Hi Janit, On Wednesday, 2013-04-10 00:44:46 +0530, Janit Anjaria wrote:
> I made code changes in the file svxacorr.cxx and what i did was that i
> traversed the string by using *pStr(which points to the end of the string)
> and henc echecked if second last character is a '.' ,in that case return
> False.
> ---
> diff --git a/editeng/source/misc/svxacorr.cxx
> b/editeng/source/misc/svxacorr.cxx
> index 50c5b02..50643d4 100644
> --- a/editeng/source/misc/svxacorr.cxx
> +++ b/editeng/source/misc/svxacorr.cxx
> @@ -915,6 +915,20 @@ sal_Bool SvxAutoCorrect::FnCptlSttSntnc( SvxAutoCorrDoc&
> rDoc,
> if( 2 > ( pStr - pStart ) )
> return sal_False;
>
> + while(*pStr!='.')
> + {
> + pStr--;
> + }
If there is no '.' in the string this will go out of bounds and access
memory that does not belong to the string.
Btw, please use proper indentation, 4 spaces per level.
> + if(*(pStr-2)=='.')
This also may access out of bounds memory.
Eike
--
LibreOffice Calc developer. Number formatter stricken i18n transpositionizer.
GPG key ID: 0x65632D3A - 2265 D7F3 A7B0 95CC 3918 630B 6A6C D5B7 6563 2D3A
For key transition see http://erack.de/key-transition-2013-01-10.txt.asc
Support the FSFE, care about Free Software! https://fsfe.org/support/?erack
pgp9081BY5isT.pgp
Description: PGP signature
_______________________________________________ LibreOffice mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/libreoffice
