tdf#108039: check for nullptr in rtl_uString and OUString

rtl_[u]String_newConcat now checks allocation result to return
early and avoid SIGSEGV. Other functions are not modified, to
keep old behavior relying on allocation success and crashing
early on OOM to avoid added overhead in performance-critical
places.

OUString operator+= now checks rtl_uString_newConcat result and
throws std::bad_alloc on failure, to specifically address BASIC
problem. It keeps strong exception guarantee of leaving this'
state unaltered.

Concatenation in BASIC now checks for bad string allocation
(previously SIGSEGV was generated).

Unit test included.

Change-Id: I1513311d3d58eac43b2d2ec9a230e22dff0b4245
Reviewed-on: https://gerrit.libreoffice.org/37965
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Tested-by: Jenkins <ci@libreoffice.org>

1 files changed, 7 insertions, 2 deletions

diff --git a/basic/source/sbx/sbxvalue.cxx b/basic/source/sbx/sbxvalue.cxx
index bca0f80f8d2f..7ff177d8a736 100644
--- a/basic/source/sbx/sbxvalue.cxx
+++ b/basic/source/sbx/sbxvalue.cxx
@@ -875,14 +875,19 @@ bool SbxValue::Compute( SbxOperator eOp, const SbxValue& rOp )
                 // #30576: To begin with test, if the conversion worked
                 if( aL.pOUString != nullptr && aR.pOUString != nullptr )
                 {
-                    *aL.pOUString += *aR.pOUString;
+                    // tdf#108039: catch possible bad_alloc
+                    try {
+                        *aL.pOUString += *aR.pOUString;
+                    }
+                    catch (const std::bad_alloc&) {
+                        SetError(ERRCODE_SBX_OVERFLOW);
+                    }
                 }
                 // Not even Left OK?
                 else if( aL.pOUString == nullptr )
                 {
                     aL.pOUString = new OUString();
                 }
-                Put( aL );
             }
             else
                 SetError( ERRCODE_SBX_CONVERSION );