You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openoffice.apache.org by ms...@apache.org on 2018/10/07 12:14:23 UTC
svn commit: r1843061 - in /openoffice/branches/AOO416/main: ./ filter/
filter/inc/filter/msfilter/dffpropset.hxx
filter/source/msfilter/dffpropset.cxx
Author: mseidel
Date: Sun Oct 7 12:14:23 2018
New Revision: 1843061
URL: http://svn.apache.org/viewvc?rev=1843061&view=rev
Log:
i127872 - Merge r1838292 from trunk
When importing a Microsoft Office Drawing Binary File Format data stream,
ignore properties with the bComplex flag set indicating they have data
external to the property record if the indicated size of the data is
larger than will fit in the containing property table record.
DffPropSet::GetPropertyString() should return an empty string if
the bComplex flag is not set since there is no data to return.
Bail out of the loop that processes the array of properties early if
we hit the end of the property table record.
Limit the length of the property table record to the remaining size of
the stream.
Submitted by: truckman
Modified:
openoffice/branches/AOO416/main/ (props changed)
openoffice/branches/AOO416/main/filter/ (props changed)
openoffice/branches/AOO416/main/filter/inc/filter/msfilter/dffpropset.hxx
openoffice/branches/AOO416/main/filter/source/msfilter/dffpropset.cxx
Propchange: openoffice/branches/AOO416/main/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sun Oct 7 12:14:23 2018
@@ -2,4 +2,4 @@
/openoffice/branches/ia2/main:1417739-1541842
/openoffice/branches/ooxml-osba/main:1546391,1546395,1546574,1546934,1547030,1547392,1551920,1551954,1551958,1552283
/openoffice/branches/rejuvenate01/main:1480411,1534063,1534098,1536312,1549902,1560617
-/openoffice/trunk/main:1571617,1571677,1572569,1572577,1573547,1574058,1574101,1575922,1576216,1576748,1578786,1579934,1580657,1580779,1581746,1581840,1582359,1582365,1582709,1583336,1583418,1583589,1583988,1585171,1585261,1586242,1586249,1586583,1587468,1589050,1591501,1592692,1592716,1594206,1595847,1595851,1595858,1596218,1596491,1596494,1597076,1597102,1597109,1599169,1599173-1599174,1600581,1600587,1600590,1600630,1600861,1600863,1600883,1602434,1602791,1602823,1602850,1603416,1603897,1603941,1604028,1604709,1604786,1605044,1605355,1605689,1606055,1606061,1606706,1607111,1607793,1607836,1608348,1608376,1608730,1608733,1609204,1609208,1609302,1609426,1610347,1610411,1610422,1610671,1611470,1611549,1612070-1612071,1612539,1612801,1616457,1616944,1620195,1621121,1623847,1623849-1623850,1630814,1633294,1633297,1635806,1642300-1642302,1643177,1650314,1652476,1654282,1668939,1669457,1669459,1669462-1669463,1669465,1677190,1687177,1689883,1689959,1692551,1694132,1694701,1695962,169780
7,1700078,1700126,1700135,1702107,1702894,1702898,1702986,1702988,1705193,1705196,1705199,1705276,1705364,1705368-1705369,1705542,1706649,1707167,1707169-1707170,1707175,1707397,1707408,1707412,1707642,1707645,1707659,1707844,1708477,1708483,1709212,1709377,1709403,1723875,1729921,1730154,1748497,1755873,1758150,1760461,1761439,1763017,1763019,1765170,1766467,1766915,1780015,1784925,1784961,1785175,1791815,1793216,1797494,1800077,1800568,1802428,1803787,1803939,1804182,1805208,1806314,1811737,1813450,1815700,1839130
+/openoffice/trunk/main:1571617,1571677,1572569,1572577,1573547,1574058,1574101,1575922,1576216,1576748,1578786,1579934,1580657,1580779,1581746,1581840,1582359,1582365,1582709,1583336,1583418,1583589,1583988,1585171,1585261,1586242,1586249,1586583,1587468,1589050,1591501,1592692,1592716,1594206,1595847,1595851,1595858,1596218,1596491,1596494,1597076,1597102,1597109,1599169,1599173-1599174,1600581,1600587,1600590,1600630,1600861,1600863,1600883,1602434,1602791,1602823,1602850,1603416,1603897,1603941,1604028,1604709,1604786,1605044,1605355,1605689,1606055,1606061,1606706,1607111,1607793,1607836,1608348,1608376,1608730,1608733,1609204,1609208,1609302,1609426,1610347,1610411,1610422,1610671,1611470,1611549,1612070-1612071,1612539,1612801,1616457,1616944,1620195,1621121,1623847,1623849-1623850,1630814,1633294,1633297,1635806,1642300-1642302,1643177,1650314,1652476,1654282,1668939,1669457,1669459,1669462-1669463,1669465,1677190,1687177,1689883,1689959,1692551,1694132,1694701,1695962,169780
7,1700078,1700126,1700135,1702107,1702894,1702898,1702986,1702988,1705193,1705196,1705199,1705276,1705364,1705368-1705369,1705542,1706649,1707167,1707169-1707170,1707175,1707397,1707408,1707412,1707642,1707645,1707659,1707844,1708477,1708483,1709212,1709377,1709403,1723875,1729921,1730154,1748497,1755873,1758150,1760461,1761439,1763017,1763019,1765170,1766467,1766915,1780015,1784925,1784961,1785175,1791815,1793216,1797494,1800077,1800568,1802428,1803787,1803939,1804182,1805208,1806314,1811737,1813450,1815700,1838292,1839130
Propchange: openoffice/branches/AOO416/main/filter/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sun Oct 7 12:14:23 2018
@@ -2,4 +2,4 @@
/openoffice/branches/ia2/main/filter:1417739-1541842
/openoffice/branches/ooxml-osba/main/filter:1546391,1546395,1546574,1546934,1547030,1547392,1551920,1551954,1551958,1552283
/openoffice/branches/rejuvenate01/main/filter:1480411,1534063,1534098,1536312,1549902,1560617
-/openoffice/trunk/main/filter:1571617,1571677,1572569,1572577,1574058,1574101,1575922,1576216,1576748,1578786,1579934,1580657,1580779,1581746,1581840,1582359,1582365,1582709,1583336,1583418,1583589,1583988,1585261,1585498,1586242,1586249,1586325,1586583,1587468,1589050,1592692,1592716,1594206,1595847,1595851,1595858,1596218,1596491,1596494,1597076,1597102,1597109,1599169,1599173-1599174,1600581,1600587,1600590,1600630,1600861,1600863,1600883,1602434,1602823,1602850,1603416,1603897,1607839,1621121,1623847,1623849-1623850,1642300-1642302,1692551,1702894,1702898,1702986,1702988
+/openoffice/trunk/main/filter:1571617,1571677,1572569,1572577,1574058,1574101,1575922,1576216,1576748,1578786,1579934,1580657,1580779,1581746,1581840,1582359,1582365,1582709,1583336,1583418,1583589,1583988,1585261,1585498,1586242,1586249,1586325,1586583,1587468,1589050,1592692,1592716,1594206,1595847,1595851,1595858,1596218,1596491,1596494,1597076,1597102,1597109,1599169,1599173-1599174,1600581,1600587,1600590,1600630,1600861,1600863,1600883,1602434,1602823,1602850,1603416,1603897,1607839,1621121,1623847,1623849-1623850,1642300-1642302,1692551,1702894,1702898,1702986,1702988,1838292
Modified: openoffice/branches/AOO416/main/filter/inc/filter/msfilter/dffpropset.hxx
URL: http://svn.apache.org/viewvc/openoffice/branches/AOO416/main/filter/inc/filter/msfilter/dffpropset.hxx?rev=1843061&r1=1843060&r2=1843061&view=diff
==============================================================================
--- openoffice/branches/AOO416/main/filter/inc/filter/msfilter/dffpropset.hxx (original)
+++ openoffice/branches/AOO416/main/filter/inc/filter/msfilter/dffpropset.hxx Sun Oct 7 12:14:23 2018
@@ -61,6 +61,7 @@ class MSFILTER_DLLPUBLIC DffPropSet
~DffPropSet();
inline sal_Bool IsProperty( sal_uInt32 nRecType ) const { return ( mpPropSetEntries[ nRecType & 0x3ff ].aFlags.bSet ); };
+ inline sal_Bool IsComplex( sal_uInt32 nRecType ) const { return ( mpPropSetEntries[ nRecType & 0x3ff ].aFlags.bComplex ); };
sal_Bool IsHardAttribute( sal_uInt32 nId ) const;
sal_uInt32 GetPropertyValue( sal_uInt32 nId, sal_uInt32 nDefault = 0 ) const;
/** Returns a boolean property by its real identifier. */
Modified: openoffice/branches/AOO416/main/filter/source/msfilter/dffpropset.cxx
URL: http://svn.apache.org/viewvc/openoffice/branches/AOO416/main/filter/source/msfilter/dffpropset.cxx?rev=1843061&r1=1843060&r2=1843061&view=diff
==============================================================================
--- openoffice/branches/AOO416/main/filter/source/msfilter/dffpropset.cxx (original)
+++ openoffice/branches/AOO416/main/filter/source/msfilter/dffpropset.cxx Sun Oct 7 12:14:23 2018
@@ -1099,7 +1099,11 @@ DffPropSet::~DffPropSet()
void DffPropSet::ReadPropSet( SvStream& rIn, bool bSetUninitializedOnly )
{
DffRecordHeader aHd;
+ sal_Size nEndOfStream, nEndOfRecord;
rIn >> aHd;
+ nEndOfStream = rIn.Seek(STREAM_SEEK_TO_END);
+ aHd.SeekToContent( rIn );
+ nEndOfRecord = Min(aHd.GetRecEndFilePos(), nEndOfStream);
if ( !bSetUninitializedOnly )
{
@@ -1116,6 +1120,8 @@ void DffPropSet::ReadPropSet( SvStream&
{
sal_uInt16 nTmp;
sal_uInt32 nRecType, nContent;
+ if (nEndOfRecord - rIn.Tell() < 6)
+ break;
rIn >> nTmp
>> nContent;
@@ -1157,7 +1163,7 @@ void DffPropSet::ReadPropSet( SvStream&
aPropFlag.bBlip = sal_True;
if ( nTmp & 0x8000 )
aPropFlag.bComplex = sal_True;
- if ( aPropFlag.bComplex && nContent && ( nComplexDataFilePos < aHd.GetRecEndFilePos() ) )
+ if ( aPropFlag.bComplex && nContent && ( nComplexDataFilePos < nEndOfRecord ) )
{
// normally nContent is the complete size of the complex property,
// but this is not always true for IMsoArrays ( what the hell is a IMsoArray ? )
@@ -1190,13 +1196,17 @@ void DffPropSet::ReadPropSet( SvStream&
nContent += 6;
// check if array fits into the PropertyContainer
- if ( ( nComplexDataFilePos + nContent ) > aHd.GetRecEndFilePos() )
+ if ( nContent > nEndOfRecord - nComplexDataFilePos)
nContent = 0;
}
else
nContent = 0;
rIn.Seek( nOldPos );
- }
+ } else {
+ // check if complex property fits into the PropertyContainer
+ if ( nContent > nEndOfRecord - nComplexDataFilePos)
+ nContent = 0;
+ }
if ( nContent )
{
if ( bSetProperty )
@@ -1301,7 +1311,7 @@ bool DffPropSet::GetPropertyBool( sal_uI
sal_Size nOldPos = rStrm.Tell();
::rtl::OUStringBuffer aBuffer;
sal_uInt32 nBufferSize = GetPropertyValue( nId );
- if( (nBufferSize > 0) && SeekToContent( nId, rStrm ) )
+ if( (nBufferSize > 0) && IsComplex( nId ) && SeekToContent( nId, rStrm ) )
{
sal_Int32 nStrLen = static_cast< sal_Int32 >( nBufferSize / 2 );
aBuffer.ensureCapacity( nStrLen );