diff options
| author | Mike Kaganski <mike.kaganski@collabora.com> | 2023-05-18 20:06:21 +0300 |
|---|---|---|
| committer | Andras Timar <andras.timar@collabora.com> | 2023-05-19 10:08:03 +0200 |
| commit | e9a56c0cb4a39d0f1a585a6eb9e20d9070badc98 (patch) | |
| tree | 96c925ad0b8537d10dea139746aaaa54d6ed6ec0 /svx | |
| parent | eb34694ab0ce0b60c407f0fbe95143bc87b17638 (diff) | |
Fix "AddressSanitizer: heap-use-after-free"
cp-23.05.0-1
https://github.com/CollaboraOnline/online/issues/6380
Commit 7481e8b5500e86626be5f8eae1e7f48b7f51e21a (sw_redlinehide_4a:
SwEditShell::AutoCorrect() etc., 2018-11-28) explicitly relied upon
the reference to the node text being updated on editing operations.
Commit 14f6700fefa945c4cf995c09af9326c2a022f886 (use more string_view
in editeng, 2022-04-14) converted the argument of FnChgToEnEmDash to
a string view, which means that any change in the underlying OUString
frees the memory referenced by the view.
But in this method, we really don't want to have the text updated;
so use a local OUString copy for later reference.
Partially revert commit 14f6700fefa945c4cf995c09af9326c2a022f886.
And copy mst's commit 7481e8b5500e86626be5f8eae1e7f48b7f51e21a
message to document the assumptions in SwEditShell::AutoCorrect.
Change-Id: I0ff02958c8de9566d774f366d905aa9bb603055c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/151970
Tested-by: Mike Kaganski <mike.kaganski@collabora.com>
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
(cherry picked from commit 0350d502a68166e700d3e329340d8e79c4b159a8)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/151917
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Andras Timar <andras.timar@collabora.com>
Diffstat (limited to 'svx')
0 files changed, 0 insertions, 0 deletions