No description
85dbb4a9af
Finally unit-copy-paste passes under sanitizers with this. Details: ==8988==ERROR: AddressSanitizer: heap-use-after-free on address 0x60d0005e6de0 at pc 0x000000988e85 bp 0x7fff753316d0 sp 0x7fff753316c8 READ of size 4 at 0x60d0005e6de0 thread T0 (loolkit) #0 0x988e84 in std::pair<int const, UserInfo>::pair(std::pair<int const, UserInfo> const&) /home/vmiklos/git/libreoffice/lode/opt_private/gcc-7.3.0/lib64/gcc/x86_64-pc-linux-gnu/7.3.0/../../../../include/c++/7.3.0/bits/stl_pair.h:292:17 ... #12 0x9322af in Document::notifyViewInfo() /home/vmiklos/git/libreoffice/online-san/kit/Kit.cpp:1600:53 #13 0x9303f9 in Document::onUnload(ChildSession const&) /home/vmiklos/git/libreoffice/online-san/kit/Kit.cpp:1566:13 #14 0x616dcd in ChildSession::disconnect() /home/vmiklos/git/libreoffice/online-san/kit/ChildSession.cpp:96:25 #15 0x616535 in ChildSession::~ChildSession() /home/vmiklos/git/libreoffice/online-san/kit/ChildSession.cpp:85:5 freed by thread T0 (loolkit) here: #0 0x60f9b0 in operator delete(void*) _asan_rtl_:0 ... #8 0x939292 in Document::~Document() /home/vmiklos/git/libreoffice/online-san/kit/Kit.cpp:913:5 I.e. when the Document dtor clears Document::_sessions, the ChildSession dtor may be called. But ChildSession expected that it has a valid Document during its lifetime, which is not a promise we can hold, see the above trace. Fix the problem by having a pointer (and not a reference) to a Document in ChildSession and then: 1) Clear that Document pointer in ChildSessions at the end of the Document dtor using a new resetDocManager() 2) Check if the Document is nullptr in ChildSession::disconnect() instead of dereferencing it unconditionally. Change-Id: I19d3d6bfe9e142a52c199f49aaa347d1a2edbf87 |
||
---|---|---|
android | ||
bundled/include/LibreOfficeKit | ||
common | ||
debian | ||
docker | ||
etc | ||
gtk | ||
ios | ||
kit | ||
loleaflet | ||
man | ||
net | ||
scripts | ||
test | ||
tools | ||
wsd | ||
.clang-format | ||
.clang-tidy | ||
.gitignore | ||
.gitreview | ||
AUTHORS | ||
autogen.sh | ||
browsersync-config.js | ||
ChangeLog | ||
configure.ac | ||
COPYING | ||
discovery.xml | ||
favicon.ico | ||
INSTALL | ||
loolkitconfig.xcu | ||
loolstat | ||
loolwsd-systemplate-setup | ||
loolwsd.service | ||
loolwsd.spec.in | ||
loolwsd.xml.in | ||
Makefile.am | ||
NEWS | ||
PROBLEMS | ||
README | ||
sysconfig.loolwsd |
LibreOffice Online. This project has several components: wsd/ The Web Services Daemon - which accepts external connections. kit/ The client which lives in its own chroot and renders documents. common/ Shared code between these processes. loleaflet/ The client side JavaScript component. It is recommended to read these files: wsd/README loleaflet/README Enjoy.