GoogleCodeExporter
commented
9 years ago A good one.
Highlighted a couple of troubles. The important one is that undo stacks MUST be
updated within the block which locks the TDT.
laydata::TdtLibDir* dbLibDir = NULL;
if (DATC->lockTDT(dbLibDir, dbmxs_celllock))
{
// <... code ...>
UNDOcmdQ.push_front(this);
UNDOPstack.push_front(...);
UNDOPstack.push_front(...);
// <... code ...>
}
DATC->unlockTDT(dbLibDir, true);
The reason is that otherwise the operation is normally not executed and there is
nothing to undo. The worst case in this line of troubles is to have some undo
stack
operations outside the locking block and some inside. This will definitely crash
Toped when the undo stack is cleaned-up, simply because the stack integrity
will be
corrupted. In a short session it will happen at the exit. In the long one -
it's a
ticking bomb - it will happen when the stack is cleaned gradually with every
operation (when exceeds the state undo depth) which means that the crash has
nothing
to do with the current operation (very confusing for the user!)
More checks required for similar malicious code throughout the entire
tpd_bidfunc library
Original comment by krustev....@gmail.com on 17 Mar 2010 at 10:30
- Changed state: Fixed
- Added labels: Component-Other, OpSys-All
Original issue reported on code.google.com by
gaitukevich.s@gmail.comon 17 Mar 2010 at 2:38Attachments: