117741 – Fix use-after-free problems in Basic DLL bindings lib

Bug 117741 - Fix use-after-free problems in Basic DLL bindings lib

Summary: Fix use-after-free problems in Basic DLL bindings lib

Status:	NEW

Alias:	None

Product:	LibreOffice
Classification:	Unclassified
Component:	BASIC (show other bugs)
Version: (earliest affected)	3.3.0 release
Hardware:	All Windows (All)

Importance:	medium normal
Assignee:	Not Assigned

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2018-05-22 08:50 UTC by Thorsten Behrens (allotropia)
Modified:	2023-10-23 14:44 UTC (History)
CC List:	4 users (show)

See Also:
Crash report or crash signature:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thorsten Behrens (allotropia) 2018-05-22 08:50:46 UTC

Description:
Code in basic/source/runtime/dllmgr-x86.cxx / basic/source/runtime/dllmgr-x64.cxx frequently takes a pointer to a vector element, then modifies the vector (and therefore potentially accessing freed memory).

Code needs some tweaks to avoid that, here's a sample commit:

https://gerrit.libreoffice.org/gitweb?p=core.git;a=commitdiff;h=de9620dd4539397715dab3102d256f9d634fcb23

Actual Results:  
.

Expected Results:
.


Reproducible: Always


User Profile Reset: No



Additional Info:


User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0

Comment 1 Hossein 2023-07-20 13:52:51 UTC

@thorsten:
This is among old EasyHacks that we have without any submissions. Do you think this is still relevant? Do you have any opinions on how to find similar instances, if the issue is still relevant?

Comment 2 Hossein 2023-10-23 14:44:25 UTC

Removing the EasyHack tag because the task is not clear for the EasyHackers. Also, as per discussion on IRC.