Apache OpenOffice (AOO) Bugzilla – Issue 79025
derefence of pType after typelib_typedescription_release if it
Last modified: 2017-05-20 11:31:36 UTC
in cppu/source/typelib/typelib.cxx "typelib_typedescription_register" we have this code... if( pTDR->pType->bOnDemand && !(*ppNewDescription)->bOnDemand ){ // switch from OnDemand to !OnDemand, so the description must be acquire typelib_typedescription_acquire( pTDR->pType );} else if( !pTDR->pType->bOnDemand && (*ppNewDescription)->bOnDemand ){ // switch from !OnDemand to OnDemand, so the description must be relesed typelib_typedescription_release( pTDR->pType );} pTDR->pType->bOnDemand = (*ppNewDescription)->bOnDemand; // initialized pTDR->pType->pWeakRef = pTDR; Surely if we *do* call typelib_typedescription_release on pType then we should't go on to deference it afterwards ?
->Stephan, can you help with this? On a first look, Caolans comment seems to be valid ...
@cmc: Have you seen this code fail, or is it just a potential problem? Anyway, should be easy to correct.
no, just potential.
This is really awkward code. Talked about it with dbo, we both think it is best to leave it alone for the moment (reluctant to move the modification of pTDR->pType before typelib_typedescription_release, in case typelib_typedescription_release depends on the old state of pTDR->pType). "If it ain't fixed, don't break it." :(
Reset assigne to the default "issues@openoffice.apache.org".