On 24/05/2011 22:03, Kohei Yoshida wrote:
The attached patch fixes the crasher reported in
https://bugs.freedesktop.org/show_bug.cgi?id=37520
The crash occurs in ScRangeList::Join() where the array size is cached
prior to the for loop, but array may shrink during the loop, in which
case an out-of-bound array access may occur which in turn results in a
crash. I'm actually surprised that this didn't cause a crash on
Linux.
Kohei in this case wouldnt it be better to use a linked list instead of
an array since a link list can easily adjust to size instead of an array
which is of a static size?
Anyhow, the solution is to always dynamically check the size of the
array via size() method in each iteration, instead of caching it for
all iterations.
Review appreciated. I'd like this to go into the -3-4-0 branch. So I
need three sign-off's.
Kohei
_______________________________________________
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice
_______________________________________________
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice
