https://bugs.documentfoundation.org/show_bug.cgi?id=99994
--- Comment #1 from sam tygier <[email protected]> ---
The bug occurs in SvgCharacterNode::createSimpleTextPrimitive() in the section:
OUString aFontFamily = rSvgStyleAttributes.getFontFamily().empty() ?
OUString("Times New Roman") :
rSvgStyleAttributes.getFontFamily()[0];
The second clause gets called, and tries to access the zeroth element of an
empty vector. The "empty()" test is not effective at preventing this as
getFontFamily() returns a different vector on the second call. (Fun Heisenbug
as putting "cout << rSvgStyleAttributes.getFontFamily().size()" or similar
above changes the behaviour.)
The problem is that getFontFamily() can call
SvgStyleAttributes::setCssStyleParent() and so the style can be changed.
The simple fix is to just reuse the result from the first call to
getFontFamily(). That way the test is effective and preventing the invalid
access.
I guess proper fix is to make getFontFamily() deterministic. I have not yet
quite understood the code well enough to understand how. Perhaps it needs to be
made so that that all the style resolution that can call the the 'set' methods
occurs before createSimpleTextPrimitive() gets called.
--
You are receiving this mail because:
You are the assignee for the bug._______________________________________________
Libreoffice-bugs mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs
