diff options
| author | Kris De Gussem <kris.degussem@gmail.com> | 2012-05-04 15:40:04 +0000 |
|---|---|---|
| committer | Kris <Kris.De.Gussem@hotmail.com> | 2012-05-04 15:40:04 +0000 |
| commit | ecdd31b0c95f8f210038bc3dd5dfc0afb7a68883 (patch) | |
| tree | 56a4dbdc763833577eebb9571128ac8ee8649117 /src | |
| parent | cpp-style casting (diff) | |
| download | inkscape-ecdd31b0c95f8f210038bc3dd5dfc0afb7a68883.tar.gz inkscape-ecdd31b0c95f8f210038bc3dd5dfc0afb7a68883.zip | |
Adding checks to prevent null pointer dereferences
(bzr r11325)
Diffstat (limited to 'src')
| -rw-r--r-- | src/gradient-chemistry.cpp | 10 | ||||
| -rw-r--r-- | src/object-snapper.cpp | 4 | ||||
| -rw-r--r-- | src/sp-item.cpp | 22 | ||||
| -rw-r--r-- | src/sp-use.cpp | 10 | ||||
| -rw-r--r-- | src/style.cpp | 91 | ||||
| -rw-r--r-- | src/style.h | 20 | ||||
| -rw-r--r-- | src/ui/clipboard.cpp | 37 |
7 files changed, 124 insertions, 70 deletions
diff --git a/src/gradient-chemistry.cpp b/src/gradient-chemistry.cpp index a0da1e430..6983849fa 100644 --- a/src/gradient-chemistry.cpp +++ b/src/gradient-chemistry.cpp @@ -77,10 +77,12 @@ SPGradient *sp_gradient_ensure_vector_normalized(SPGradient *gr) } /* If gr hrefs some other gradient, remove the href */ - if (gr->ref->getObject()) { - // We are hrefing someone, so require flattening - gr->updateRepr(SP_OBJECT_WRITE_EXT | SP_OBJECT_WRITE_ALL); - sp_gradient_repr_set_link(gr->getRepr(), NULL); + if (gr->ref){ + if (gr->ref->getObject()) { + // We are hrefing someone, so require flattening + gr->updateRepr(SP_OBJECT_WRITE_EXT | SP_OBJECT_WRITE_ALL); + sp_gradient_repr_set_link(gr->getRepr(), NULL); + } } /* Everything is OK, set state flag */ diff --git a/src/object-snapper.cpp b/src/object-snapper.cpp index bda856914..e6f6d87db 100644 --- a/src/object-snapper.cpp +++ b/src/object-snapper.cpp @@ -111,11 +111,11 @@ void Inkscape::ObjectSnapper::_findCandidates(SPObject* parent, // The current item is not a clipping path or a mask, but might // still be the subject of clipping or masking itself ; if so, then // we should also consider that path or mask for snapping to - obj = SP_OBJECT(item->clip_ref->getObject()); + obj = SP_OBJECT(item->clip_ref ? item->clip_ref->getObject() : NULL); if (obj && _snapmanager->snapprefs.isTargetSnappable(SNAPTARGET_PATH_CLIP)) { _findCandidates(obj, it, false, bbox_to_snap, true, item->i2doc_affine()); } - obj = SP_OBJECT(item->mask_ref->getObject()); + obj = SP_OBJECT(item->mask_ref ? item->mask_ref->getObject() : NULL); if (obj && _snapmanager->snapprefs.isTargetSnappable(SNAPTARGET_PATH_MASK)) { _findCandidates(obj, it, false, bbox_to_snap, true, item->i2doc_affine()); } diff --git a/src/sp-item.cpp b/src/sp-item.cpp index d6395cfee..e0a9b97f2 100644 --- a/src/sp-item.cpp +++ b/src/sp-item.cpp @@ -660,15 +660,19 @@ Inkscape::XML::Node *SPItem::sp_item_write(SPObject *const object, Inkscape::XML repr->setAttribute ("inkscape:transform-center-y", NULL); } - if (item->clip_ref->getObject()) { - const gchar *value = g_strdup_printf ("url(%s)", item->clip_ref->getURI()->toString()); - repr->setAttribute ("clip-path", value); - g_free ((void *) value); - } - if (item->mask_ref->getObject()) { - const gchar *value = g_strdup_printf ("url(%s)", item->mask_ref->getURI()->toString()); - repr->setAttribute ("mask", value); - g_free ((void *) value); + if (item->clip_ref){ + if (item->clip_ref->getObject()) { + const gchar *value = g_strdup_printf ("url(%s)", item->clip_ref->getURI()->toString()); + repr->setAttribute ("clip-path", value); + g_free ((void *) value); + } + } + if (item->mask_ref){ + if (item->mask_ref->getObject()) { + const gchar *value = g_strdup_printf ("url(%s)", item->mask_ref->getURI()->toString()); + repr->setAttribute ("mask", value); + g_free ((void *) value); + } } if (((SPObjectClass *) (SPItemClass::static_parent_class))->write) { diff --git a/src/sp-use.cpp b/src/sp-use.cpp index 5bbb1c1a8..e39f560c3 100644 --- a/src/sp-use.cpp +++ b/src/sp-use.cpp @@ -741,10 +741,14 @@ SPItem *sp_use_unlink(SPUse *use) return item; } -SPItem * -sp_use_get_original(SPUse *use) +SPItem *sp_use_get_original(SPUse *use) { - SPItem *ref = use->ref->getObject(); + SPItem *ref = NULL; + if (use){ + if (use->ref){ + ref = use->ref->getObject(); + } + } return ref; } diff --git a/src/style.cpp b/src/style.cpp index 93bd5ac76..40cd1663e 100644 --- a/src/style.cpp +++ b/src/style.cpp @@ -8,10 +8,12 @@ * bulia byak <buliabyak@users.sf.net> * Abhishek Sharma * Tavmjong Bah <tavmjong@free.fr> + * Kris De Gussem <Kris.DeGussem@gmail.com> * * Copyright (C) 2001-2002 Lauris Kaplinski * Copyright (C) 2001 Ximian, Inc. * Copyright (C) 2005 Monash University + * Copyright (C) 2012 Kris De Gussem * * Released under GNU GPL, read the file 'COPYING' for more information */ @@ -1169,7 +1171,7 @@ sp_style_merge_property(SPStyle *style, gint id, gchar const *val) */ g_warning("attribute 'clip-path' given as CSS"); - //XML Tree being directly used here. + //XML Tree being directly used here. style->object->getRepr()->setAttribute("clip-path", val); break; case SP_PROP_CLIP_RULE: @@ -1182,8 +1184,8 @@ sp_style_merge_property(SPStyle *style, gint id, gchar const *val) * See comment for SP_PROP_CLIP_PATH */ g_warning("attribute 'mask' given as CSS"); - - //XML Tree being directly used here. + + //XML Tree being directly used here. style->object->getRepr()->setAttribute("mask", val); break; case SP_PROP_OPACITY: @@ -2407,8 +2409,11 @@ sp_style_set_ipaint_to_uri(SPStyle *style, SPIPaint *paint, const Inkscape::URI paint->value.href->changedSignal().connect(sigc::bind(sigc::ptr_fun((paint == &style->fill)? sp_style_fill_paint_server_ref_changed : sp_style_stroke_paint_server_ref_changed), style)); } - if (paint->value.href && paint->value.href->getObject()) - paint->value.href->detach(); + if (paint->value.href){ + if (paint->value.href->getObject()){ + paint->value.href->detach(); + } + } if (paint->value.href) { try { @@ -2486,21 +2491,29 @@ sp_style_merge_ifilter(SPStyle *style, SPIFilter const *parent) style->filter.set = parent->set; style->filter.inherit = parent->inherit; - if (style->filter.href && style->filter.href->getObject()) - style->filter.href->detach(); - - // it may be that this style has not yet created its SPFilterReference - if (!style->filter.href && style->object && style->object->document) { - style->filter.href = new SPFilterReference(style->object->document); - style->filter.href->changedSignal().connect(sigc::bind(sigc::ptr_fun(sp_style_filter_ref_changed), style)); + if (style->filter.href){ + if (style->filter.href->getObject()){ + style->filter.href->detach(); + } + } + else{ + // it may be that this style has not yet created its SPFilterReference + if (style->object){ + if (style->object->document) { + style->filter.href = new SPFilterReference(style->object->document); + style->filter.href->changedSignal().connect(sigc::bind(sigc::ptr_fun(sp_style_filter_ref_changed), style)); + } + } } - if (style->filter.href && parent->href && parent->href->getObject()) { - try { - style->filter.href->attach(*parent->href->getURI()); - } catch (Inkscape::BadURIException &e) { - g_warning("%s", e.what()); - style->filter.href->detach(); + if (style->filter.href && parent->href){ + if (parent->href->getObject()) { + try { + style->filter.href->attach(*parent->href->getURI()); + } catch (Inkscape::BadURIException &e) { + g_warning("%s", e.what()); + style->filter.href->detach(); + } } } } @@ -3595,13 +3608,19 @@ sp_style_read_ifilter(gchar const *str, SPStyle * style, SPDocument *document) if (streq(str, "inherit")) { f->set = TRUE; f->inherit = TRUE; - if (f->href && f->href->getObject()) - f->href->detach(); + if (f->href){ + if (f->href->getObject()){ + f->href->detach(); + } + } } else if(streq(str, "none")) { f->set = TRUE; f->inherit = FALSE; - if (f->href && f->href->getObject()) - f->href->detach(); + if (f->href){ + if (f->href->getObject()){ + f->href->detach(); + } + } } else if (strneq(str, "url", 3)) { char *uri = extract_uri(str); if(uri == NULL || uri[0] == '\0') { @@ -3612,8 +3631,11 @@ sp_style_read_ifilter(gchar const *str, SPStyle * style, SPDocument *document) } f->set = TRUE; f->inherit = FALSE; - if (f->href && f->href->getObject()) - f->href->detach(); + if (f->href){ + if (f->href->getObject()){ + f->href->detach(); + } + } // it may be that this style has not yet created its SPFilterReference; // now that we have a document, we can create it here @@ -3634,8 +3656,11 @@ sp_style_read_ifilter(gchar const *str, SPStyle * style, SPDocument *document) /* We shouldn't reach this if SVG input is well-formed */ f->set = FALSE; f->inherit = FALSE; - if (f->href && f->href->getObject()) - f->href->detach(); + if (f->href){ + if (f->href->getObject()){ + f->href->detach(); + } + } } } @@ -4258,9 +4283,10 @@ void SPIPaint::clear() colorSet = false; noneSet = false; value.color.set( 0 ); - if ( value.href && value.href->getObject() ) - { - value.href->detach(); + if (value.href){ + if (value.href->getObject()){ + value.href->detach(); + } } } @@ -4271,8 +4297,11 @@ void SPIPaint::clear() static void sp_style_filter_clear(SPStyle *style) { - if (style->filter.href && style->filter.href->getObject()) - style->filter.href->detach(); + if (style->filter.href){ + if (style->filter.href->getObject()){ + style->filter.href->detach(); + } + } } diff --git a/src/style.h b/src/style.h index 9a3d7309e..bdea441a6 100644 --- a/src/style.h +++ b/src/style.h @@ -168,7 +168,7 @@ struct SPIPaint { bool isNone() const {return !currentcolor && !colorSet && !isPaintserver();} // TODO refine bool isColor() const {return colorSet && !isPaintserver();} - bool isPaintserver() const {return value.href && value.href->getObject();} + bool isPaintserver() const {return (value.href) ? value.href->getObject():0;} void clear(); @@ -404,17 +404,17 @@ struct SPStyle { sigc::connection fill_ps_modified_connection; sigc::connection stroke_ps_modified_connection; - SPObject *getFilter() { return (filter.href) ? filter.href->getObject() : 0; } - SPObject const *getFilter() const { return (filter.href) ? filter.href->getObject() : 0; } - gchar const *getFilterURI() const { return (filter.href) ? filter.href->getURI()->toString() : 0; } + SPObject *getFilter() { return (filter.href) ? filter.href->getObject() : NULL; } + SPObject const *getFilter() const { return (filter.href) ? filter.href->getObject() : NULL; } + gchar const *getFilterURI() const { return (filter.href) ? filter.href->getURI()->toString() : NULL; } - SPPaintServer *getFillPaintServer() { return (fill.value.href) ? fill.value.href->getObject() : 0; } - SPPaintServer const *getFillPaintServer() const { return (fill.value.href) ? fill.value.href->getObject() : 0; } - gchar const *getFillURI() const { return (fill.value.href) ? fill.value.href->getURI()->toString() : 0; } + SPPaintServer *getFillPaintServer() { return (fill.value.href) ? fill.value.href->getObject() : NULL; } + SPPaintServer const *getFillPaintServer() const { return (fill.value.href) ? fill.value.href->getObject() : NULL; } + gchar const *getFillURI() const { return (fill.value.href) ? fill.value.href->getURI()->toString() : NULL; } - SPPaintServer *getStrokePaintServer() { return (stroke.value.href) ? stroke.value.href->getObject() : 0; } - SPPaintServer const *getStrokePaintServer() const { return (stroke.value.href) ? stroke.value.href->getObject() : 0; } - gchar const *getStrokeURI() const { return (stroke.value.href) ? stroke.value.href->getURI()->toString() : 0; } + SPPaintServer *getStrokePaintServer() { return (stroke.value.href) ? stroke.value.href->getObject() : NULL; } + SPPaintServer const *getStrokePaintServer() const { return (stroke.value.href) ? stroke.value.href->getObject() : NULL; } + gchar const *getStrokeURI() const { return (stroke.value.href) ? stroke.value.href->getURI()->toString() : NULL; } }; SPStyle *sp_style_new(SPDocument *document); diff --git a/src/ui/clipboard.cpp b/src/ui/clipboard.cpp index b972997e2..8f0652a78 100644 --- a/src/ui/clipboard.cpp +++ b/src/ui/clipboard.cpp @@ -698,20 +698,25 @@ void ClipboardManagerImpl::_copyUsedDefs(SPItem *item) _copyTextPath(SP_TEXTPATH(item->firstChild())); } // Copy clipping objects - if (item->clip_ref->getObject()) { - _copyNode(item->clip_ref->getObject()->getRepr(), _doc, _defs); + if (item->clip_ref){ + if (item->clip_ref->getObject()) { + _copyNode(item->clip_ref->getObject()->getRepr(), _doc, _defs); + } } // Copy mask objects - if (item->mask_ref->getObject()) { - SPObject *mask = item->mask_ref->getObject(); - _copyNode(mask->getRepr(), _doc, _defs); - // recurse into the mask for its gradients etc. - for (SPObject *o = mask->children ; o != NULL ; o = o->next) { - if (SP_IS_ITEM(o)) { - _copyUsedDefs(SP_ITEM(o)); + if (item->mask_ref){ + if (item->mask_ref->getObject()) { + SPObject *mask = item->mask_ref->getObject(); + _copyNode(mask->getRepr(), _doc, _defs); + // recurse into the mask for its gradients etc. + for (SPObject *o = mask->children ; o != NULL ; o = o->next) { + if (SP_IS_ITEM(o)) { + _copyUsedDefs(SP_ITEM(o)); + } } } } + // Copy filters if (style->getFilter()) { SPObject *filter = style->getFilter(); @@ -737,7 +742,12 @@ void ClipboardManagerImpl::_copyGradient(SPGradient *gradient) while (gradient) { // climb up the refs, copying each one in the chain _copyNode(gradient->getRepr(), _doc, _defs); - gradient = gradient->ref->getObject(); + if (gradient->ref){ + gradient = gradient->ref->getObject(); + } + else { + gradient = NULL; + } } } @@ -758,7 +768,12 @@ void ClipboardManagerImpl::_copyPattern(SPPattern *pattern) } _copyUsedDefs(SP_ITEM(child)); } - pattern = pattern->ref->getObject(); + if (pattern->ref){ + pattern = pattern->ref->getObject(); + } + else{ + pattern = NULL; + } } } |