connectivity/source/drivers/dbase/DTable.cxx | 20 ++ connectivity/source/drivers/file/FResultSet.cxx | 4 filter/CppunitTest_filter_dxf_test.mk | 43 ++++++ filter/Module_filter.mk | 1 filter/qa/cppunit/data/dxf/fail/CVE-2010-1681-1.dxf |binary filter/qa/cppunit/data/dxf/indeterminate/.gitignore | 1 filter/qa/cppunit/filters-dxf-test.cxx | 71 ++++++++++ sc/CppunitTest_sc_filters_test.mk | 1 sc/qa/unit/data/dbf/pass/sf_52f907dbea3069ba59ef1e183a0f4160-430.dbf |binary sc/qa/unit/filters-test.cxx | 3 writerperfect/qa/unit/data/draw/libvisio/pass/EDB-22679-1.vsd |binary 11 files changed, 139 insertions(+), 5 deletions(-)
New commits: commit ef933f02447c25cc0d6048a62e9bc08f3bca5470 Author: Caolán McNamara <caol...@redhat.com> Date: Sat Aug 9 13:25:56 2014 +0100 add calc dbase import test Change-Id: I6dd23b5dfab096f67a189ce2747b211b2a3044e9 diff --git a/sc/CppunitTest_sc_filters_test.mk b/sc/CppunitTest_sc_filters_test.mk index 71f4d7e..4fbf489 100644 --- a/sc/CppunitTest_sc_filters_test.mk +++ b/sc/CppunitTest_sc_filters_test.mk @@ -80,6 +80,7 @@ $(eval $(call gb_CppunitTest_use_components,sc_filters_test,\ chart2/source/controller/chartcontroller \ comphelper/util/comphelp \ configmgr/source/configmgr \ + connectivity/source/manager/sdbc2 \ dbaccess/util/dba \ embeddedobj/util/embobj \ eventattacher/source/evtatt \ diff --git a/sc/qa/unit/data/dbf/fail/.gitignore b/sc/qa/unit/data/dbf/fail/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/sc/qa/unit/data/dbf/indeterminate/.gitignore b/sc/qa/unit/data/dbf/indeterminate/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/sc/qa/unit/data/dbf/pass/.gitignore b/sc/qa/unit/data/dbf/pass/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/sc/qa/unit/data/dbf/pass/sf_52f907dbea3069ba59ef1e183a0f4160-430.dbf b/sc/qa/unit/data/dbf/pass/sf_52f907dbea3069ba59ef1e183a0f4160-430.dbf new file mode 100644 index 0000000..c58f608 Binary files /dev/null and b/sc/qa/unit/data/dbf/pass/sf_52f907dbea3069ba59ef1e183a0f4160-430.dbf differ diff --git a/sc/qa/unit/filters-test.cxx b/sc/qa/unit/filters-test.cxx index da9ec56..1aa9c70 100644 --- a/sc/qa/unit/filters-test.cxx +++ b/sc/qa/unit/filters-test.cxx @@ -128,6 +128,9 @@ void ScFiltersTest::testCVEs() testDir(OUString("MS Excel 97"), getURLFromSrc("/sc/qa/unit/data/xls/"), OUString()); + + testDir(OUString("dBase"), + getURLFromSrc("/sc/qa/unit/data/dbf/"), OUString()); #endif } commit e49e41f7601122dcaf7e31f4fa1cb4074c3dd35a Author: Caolán McNamara <caol...@redhat.com> Date: Sat Aug 9 13:31:24 2014 +0100 check return of Execute row and propogate error code Change-Id: I75b2c454122aa2d75d66dc46865135e01277bbcb diff --git a/connectivity/source/drivers/file/FResultSet.cxx b/connectivity/source/drivers/file/FResultSet.cxx index 589ecd3..ee98373 100644 --- a/connectivity/source/drivers/file/FResultSet.cxx +++ b/connectivity/source/drivers/file/FResultSet.cxx @@ -999,7 +999,9 @@ bool OResultSet::Move(IResultSetHelper::Movement eCursorPosition, sal_Int32 nOff if (m_nRowPos < (sal_Int32)m_pFileSet->get().size()) { // Fetch via Index - ExecuteRow(IResultSetHelper::BOOKMARK,(m_pFileSet->get())[m_nRowPos],false,bRetrieveData); + bool bOK = ExecuteRow(IResultSetHelper::BOOKMARK,(m_pFileSet->get())[m_nRowPos],false,bRetrieveData); + if (!bOK) + goto Error; // now set the bookmark for outside *(*m_aRow->get().begin()) = sal_Int32(m_nRowPos + 1); commit a9201a4dfe54d920ff6272aae949eefb7888dc20 Author: Caolán McNamara <caol...@redhat.com> Date: Fri Aug 8 15:55:02 2014 +0100 Conditional jump or move depends on uninitialised value(s) at 0x2DC948DF: connectivity::dbase::ODbaseTable::fillColumns() (DTable.cxx:330) ... by 0x2C57E3B3: ScDocShell::DBaseImport(rtl::OUString const&, unsigned short, ScColWidthParam*, ScFlatBoolRowSegments&) (docsh8.cxx:345) bff + valgrind: sf_52f907dbea3069ba59ef1e183a0f4160-430.pcx fuzz a pcx long enough and it turns into a dbase file Change-Id: Idf1622d6b55ae2cca381f263333d0ab0b6a469b2 diff --git a/connectivity/source/drivers/dbase/DTable.cxx b/connectivity/source/drivers/dbase/DTable.cxx index 5d04f13..b205958 100644 --- a/connectivity/source/drivers/dbase/DTable.cxx +++ b/connectivity/source/drivers/dbase/DTable.cxx @@ -322,13 +322,20 @@ void ODbaseTable::fillColumns() for (; i < nFieldCount; i++) { DBFColumn aDBFColumn; - m_pFileStream->Read((char*)&aDBFColumn, sizeof(aDBFColumn)); + sal_Size nRead = m_pFileStream->Read(&aDBFColumn, sizeof(aDBFColumn)); + if (nRead != sizeof(aDBFColumn)) + { + SAL_WARN("connectivity.drivers", "ODbaseTable::fillColumns: short read!"); + break; + } if ( FIELD_DESCRIPTOR_TERMINATOR == aDBFColumn.db_fnm[0] ) // 0x0D stored as the Field Descriptor terminator. break; - bool bIsRowVersion = bFoxPro && ( aDBFColumn.db_frei2[0] & 0x01 ) == 0x01; + aDBFColumn.db_fnm[sizeof(aDBFColumn.db_fnm)-1] = 0; //ensure null termination for broken input const OUString aColumnName((const char *)aDBFColumn.db_fnm, strlen((const char *)aDBFColumn.db_fnm), m_eEncoding); + bool bIsRowVersion = bFoxPro && ( aDBFColumn.db_frei2[0] & 0x01 ) == 0x01; + m_aRealFieldLengths.push_back(aDBFColumn.db_flng); sal_Int32 nPrecision = aDBFColumn.db_flng; sal_Int32 eType; @@ -2605,7 +2612,12 @@ bool ODbaseTable::seekRow(IResultSetHelper::Movement eCursorPosition, sal_Int32 if (m_pFileStream->GetError() != ERRCODE_NONE) goto Error; - m_pFileStream->Read((char*)m_pBuffer, nEntryLen); + sal_Size nRead = m_pFileStream->Read((char*)m_pBuffer, nEntryLen); + if (nRead != nEntryLen) + { + SAL_WARN("connectivity.drivers", "ODbaseTable::seekRow: short read!"); + goto Error; + } if (m_pFileStream->GetError() != ERRCODE_NONE) goto Error; } @@ -2728,7 +2740,7 @@ void ODbaseTable::AllocBuffer() if (m_pBuffer == NULL && nSize > 0) { m_nBufferSize = nSize; - m_pBuffer = new sal_uInt8[m_nBufferSize+1]; + m_pBuffer = new sal_uInt8[m_nBufferSize+1]; } } commit 1b7d2016f3227afafb31c3ff3fadab68247440f4 Author: Caolán McNamara <caol...@redhat.com> Date: Fri Aug 8 20:02:22 2014 +0100 add test-case for CVE-2010-1681 Change-Id: I2ff8ee15fb7416ea5c8b7a8101ec12c8d371734b diff --git a/filter/qa/cppunit/data/dxf/fail/CVE-2010-1681-1.dxf b/filter/qa/cppunit/data/dxf/fail/CVE-2010-1681-1.dxf new file mode 100644 index 0000000..b4629d9 Binary files /dev/null and b/filter/qa/cppunit/data/dxf/fail/CVE-2010-1681-1.dxf differ commit bf5f734fc23291e0c1b4285f49f7daab13680ea4 Author: Caolán McNamara <caol...@redhat.com> Date: Fri Aug 8 16:36:21 2014 +0100 add dxf import tests Change-Id: Ied78545abb9807acfc634ca97a1ca00a163ffa19 diff --git a/filter/CppunitTest_filter_dxf_test.mk b/filter/CppunitTest_filter_dxf_test.mk new file mode 100644 index 0000000..538051f --- /dev/null +++ b/filter/CppunitTest_filter_dxf_test.mk @@ -0,0 +1,43 @@ +# -*- Mode: makefile-gmake; tab-width: 4; indent-tabs-mode: t -*- +# +# This file is part of the LibreOffice project. +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# + +$(eval $(call gb_CppunitTest_CppunitTest,filter_dxf_test)) + +$(eval $(call gb_CppunitTest_use_external,filter_dxf_test,boost_headers)) + +$(eval $(call gb_CppunitTest_add_exception_objects,filter_dxf_test, \ + filter/qa/cppunit/filters-dxf-test \ +)) + +$(eval $(call gb_CppunitTest_use_libraries,filter_dxf_test, \ + idx \ + sal \ + test \ + tl \ + unotest \ + vcl \ + $(gb_UWINAPI) \ +)) + +$(eval $(call gb_CppunitTest_use_api,filter_dxf_test,\ + udkapi \ + offapi \ +)) + +$(eval $(call gb_CppunitTest_use_ure,filter_dxf_test)) +$(eval $(call gb_CppunitTest_use_vcl,filter_dxf_test)) + +$(eval $(call gb_CppunitTest_use_components,filter_dxf_test,\ + configmgr/source/configmgr \ + i18npool/util/i18npool \ +)) + +$(eval $(call gb_CppunitTest_use_configuration,filter_dxf_test)) + +# vim: set noet sw=4 ts=4: diff --git a/filter/Module_filter.mk b/filter/Module_filter.mk index 79100a7..25698b9 100644 --- a/filter/Module_filter.mk +++ b/filter/Module_filter.mk @@ -85,6 +85,7 @@ $(eval $(call gb_Module_add_check_targets,filter,\ ifneq ($(DISABLE_CVE_TESTS),TRUE) $(eval $(call gb_Module_add_check_targets,filter,\ + CppunitTest_filter_dxf_test \ CppunitTest_filter_pcx_test \ CppunitTest_filter_pict_test \ CppunitTest_filter_ppm_test \ diff --git a/filter/qa/cppunit/data/dxf/fail/.gitignore b/filter/qa/cppunit/data/dxf/fail/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/filter/qa/cppunit/data/dxf/indeterminate/.gitignore b/filter/qa/cppunit/data/dxf/indeterminate/.gitignore new file mode 100644 index 0000000..583b009c --- /dev/null +++ b/filter/qa/cppunit/data/dxf/indeterminate/.gitignore @@ -0,0 +1 @@ +*.wmf-* diff --git a/filter/qa/cppunit/data/dxf/pass/.gitignore b/filter/qa/cppunit/data/dxf/pass/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/filter/qa/cppunit/filters-dxf-test.cxx b/filter/qa/cppunit/filters-dxf-test.cxx new file mode 100644 index 0000000..336b6cd --- /dev/null +++ b/filter/qa/cppunit/filters-dxf-test.cxx @@ -0,0 +1,71 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +#include <unotest/filters-test.hxx> +#include <test/bootstrapfixture.hxx> +#include <vcl/FilterConfigItem.hxx> +#include <tools/stream.hxx> +#include <vcl/graph.hxx> + +#include <osl/file.hxx> +#include <osl/process.h> + +extern "C" +{ + SAL_DLLPUBLIC_EXPORT bool SAL_CALL + GraphicImport(SvStream & rStream, Graphic & rGraphic, + FilterConfigItem*); +} + +using namespace ::com::sun::star; + +/* Implementation of Filters test */ + +class DxfFilterTest + : public test::FiltersTest + , public test::BootstrapFixture +{ +public: + DxfFilterTest() : BootstrapFixture(true, false) {} + + virtual bool load(const OUString &, + const OUString &rURL, const OUString &, + unsigned int, unsigned int, unsigned int) SAL_OVERRIDE; + + /** + * Ensure CVEs remain unbroken + */ + void testCVEs(); + + CPPUNIT_TEST_SUITE(DxfFilterTest); + CPPUNIT_TEST(testCVEs); + CPPUNIT_TEST_SUITE_END(); +}; + +bool DxfFilterTest::load(const OUString &, + const OUString &rURL, const OUString &, + unsigned int, unsigned int, unsigned int) +{ + SvFileStream aFileStream(rURL, STREAM_READ); + Graphic aGraphic; + return GraphicImport(aFileStream, aGraphic, NULL); +} + +void DxfFilterTest::testCVEs() +{ + testDir(OUString(), + getURLFromSrc("/filter/qa/cppunit/data/dxf/"), + OUString()); +} + +CPPUNIT_TEST_SUITE_REGISTRATION(DxfFilterTest); + +CPPUNIT_PLUGIN_IMPLEMENT(); + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ commit d6d73b8e6a8df22b2f213788223ac6760179f9d3 Author: Caolán McNamara <caol...@redhat.com> Date: Fri Aug 8 16:24:23 2014 +0100 add test-case for EDB-22679 Change-Id: Ie4e8548e3202cb1561276ef7480281053867b6fe diff --git a/writerperfect/qa/unit/data/draw/libvisio/pass/EDB-22679-1.vsd b/writerperfect/qa/unit/data/draw/libvisio/pass/EDB-22679-1.vsd new file mode 100644 index 0000000..a0f5242 Binary files /dev/null and b/writerperfect/qa/unit/data/draw/libvisio/pass/EDB-22679-1.vsd differ
_______________________________________________ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice-commits