https://bugs.documentfoundation.org/show_bug.cgi?id=127648
Julien Nabet <[email protected]> changed:
What |Removed |Added
----------------------------------------------------------------------------
Ever confirmed|1 |0
CC| |[email protected],
| |[email protected]
Status|NEEDINFO |UNCONFIRMED
See Also| |https://bugs.documentfounda
| |tion.org/show_bug.cgi?id=11
| |3099
--- Comment #6 from Julien Nabet <[email protected]> ---
Thank you for your feedback.
Even if there are not argument values passed to the functions, your bt helps.
I noticed this function:
117 sal_Int32 SAL_CALL
118 XInputStream_impl::readBytes(
119 uno::Sequence< sal_Int8 >& aData,
120 sal_Int32 nBytesToRead )
121 {
122 if( ! m_nIsOpen ) throw io::IOException( THROW_WHERE );
123
124 aData.realloc(nBytesToRead);
125 //TODO! translate memory exhaustion (if it were detectable...)
into
126 // io::BufferSizeExceededException
127
128 sal_uInt64 nrc(0);
129 if(m_aFile.read( aData.getArray(),sal_uInt64(nBytesToRead),nrc )
130 != osl::FileBase::E_None)
131 throw io::IOException( THROW_WHERE );
132
133 // Shrink aData in case we read less than nBytesToRead
(XInputStream
134 // documentation does not tell whether this is required, and I do
not know
135 // if any code relies on this, so be conservative---SB):
136 if (sal::static_int_cast<sal_Int32>(nrc) != nBytesToRead)
137 aData.realloc(sal_Int32(nrc));
138 return static_cast<sal_Int32>(nrc);
139 }
If nBytesToRead > max sal_Int32, we may get a negative value for nrc.
Noel/Stephan: considering git history of ucb/source/ucp/file/filinpstr.cxx,
thought you might be interested in this one.
It may be a dup of tdf#113099
--
You are receiving this mail because:
You are the assignee for the bug._______________________________________________
Libreoffice-bugs mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs
