cuneiform team mailing list archive

Thread
Date

Re: [Bug 439736] Re: Access violation in rling.dll (speller?)

To: Bug 439736 <439736@xxxxxxxxxxxxxxxxxx>
From: Ben Jackson <ben@xxxxxxx>
Date: Wed, 7 Oct 2009 19:14:22 -0700
Cc: cuneiform@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20091008002614.31537.70905.malone@potassium.ubuntu.com>
User-agent: Mutt/1.5.18 (2008-05-17)

On Thu, Oct 08, 2009 at 12:26:14AM -0000, John A wrote:
> Thanks for that. I did a bit more testing and I may have found some
> clues.
> 
> In spelchk.c::selectobj() there is the following code at the start of
> the function that sets the start and end of a "part":
> 
>  if (!(findpart (obj, part, obj->pos_part[ib], obj->pos_part[ie], &pi)))
>   {
>    pi = obj->part_max; /* part not found => consider last part         */
>    ib = part[pi].begi;     /* the last part's beg index in obj->pos_part[] */
>    ie = part[pi].endi;     /* the last part's end index in obj->pos_part[] */
>   }
>  if ( (pi==0) && (!(part[pi].word)) )
>    goto No_selectobj;      /* not worth part                               */
>  cur_part [ib] = obj->pos_part[ib];  /* copy last part beg */  <== ACCESS VIOLATION ... index ib >>> sizeof(cur_part)
>  cur_part [ie] = obj->pos_part[ie];  /* copy last part end */

Your change of:

>    pi = obj->part_max - 1; /* part not found => consider last part         */

seems reasonable, but more of the logic below would have to change.  At
least the test (pi==0) for "only one" suggests that there should be yet
another test in case pi==-1 (after your change) for "none".

-- 
Ben Jackson AD7GD
<ben@xxxxxxx>
http://www.ben.com/

References

[Bug 439736] [NEW] Access violation in rling.dll (speller?)
From: John A, 2009-10-01
[Bug 439736] Re: Access violation in rling.dll (speller?)
From: John A, 2009-10-08