core.git: Branch 'libreoffice-24-2' - vcl/source

Thu, 04 Apr 2024 02:15:39 -0700 

 vcl/source/window/legacyaccessibility.cxx |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

New commits:
commit b2a2b4b3093aaba9dd44819f7b8b3ac12f262a19
Author:     Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Tue Mar 26 15:38:51 2024 +0000
Commit:     Michael Stahl <michael.st...@allotropia.de>
CommitDate: Thu Apr 4 11:15:13 2024 +0200

    crash on deref null parent on attempting to find label
    
    ImplFindDlgCtrlWindow always calls ImplGetChildWindow with first arg
    
    which does
    
    pParent = ImplGetTopParentOfTabHierarchy( pParent );
    vcl::Window* pWindow = ImplGetSubChildWindow( pParent, n, nIndex );
    
    ImplGetSubChildWindow always derefs its first arg and
    ImplGetTopParentOfTabHierarchy only returns null if its input was null
    so ImplFindDlgCtrlWindow shouldn't be called with null
    
    program/libmergedlo.so(_ZNK3vcl6Window13ImplGetWindowEv+0x4)[0x7513e2a40e54]
    program/libmergedlo.so(+0x33ba57c)[0x7513e29ba57c]
    program/libmergedlo.so(+0x33ba97c)[0x7513e29ba97c]
    program/libmergedlo.so(+0x33baf64)[0x7513e29baf64]
    program/libmergedlo.so(+0x3378d47)[0x7513e2978d47]
    
program/libmergedlo.so(_ZNK3vcl6Window30GetAccessibleRelationLabeledByEv+0x19c)[0x7513e297866c]
    
program/libmergedlo.so(_ZN3vcl6Window18DumpAsPropertyTreeERN5tools10JsonWriterE+0x241)[0x7513e2a4b301]
    
program/libmergedlo.so(_ZN6Dialog18DumpAsPropertyTreeERN5tools10JsonWriterE+0x2e)[0x7513e29b217e]
    
program/libmergedlo.so(_ZN3vcl6Window18DumpAsPropertyTreeERN5tools10JsonWriterE+0x182)[0x7513e2a4b242]
    
program/libmergedlo.so(_ZN3vcl3lok9dumpStateERN3rtl13OStringBufferE+0xc0)[0x7513e2d6ee80]
    
    Change-Id: I732550bd67c3af38627849a7d96d8ee6140008b0
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/165314
    Tested-by: Jenkins
    Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
    (cherry picked from commit 23b72488140e7e2031e0071718d55d2b9e1c2bef)
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/165321
    Reviewed-by: Michael Stahl <michael.st...@allotropia.de>

diff --git a/vcl/source/window/legacyaccessibility.cxx 
b/vcl/source/window/legacyaccessibility.cxx
index 346e1fdc8f2a..a0f4aff33919 100644
--- a/vcl/source/window/legacyaccessibility.cxx
+++ b/vcl/source/window/legacyaccessibility.cxx
@@ -109,7 +109,7 @@ Window* 
Window::getLegacyNonLayoutAccessibleRelationLabelFor() const
 static Window* ImplGetLabeledBy( Window* pFrameWindow, WindowType nMyType, 
Window* pLabeled )
 {
     Window* pWindow = nullptr;
-    if ( (nMyType != WindowType::GROUPBOX) && (nMyType != 
WindowType::FIXEDLINE) )
+    if (pFrameWindow && nMyType != WindowType::GROUPBOX && nMyType != 
WindowType::FIXEDLINE)
     {
         // search for a control that labels this window
         // a label is considered the last fixed text, fixed line or group box

Reply via email to