sw/source/core/doc/DocumentRedlineManager.cxx | 6 ++++++
1 file changed, 6 insertions(+)
New commits:
commit cf9a16caf5012d65b2a45a5525e36e40585dd35c
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Tue Jun 14 17:19:23 2022 +0200
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Wed Jun 15 21:25:22 2022 +0200
sw_redlinehide: skip unnecessary updates when undoing redlined delete
When reproducing tdf#135976 and then Undo, an UAF crash happens here:
assert(!pFrame->GetDrawObjs() || !pObjs->Contains(*pObj));
The pObjs was actually deleted and then re-created, because the pObj was
removed from the frame and added again to the same frame.
This is a bit unexpected, so prevent it by taking a shortcut in the
caller UpdateFramesForRemoveDeleteRedline() to insert a check that had
been removed in commit 14e87a4b15d31a34e6053f6194688f3aa23af991.
If the rPam is inside a single node, the sw::RedlineUnDelText hint that
was sent to the SwTextFrame should be sufficient to update it and the
rest of the code in the loop that deals with newly split paragraph can
be skipped.
Change-Id: I5f36eb91bc20003887ee0bad03ea4a6e67135de9
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/135907
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
diff --git a/sw/source/core/doc/DocumentRedlineManager.cxx
b/sw/source/core/doc/DocumentRedlineManager.cxx
index c2ddb046ef8b..8a9a70ae2bb9 100644
--- a/sw/source/core/doc/DocumentRedlineManager.cxx
+++ b/sw/source/core/doc/DocumentRedlineManager.cxx
@@ -309,6 +309,12 @@ void UpdateFramesForRemoveDeleteRedline(SwDoc & rDoc,
SwPaM const& rPam)
break;
}
+ // no nodes can be unmerged by this - skip MakeFrames() etc.
+ if (rPam.GetPoint()->nNode == rPam.GetMark()->nNode)
+ {
+ break; // continue with AppendAllObjs()
+ }
+
// first, call CheckParaRedlineMerge on the first paragraph,
// to init flag on new merge range (if any) + 1st node post the
merge
auto eMode(sw::FrameMode::Existing);
