To comment on the following update, log in, then open the issue:
http://www.openoffice.org/issues/show_bug.cgi?id=47236
Issue #:|47236
Summary:|crash / load malicious data ...
Component:|utilities
Version:|680m90
Platform:|All
URL:|
OS/Version:|All
Status:|NEW
Status whiteboard:|
Keywords:|
Resolution:|
Issue type:|PATCH
Priority:|P2
Subcomponent:|code
Assigned to:|hro
Reported by:|mmeeks
------- Additional comments from [EMAIL PROTECTED] Tue Apr 12 03:08:48 -0700
2005 -------
So - this appeared on bugtraq recently:
Index: sot/source/sdstor/stgole.cxx
===================================================================
RCS file: /cvs/util/sot/source/sdstor/stgole.cxx,v
retrieving revision 1.4
diff -u -p -u -r1.4 stgole.cxx
--- sot/source/sdstor/stgole.cxx 22 Jul 2002 12:28:43 -0000 1.4
+++ sot/source/sdstor/stgole.cxx 12 Apr 2005 10:14:48 -0000
@@ -157,7 +157,7 @@ BOOL StgCompObjStream::Load()
INT32 nLen1 = 0;
*this >> nLen1;
sal_Char* p = new sal_Char[ (USHORT) nLen1 ];
- if( Read( p, nLen1 ) == (ULONG) nLen1 )
+ if( Read( p, (USHORT) nLen1 ) == (ULONG) nLen1 )
{
aUserName = String( p, gsl_getSystemTextEncoding() );
/* // Now we can read the CB format
---------------------------------------------------------------------
Please do not reply to this automatically generated notification from
Issue Tracker. Please log onto the website and enter your comments.
http://qa.openoffice.org/issue_handling/project_issues.html#notification
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
