Bug Summary

File:stoc/source/corereflection/crarray.cxx
Location:line 148, column 56
Description:Access to field 'nSize' results in a dereference of a null pointer (loaded from variable 'pElemTypeDescr')

Annotated Source Code

1/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2/*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 * This file incorporates work covered by the following license notice:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 */
19
20#include <typelib/typedescription.h>
21#include <uno/data.h>
22
23#include "base.hxx"
24
25
26namespace stoc_corefl
27{
28
29// XInterface
30//__________________________________________________________________________________________________
31Any ArrayIdlClassImpl::queryInterface( const Type & rType )
32 throw(::com::sun::star::uno::RuntimeException)
33{
34 Any aRet( ::cppu::queryInterface( rType, static_cast< XIdlArray * >( this ) ) );
35 return (aRet.hasValue() ? aRet : IdlClassImpl::queryInterface( rType ));
36}
37//__________________________________________________________________________________________________
38void ArrayIdlClassImpl::acquire() throw()
39{
40 IdlClassImpl::acquire();
41}
42//__________________________________________________________________________________________________
43void ArrayIdlClassImpl::release() throw()
44{
45 IdlClassImpl::release();
46}
47
48// XTypeProvider
49//__________________________________________________________________________________________________
50Sequence< Type > ArrayIdlClassImpl::getTypes()
51 throw (::com::sun::star::uno::RuntimeException)
52{
53 static OTypeCollection * s_pTypes = 0;
54 if (! s_pTypes)
55 {
56 MutexGuard aGuard( getMutexAccess() );
57 if (! s_pTypes)
58 {
59 static OTypeCollection s_aTypes(
60 ::getCppuType( (const Reference< XIdlArray > *)0 ),
61 IdlClassImpl::getTypes() );
62 s_pTypes = &s_aTypes;
63 }
64 }
65 return s_pTypes->getTypes();
66}
67//__________________________________________________________________________________________________
68Sequence< sal_Int8 > ArrayIdlClassImpl::getImplementationId()
69 throw (::com::sun::star::uno::RuntimeException)
70{
71 static OImplementationId * s_pId = 0;
72 if (! s_pId)
73 {
74 MutexGuard aGuard( getMutexAccess() );
75 if (! s_pId)
76 {
77 static OImplementationId s_aId;
78 s_pId = &s_aId;
79 }
80 }
81 return s_pId->getImplementationId();
82}
83
84// XIdlArray
85//__________________________________________________________________________________________________
86void ArrayIdlClassImpl::realloc( Any & rArray, sal_Int32 nLen )
87 throw(::com::sun::star::lang::IllegalArgumentException, ::com::sun::star::uno::RuntimeException)
88{
89 TypeClass eTC = rArray.getValueTypeClass();
90 if (eTC != TypeClass_SEQUENCE && eTC != TypeClass_ARRAY)
91 {
92 throw IllegalArgumentException(
93 OUString( RTL_CONSTASCII_USTRINGPARAM("no sequence given!")(&("no sequence given!")[0]), ((sal_Int32)((sizeof ("no sequence given!"
) / sizeof (("no sequence given!")[0]))-1)), (((rtl_TextEncoding
) 11)) ),
94 (XWeak *)(OWeakObject *)this, 0 );
95 }
96 if (nLen < 0)
97 {
98 throw IllegalArgumentException(
99 OUString( RTL_CONSTASCII_USTRINGPARAM("illegal length given!")(&("illegal length given!")[0]), ((sal_Int32)((sizeof ("illegal length given!"
) / sizeof (("illegal length given!")[0]))-1)), (((rtl_TextEncoding
) 11)) ),
100 (XWeak *)(OWeakObject *)this, 1 );
101 }
102
103 uno_Sequence ** ppSeq = (uno_Sequence **)rArray.getValue();
104 uno_sequence_realloc( ppSeq, (typelib_TypeDescription *)getTypeDescr(),
105 nLen,
106 reinterpret_cast< uno_AcquireFunc >(cpp_acquire),
107 reinterpret_cast< uno_ReleaseFunc >(cpp_release) );
108 rArray.pData = ppSeq;
109}
110//__________________________________________________________________________________________________
111sal_Int32 ArrayIdlClassImpl::getLen( const Any & rArray )
112 throw(::com::sun::star::lang::IllegalArgumentException, ::com::sun::star::uno::RuntimeException)
113{
114 TypeClass eTC = rArray.getValueTypeClass();
115 if (eTC != TypeClass_SEQUENCE && eTC != TypeClass_ARRAY)
116 {
117 throw IllegalArgumentException(
118 OUString( RTL_CONSTASCII_USTRINGPARAM("no sequence given!")(&("no sequence given!")[0]), ((sal_Int32)((sizeof ("no sequence given!"
) / sizeof (("no sequence given!")[0]))-1)), (((rtl_TextEncoding
) 11)) ),
119 (XWeak *)(OWeakObject *)this, 0 );
120 }
121
122 return (*(uno_Sequence **)rArray.getValue())->nElements;
123}
124//__________________________________________________________________________________________________
125Any ArrayIdlClassImpl::get( const Any & rArray, sal_Int32 nIndex )
126 throw(::com::sun::star::lang::IllegalArgumentException, ::com::sun::star::lang::ArrayIndexOutOfBoundsException, ::com::sun::star::uno::RuntimeException)
127{
128 TypeClass eTC = rArray.getValueTypeClass();
129 if (eTC != TypeClass_SEQUENCE && eTC != TypeClass_ARRAY)
130 {
131 throw IllegalArgumentException(
132 OUString( RTL_CONSTASCII_USTRINGPARAM("no sequence given!")(&("no sequence given!")[0]), ((sal_Int32)((sizeof ("no sequence given!"
) / sizeof (("no sequence given!")[0]))-1)), (((rtl_TextEncoding
) 11)) ),
133 (XWeak *)(OWeakObject *)this, 0 );
134 }
135
136 uno_Sequence * pSeq = *(uno_Sequence **)rArray.getValue();
137 if (pSeq->nElements <= nIndex)
1
Taking false branch
138 {
139 throw ArrayIndexOutOfBoundsException(
140 OUString( RTL_CONSTASCII_USTRINGPARAM("illegal index given!")(&("illegal index given!")[0]), ((sal_Int32)((sizeof ("illegal index given!"
) / sizeof (("illegal index given!")[0]))-1)), (((rtl_TextEncoding
) 11)) ),
141 (XWeak *)(OWeakObject *)this );
142 }
143
144 Any aRet;
145 typelib_TypeDescription * pElemTypeDescr = 0;
146 TYPELIB_DANGER_GET( &pElemTypeDescr, getTypeDescr()->pType ){ typelib_TypeDescriptionReference * pMacroTypeRef = (getTypeDescr
()->pType); typelib_TypeDescription ** ppMacroTypeDescr = (
&pElemTypeDescr); if (((pMacroTypeRef->eTypeClass) == typelib_TypeClass_INTERFACE_METHOD
|| (pMacroTypeRef->eTypeClass) == typelib_TypeClass_INTERFACE_ATTRIBUTE
)) { typelib_typedescriptionreference_getDescription( ppMacroTypeDescr
, pMacroTypeRef ); } else if (!pMacroTypeRef->pType || !pMacroTypeRef
->pType->pWeakRef) { typelib_typedescriptionreference_getDescription
( ppMacroTypeDescr, pMacroTypeRef ); if (*ppMacroTypeDescr) typelib_typedescription_release
( *ppMacroTypeDescr ); } else { *ppMacroTypeDescr = pMacroTypeRef
->pType; } };
147 uno_any_destruct( &aRet, reinterpret_cast< uno_ReleaseFunc >(cpp_release) );
148 uno_any_construct( &aRet, &pSeq->elements[nIndex * pElemTypeDescr->nSize],
2
Access to field 'nSize' results in a dereference of a null pointer (loaded from variable 'pElemTypeDescr')
149 pElemTypeDescr,
150 reinterpret_cast< uno_AcquireFunc >(cpp_acquire) );
151 TYPELIB_DANGER_RELEASE( pElemTypeDescr ){ if ((((pElemTypeDescr)->eTypeClass) == typelib_TypeClass_INTERFACE_METHOD
|| ((pElemTypeDescr)->eTypeClass) == typelib_TypeClass_INTERFACE_ATTRIBUTE
)) typelib_typedescription_release( pElemTypeDescr ); };
152 return aRet;
153}
154
155//__________________________________________________________________________________________________
156void ArrayIdlClassImpl::set( Any & rArray, sal_Int32 nIndex, const Any & rNewValue )
157 throw(::com::sun::star::lang::IllegalArgumentException, ::com::sun::star::lang::ArrayIndexOutOfBoundsException, ::com::sun::star::uno::RuntimeException)
158{
159 TypeClass eTC = rArray.getValueTypeClass();
160 if (eTC != TypeClass_SEQUENCE && eTC != TypeClass_ARRAY)
161 {
162 throw IllegalArgumentException(
163 OUString( RTL_CONSTASCII_USTRINGPARAM("no sequence given!")(&("no sequence given!")[0]), ((sal_Int32)((sizeof ("no sequence given!"
) / sizeof (("no sequence given!")[0]))-1)), (((rtl_TextEncoding
) 11)) ),
164 (XWeak *)(OWeakObject *)this, 0 );
165 }
166
167 uno_Sequence * pSeq = *(uno_Sequence **)rArray.getValue();
168 if (pSeq->nElements <= nIndex)
169 {
170 throw ArrayIndexOutOfBoundsException(
171 OUString( RTL_CONSTASCII_USTRINGPARAM("illegal index given!")(&("illegal index given!")[0]), ((sal_Int32)((sizeof ("illegal index given!"
) / sizeof (("illegal index given!")[0]))-1)), (((rtl_TextEncoding
) 11)) ),
172 (XWeak *)(OWeakObject *)this );
173 }
174
175 uno_Sequence ** ppSeq = (uno_Sequence **)rArray.getValue();
176 uno_sequence_reference2One(
177 ppSeq, (typelib_TypeDescription *)getTypeDescr(),
178 reinterpret_cast< uno_AcquireFunc >(cpp_acquire),
179 reinterpret_cast< uno_ReleaseFunc >(cpp_release) );
180 rArray.pData = ppSeq;
181 pSeq = *ppSeq;
182
183 typelib_TypeDescription * pElemTypeDescr = 0;
184 TYPELIB_DANGER_GET( &pElemTypeDescr, getTypeDescr()->pType ){ typelib_TypeDescriptionReference * pMacroTypeRef = (getTypeDescr
()->pType); typelib_TypeDescription ** ppMacroTypeDescr = (
&pElemTypeDescr); if (((pMacroTypeRef->eTypeClass) == typelib_TypeClass_INTERFACE_METHOD
|| (pMacroTypeRef->eTypeClass) == typelib_TypeClass_INTERFACE_ATTRIBUTE
)) { typelib_typedescriptionreference_getDescription( ppMacroTypeDescr
, pMacroTypeRef ); } else if (!pMacroTypeRef->pType || !pMacroTypeRef
->pType->pWeakRef) { typelib_typedescriptionreference_getDescription
( ppMacroTypeDescr, pMacroTypeRef ); if (*ppMacroTypeDescr) typelib_typedescription_release
( *ppMacroTypeDescr ); } else { *ppMacroTypeDescr = pMacroTypeRef
->pType; } };
185
186 if (! coerce_assign( &pSeq->elements[nIndex * pElemTypeDescr->nSize],
187 pElemTypeDescr, rNewValue, getReflection() ))
188 {
189 TYPELIB_DANGER_RELEASE( pElemTypeDescr ){ if ((((pElemTypeDescr)->eTypeClass) == typelib_TypeClass_INTERFACE_METHOD
|| ((pElemTypeDescr)->eTypeClass) == typelib_TypeClass_INTERFACE_ATTRIBUTE
)) typelib_typedescription_release( pElemTypeDescr ); };
190 throw IllegalArgumentException(
191 OUString( RTL_CONSTASCII_USTRINGPARAM("sequence element is not assignable by given value!")(&("sequence element is not assignable by given value!")[
0]), ((sal_Int32)((sizeof ("sequence element is not assignable by given value!"
) / sizeof (("sequence element is not assignable by given value!"
)[0]))-1)), (((rtl_TextEncoding) 11)) ),
192 (XWeak *)(OWeakObject *)this, 2 );
193 }
194 TYPELIB_DANGER_RELEASE( pElemTypeDescr ){ if ((((pElemTypeDescr)->eTypeClass) == typelib_TypeClass_INTERFACE_METHOD
|| ((pElemTypeDescr)->eTypeClass) == typelib_TypeClass_INTERFACE_ATTRIBUTE
)) typelib_typedescription_release( pElemTypeDescr ); };
195}
196
197// ArrayIdlClassImpl
198//__________________________________________________________________________________________________
199sal_Bool ArrayIdlClassImpl::isAssignableFrom( const Reference< XIdlClass > & xType )
200 throw(::com::sun::star::uno::RuntimeException)
201{
202 return (xType.is() &&
203 (equals( xType ) ||
204 (xType->getTypeClass() == getTypeClass() && // must be sequence|array
205 getComponentType()->isAssignableFrom( xType->getComponentType() ))));
206}
207//__________________________________________________________________________________________________
208Reference< XIdlClass > ArrayIdlClassImpl::getComponentType()
209 throw(::com::sun::star::uno::RuntimeException)
210{
211 return getReflection()->forType( getTypeDescr()->pType );
212}
213//__________________________________________________________________________________________________
214Reference< XIdlArray > ArrayIdlClassImpl::getArray()
215 throw(::com::sun::star::uno::RuntimeException)
216{
217 return this;
218}
219
220}
221
222
223/* vim:set shiftwidth=4 softtabstop=4 expandtab: */