ports/67484: [PATCH] editors/AbiWord2 bug (function returns pointer to non static data destroyed after return)
Oleg Sharoiko
os at rsu.ru
Wed Jun 2 09:40:40 UTC 2004
>Number: 67484
>Category: ports
>Synopsis: [PATCH] editors/AbiWord2 bug (function returns pointer to non static data destroyed after return)
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Jun 02 02:40:35 PDT 2004
>Closed-Date:
>Last-Modified:
>Originator: Oleg Sharoiko
>Release: FreeBSD 5.2-CURRENT i386
>Organization:
Computer Center of Rostov State University
>Environment:
System: FreeBSD brain.cc.rsu.ru 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Tue May 18 18:15:48 MSD 2004 os at brain.cc.rsu.ru:/usr/obj/usr/src/sys/brain.athlon-xp.HEAD.2004-01-30 i386
>Description:
After upgrade of AbiWord from 2.06 to 2.0.7 is stopped working with
SIGSEGV. After some digging in the code I found:
ap_GetLabel_Autotext() (src/wp/ap/xp/ap_Menu_Functions.cpp)
returns a pointer to internal buffer of temp variable of type
UT_UTF8String, but ~UT_UTF8String destroys this buffer.
>How-To-Repeat:
It seems that this bug is not always seen.
I could easily reproduce it with
cd /usr/ports/editors/AbiWord2
make
make install
rehash
AbiWord-2.0
on two -CURRENT boxes
but it works on my friend's -CURRENT which is a little bit older.
>Fix:
The following patch (which is quite similar to the one committed into
main abiword source three) solves the problem.
--- AbiWord2/files/patch-src::wp::ap::xp::ap_Menu_Functions.cpp Thu Jan 1 03:00:00 1970
+++ AbiWord2/files/patch-src::wp::ap::xp::ap_Menu_Functions.cpp Wed Jun 2 13:33:55 2004
@@ -0,0 +1,135 @@
+--- src/wp/ap/xp/ap_Menu_Functions.cpp.orig Wed Jun 2 12:47:46 2004
++++ src/wp/ap/xp/ap_Menu_Functions.cpp Wed Jun 2 12:47:49 2004
+@@ -62,92 +62,94 @@
+ const char * c = NULL;
+
+ const XAP_StringSet * pss = pApp->getStringSet();
+- c = pss->getValueUTF8(AP_STRING_ID_DLG_Spell_NoSuggestions).utf8_str();
++ static UT_UTF8String s;
+
+ switch (id)
+ {
+ case AP_MENU_ID_AUTOTEXT_ATTN_1:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_ATTN_1).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_ATTN_1); break;
+ case AP_MENU_ID_AUTOTEXT_ATTN_2:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_ATTN_2).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_ATTN_2); break;
+
+ case AP_MENU_ID_AUTOTEXT_CLOSING_1:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_1).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_1); break;
+ case AP_MENU_ID_AUTOTEXT_CLOSING_2:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_2).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_2); break;
+ case AP_MENU_ID_AUTOTEXT_CLOSING_3:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_3).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_3); break;
+ case AP_MENU_ID_AUTOTEXT_CLOSING_4:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_4).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_4); break;
+ case AP_MENU_ID_AUTOTEXT_CLOSING_5:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_5).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_5); break;
+ case AP_MENU_ID_AUTOTEXT_CLOSING_6:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_6).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_6); break;
+ case AP_MENU_ID_AUTOTEXT_CLOSING_7:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_7).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_7); break;
+ case AP_MENU_ID_AUTOTEXT_CLOSING_8:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_8).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_8); break;
+ case AP_MENU_ID_AUTOTEXT_CLOSING_9:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_9).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_9); break;
+ case AP_MENU_ID_AUTOTEXT_CLOSING_10:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_10).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_10); break;
+ case AP_MENU_ID_AUTOTEXT_CLOSING_11:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_11).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_11); break;
+ case AP_MENU_ID_AUTOTEXT_CLOSING_12:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_12).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_CLOSING_12); break;
+
+ case AP_MENU_ID_AUTOTEXT_MAIL_1:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_1).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_1); break;
+ case AP_MENU_ID_AUTOTEXT_MAIL_2:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_2).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_2); break;
+ case AP_MENU_ID_AUTOTEXT_MAIL_3:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_3).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_3); break;
+ case AP_MENU_ID_AUTOTEXT_MAIL_4:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_4).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_4); break;
+ case AP_MENU_ID_AUTOTEXT_MAIL_5:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_5).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_5); break;
+ case AP_MENU_ID_AUTOTEXT_MAIL_6:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_6).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_6); break;
+ case AP_MENU_ID_AUTOTEXT_MAIL_7:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_7).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_7); break;
+ case AP_MENU_ID_AUTOTEXT_MAIL_8:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_8).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_MAIL_8); break;
+
+ case AP_MENU_ID_AUTOTEXT_REFERENCE_1:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_REFERENCE_1).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_REFERENCE_1); break;
+ case AP_MENU_ID_AUTOTEXT_REFERENCE_2:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_REFERENCE_2).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_REFERENCE_2); break;
+ case AP_MENU_ID_AUTOTEXT_REFERENCE_3:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_REFERENCE_3).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_REFERENCE_3); break;
+
+ case AP_MENU_ID_AUTOTEXT_SALUTATION_1:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_SALUTATION_1).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_SALUTATION_1); break;
+ case AP_MENU_ID_AUTOTEXT_SALUTATION_2:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_SALUTATION_2).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_SALUTATION_2); break;
+ case AP_MENU_ID_AUTOTEXT_SALUTATION_3:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_SALUTATION_3).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_SALUTATION_3); break;
+ case AP_MENU_ID_AUTOTEXT_SALUTATION_4:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_SALUTATION_4).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_SALUTATION_4); break;
+
+ case AP_MENU_ID_AUTOTEXT_SUBJECT_1:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_SUBJECT_1).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_SUBJECT_1); break;
+
+ case AP_MENU_ID_AUTOTEXT_EMAIL_1:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_EMAIL_1).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_EMAIL_1); break;
+ case AP_MENU_ID_AUTOTEXT_EMAIL_2:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_EMAIL_2).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_EMAIL_2); break;
+ case AP_MENU_ID_AUTOTEXT_EMAIL_3:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_EMAIL_3).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_EMAIL_3); break;
+ case AP_MENU_ID_AUTOTEXT_EMAIL_4:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_EMAIL_4).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_EMAIL_4); break;
+ case AP_MENU_ID_AUTOTEXT_EMAIL_5:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_EMAIL_5).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_EMAIL_5); break;
+ case AP_MENU_ID_AUTOTEXT_EMAIL_6:
+- c = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_EMAIL_6).utf8_str(); break;
++ s = pss->getValueUTF8(AP_STRING_ID_AUTOTEXT_EMAIL_6); break;
+
+ default:
+- c = "No clue"; break;
++ s = pss->getValueUTF8(AP_STRING_ID_DLG_Spell_NoSuggestions); break;
+ }
++
++ c = s.utf8_str();
+
+ return c;
+ }
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list