fix crash in ClearTocBox due to re-entrant EN_CHANGE from SetText

kjk · claude · kjk · commit 2c7ed74d1ed3 · 2026-04-07T13:02:58.000+02:00
Setting tocFilterEdit text to "" triggers EN_CHANGE synchronously,
which re-enters ApplyTocFilter while tocLoaded is still true,
causing access to freed TOC data. Move tocLoaded=false before SetText.

Co-Authored-By: Claude Opus 4.6 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/src/TableOfContents.cpp b/src/TableOfContents.cpp
@@ -235,6 +235,11 @@ void ClearTocBox(MainWindow* win) {
         return;
     }
 
+    // set tocLoaded to false before SetText("") because SetText triggers
+    // EN_CHANGE synchronously which calls ApplyTocFilter() re-entrantly
+    // and we need it to bail out early
+    win->tocLoaded = false;
+
     win->tocTreeView->Clear();
 
     // clear filter state
@@ -245,7 +250,6 @@ void ClearTocBox(MainWindow* win) {
     }
 
     win->currPageNo = 0;
-    win->tocLoaded = false;
 }
 
 void ToggleTocBox(MainWindow* win) {

Original file line number	Diff line number	Diff line change
`@@ -235,6 +235,11 @@ void ClearTocBox(MainWindow* win) {`
`235`	`235`	`return;`
`236`	`236`	`}`
`237`	`237`
	`238`	`+ // set tocLoaded to false before SetText("") because SetText triggers`
	`239`	`+ // EN_CHANGE synchronously which calls ApplyTocFilter() re-entrantly`
	`240`	`+ // and we need it to bail out early`
	`241`	`+ win->tocLoaded = false;`
	`242`	`+`
`238`	`243`	`win->tocTreeView->Clear();`
`239`	`244`
`240`	`245`	`// clear filter state`
`@@ -245,7 +250,6 @@ void ClearTocBox(MainWindow* win) {`
`245`	`250`	`}`
`246`	`251`
`247`	`252`	`win->currPageNo = 0;`
`248`		`- win->tocLoaded = false;`
`249`	`253`	`}`
`250`	`254`
`251`	`255`	`void ToggleTocBox(MainWindow* win) {`