, nCol1, nRow1, nTab1, nCol2, nRow2,
                                        nTab2, nDx, nDy, nDz))
-            maAnonDBs.erase(it++);
+            it = maAnonDBs.erase(it);
         else
             ++it;
     }