diff options
author | Miklos Vajna <vmiklos@collabora.com> | 2020-01-29 21:06:35 +0100 |
---|---|---|
committer | Miklos Vajna <vmiklos@collabora.com> | 2020-01-30 09:08:47 +0100 |
commit | f12fc2d07e6f2e9d33ad9350b1f005cbcbe72a18 (patch) | |
tree | d1fea82a217600902c24742617aa2f7c4d141c8c | |
parent | 447e4209fa16e765d9cba9f1c80bf10e8901204c (diff) |
vcl: fix UB in vcl::Cursor::ImplDoShow()
pWindow->mpWindowImpl can be nullptr here, see online.git's
unit-load-torture test:
vcl/source/window/cursor.cxx:204:54: runtime error: member access within null pointer of type 'WindowImpl'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior vcl/source/window/cursor.cxx:204:54 in
(And one more similar case in Window::ImplGrabFocus().)
Change-Id: Idd145082b58c10139be53e9b997efedeb0cec364
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/87709
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
-rw-r--r-- | vcl/source/window/cursor.cxx | 2 | ||||
-rw-r--r-- | vcl/source/window/mouse.cxx | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/vcl/source/window/cursor.cxx b/vcl/source/window/cursor.cxx index 8291d29e2b21..3b55bea61690 100644 --- a/vcl/source/window/cursor.cxx +++ b/vcl/source/window/cursor.cxx @@ -201,7 +201,7 @@ void vcl::Cursor::ImplDoShow( bool bDrawDirect, bool bRestore ) // show the cursor, if there is an active window and the cursor // has been selected in this window pWindow = Application::GetFocusWindow(); - if ( !pWindow || (pWindow->mpWindowImpl->mpCursor != this) || pWindow->mpWindowImpl->mbInPaint + if ( !pWindow || !pWindow->mpWindowImpl || (pWindow->mpWindowImpl->mpCursor != this) || pWindow->mpWindowImpl->mbInPaint || !pWindow->mpWindowImpl->mpFrameData->mbHasFocus ) pWindow = nullptr; } diff --git a/vcl/source/window/mouse.cxx b/vcl/source/window/mouse.cxx index 0aea5205fbb5..16993d199987 100644 --- a/vcl/source/window/mouse.cxx +++ b/vcl/source/window/mouse.cxx @@ -312,7 +312,7 @@ void Window::ImplGrabFocus( GetFocusFlags nFlags ) pSVData->mpWinData->mpFocusWin = this; - if ( pOldFocusWindow ) + if ( pOldFocusWindow && pOldFocusWindow->mpWindowImpl ) { // Cursor hidden if ( pOldFocusWindow->mpWindowImpl->mpCursor ) |