filter/CppunitTest_filter_pcd_test.mk | 42 +++++++++++ filter/Module_filter.mk | 1 filter/qa/cppunit/data/dxf/indeterminate/.gitignore | 2 filter/qa/cppunit/data/eps/indeterminate/.gitignore | 2 filter/qa/cppunit/data/met/indeterminate/.gitignore | 2 filter/qa/cppunit/data/pcd/indeterminate/.gitignore | 1 filter/qa/cppunit/data/pcd/pass/blank-square.pcd |binary filter/qa/cppunit/data/pcx/indeterminate/.gitignore | 2 filter/qa/cppunit/data/pict/indeterminate/.gitignore | 2 filter/qa/cppunit/data/ppm/indeterminate/.gitignore | 2 filter/qa/cppunit/data/psd/indeterminate/.gitignore | 2 filter/qa/cppunit/data/psd/pass/blank-square.psd |binary filter/qa/cppunit/data/ras/indeterminate/.gitignore | 2 filter/qa/cppunit/data/tga/indeterminate/.gitignore | 2 filter/qa/cppunit/data/tiff/indeterminate/.gitignore | 3 filter/qa/cppunit/filters-pcd-test.cxx | 71 +++++++++++++++++++ libreofficekit/qa/tilebench/tilebench.cxx | 1 smoketest/libtest.cxx | 1 soltools/cpp/_cpp.c | 1 svl/source/filerec/filerec.cxx | 7 + svtools/source/misc/imap.cxx | 12 ++- sw/source/filter/xml/xmltbli.cxx | 3 vcl/source/fontsubset/sft.cxx | 14 +++ 23 files changed, 163 insertions(+), 12 deletions(-)
New commits: commit a5ad25c44765c5e98e639bb45464d2166ea8e24d Author: Caolán McNamara <[email protected]> Date: Thu Nov 6 14:23:37 2014 +0000 update suffixes in .gitignore for filters Change-Id: Ibf6093946ef1dec1a2ba202917da9e4562c10d3e diff --git a/filter/qa/cppunit/data/dxf/indeterminate/.gitignore b/filter/qa/cppunit/data/dxf/indeterminate/.gitignore index 583b009c..98457bc 100644 --- a/filter/qa/cppunit/data/dxf/indeterminate/.gitignore +++ b/filter/qa/cppunit/data/dxf/indeterminate/.gitignore @@ -1 +1 @@ -*.wmf-* +*.dxf-* diff --git a/filter/qa/cppunit/data/eps/indeterminate/.gitignore b/filter/qa/cppunit/data/eps/indeterminate/.gitignore index 583b009c..b2a2eb0 100644 --- a/filter/qa/cppunit/data/eps/indeterminate/.gitignore +++ b/filter/qa/cppunit/data/eps/indeterminate/.gitignore @@ -1 +1 @@ -*.wmf-* +*.eps-* diff --git a/filter/qa/cppunit/data/met/indeterminate/.gitignore b/filter/qa/cppunit/data/met/indeterminate/.gitignore index 583b009c..8276f42 100644 --- a/filter/qa/cppunit/data/met/indeterminate/.gitignore +++ b/filter/qa/cppunit/data/met/indeterminate/.gitignore @@ -1 +1 @@ -*.wmf-* +*.met-* diff --git a/filter/qa/cppunit/data/pcd/indeterminate/.gitignore b/filter/qa/cppunit/data/pcd/indeterminate/.gitignore index 583b009c..23ad7d1 100644 --- a/filter/qa/cppunit/data/pcd/indeterminate/.gitignore +++ b/filter/qa/cppunit/data/pcd/indeterminate/.gitignore @@ -1 +1 @@ -*.wmf-* +*.pcd-* diff --git a/filter/qa/cppunit/data/pcx/indeterminate/.gitignore b/filter/qa/cppunit/data/pcx/indeterminate/.gitignore index 583b009c..f73b097 100644 --- a/filter/qa/cppunit/data/pcx/indeterminate/.gitignore +++ b/filter/qa/cppunit/data/pcx/indeterminate/.gitignore @@ -1 +1 @@ -*.wmf-* +*.pcx-* diff --git a/filter/qa/cppunit/data/pict/indeterminate/.gitignore b/filter/qa/cppunit/data/pict/indeterminate/.gitignore index e69de29..1bdee77 100644 --- a/filter/qa/cppunit/data/pict/indeterminate/.gitignore +++ b/filter/qa/cppunit/data/pict/indeterminate/.gitignore @@ -0,0 +1,2 @@ +*.pict-* +*.pct-* diff --git a/filter/qa/cppunit/data/ppm/indeterminate/.gitignore b/filter/qa/cppunit/data/ppm/indeterminate/.gitignore index 583b009c..e9c5b17 100644 --- a/filter/qa/cppunit/data/ppm/indeterminate/.gitignore +++ b/filter/qa/cppunit/data/ppm/indeterminate/.gitignore @@ -1 +1 @@ -*.wmf-* +*.ppm-* diff --git a/filter/qa/cppunit/data/psd/indeterminate/.gitignore b/filter/qa/cppunit/data/psd/indeterminate/.gitignore index 583b009c..49b8ba0 100644 --- a/filter/qa/cppunit/data/psd/indeterminate/.gitignore +++ b/filter/qa/cppunit/data/psd/indeterminate/.gitignore @@ -1 +1 @@ -*.wmf-* +*.psd-* diff --git a/filter/qa/cppunit/data/ras/indeterminate/.gitignore b/filter/qa/cppunit/data/ras/indeterminate/.gitignore index 583b009c..60147ad 100644 --- a/filter/qa/cppunit/data/ras/indeterminate/.gitignore +++ b/filter/qa/cppunit/data/ras/indeterminate/.gitignore @@ -1 +1 @@ -*.wmf-* +*.ras-* diff --git a/filter/qa/cppunit/data/tga/indeterminate/.gitignore b/filter/qa/cppunit/data/tga/indeterminate/.gitignore index 583b009c..38bf024 100644 --- a/filter/qa/cppunit/data/tga/indeterminate/.gitignore +++ b/filter/qa/cppunit/data/tga/indeterminate/.gitignore @@ -1 +1 @@ -*.wmf-* +*.tga-* diff --git a/filter/qa/cppunit/data/tiff/indeterminate/.gitignore b/filter/qa/cppunit/data/tiff/indeterminate/.gitignore index 583b009c..9c056f0 100644 --- a/filter/qa/cppunit/data/tiff/indeterminate/.gitignore +++ b/filter/qa/cppunit/data/tiff/indeterminate/.gitignore @@ -1 +1,2 @@ -*.wmf-* +*.tiff-* +*.tif-* commit 31bfb20c81b0d293a5531c381885791540f477b0 Author: Caolán McNamara <[email protected]> Date: Thu Nov 6 14:19:28 2014 +0000 add a build-time regression test for pcd file format Change-Id: Ie413372ab1cfc7e38570fdf65c6daca8c2cc426b diff --git a/filter/CppunitTest_filter_pcd_test.mk b/filter/CppunitTest_filter_pcd_test.mk new file mode 100644 index 0000000..071d76f --- /dev/null +++ b/filter/CppunitTest_filter_pcd_test.mk @@ -0,0 +1,42 @@ +# -*- Mode: makefile-gmake; tab-width: 4; indent-tabs-mode: t -*- +# +# This file is part of the LibreOffice project. +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# + +$(eval $(call gb_CppunitTest_CppunitTest,filter_pcd_test)) + +$(eval $(call gb_CppunitTest_use_external,filter_pcd_test,boost_headers)) + +$(eval $(call gb_CppunitTest_add_exception_objects,filter_pcd_test, \ + filter/qa/cppunit/filters-pcd-test \ +)) + +$(eval $(call gb_CppunitTest_use_libraries,filter_pcd_test, \ + icd \ + sal \ + test \ + tl \ + unotest \ + vcl \ + $(gb_UWINAPI) \ +)) + +$(eval $(call gb_CppunitTest_use_api,filter_pcd_test,\ + udkapi \ + offapi \ +)) + +$(eval $(call gb_CppunitTest_use_ure,filter_pcd_test)) +$(eval $(call gb_CppunitTest_use_vcl,filter_pcd_test)) + +$(eval $(call gb_CppunitTest_use_components,filter_pcd_test,\ + configmgr/source/configmgr \ +)) + +$(eval $(call gb_CppunitTest_use_configuration,filter_pcd_test)) + +# vim: set noet sw=4 ts=4: diff --git a/filter/Module_filter.mk b/filter/Module_filter.mk index 7c7575a..33f0f74 100644 --- a/filter/Module_filter.mk +++ b/filter/Module_filter.mk @@ -88,6 +88,7 @@ $(eval $(call gb_Module_add_check_targets,filter,\ CppunitTest_filter_dxf_test \ CppunitTest_filter_eps_test \ CppunitTest_filter_met_test \ + CppunitTest_filter_pcd_test \ CppunitTest_filter_pcx_test \ CppunitTest_filter_pict_test \ CppunitTest_filter_ppm_test \ diff --git a/filter/qa/cppunit/data/pcd/fail/.gitignore b/filter/qa/cppunit/data/pcd/fail/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/filter/qa/cppunit/data/pcd/indeterminate/.gitignore b/filter/qa/cppunit/data/pcd/indeterminate/.gitignore new file mode 100644 index 0000000..583b009c --- /dev/null +++ b/filter/qa/cppunit/data/pcd/indeterminate/.gitignore @@ -0,0 +1 @@ +*.wmf-* diff --git a/filter/qa/cppunit/data/pcd/pass/.gitignore b/filter/qa/cppunit/data/pcd/pass/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/filter/qa/cppunit/data/pcd/pass/blank-square.pcd b/filter/qa/cppunit/data/pcd/pass/blank-square.pcd new file mode 100644 index 0000000..a626b5f Binary files /dev/null and b/filter/qa/cppunit/data/pcd/pass/blank-square.pcd differ diff --git a/filter/qa/cppunit/data/psd/pass/blank-square.psd b/filter/qa/cppunit/data/psd/pass/blank-square.psd new file mode 100644 index 0000000..fc811da Binary files /dev/null and b/filter/qa/cppunit/data/psd/pass/blank-square.psd differ diff --git a/filter/qa/cppunit/filters-pcd-test.cxx b/filter/qa/cppunit/filters-pcd-test.cxx new file mode 100644 index 0000000..681dc7d --- /dev/null +++ b/filter/qa/cppunit/filters-pcd-test.cxx @@ -0,0 +1,71 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +#include <unotest/filters-test.hxx> +#include <test/bootstrapfixture.hxx> +#include <vcl/FilterConfigItem.hxx> +#include <tools/stream.hxx> +#include <vcl/graph.hxx> + +#include <osl/file.hxx> +#include <osl/process.h> + +extern "C" +{ + SAL_DLLPUBLIC_EXPORT bool SAL_CALL + GraphicImport(SvStream & rStream, Graphic & rGraphic, + FilterConfigItem*); +} + +using namespace ::com::sun::star; + +/* Implementation of Filters test */ + +class PcdFilterTest + : public test::FiltersTest + , public test::BootstrapFixture +{ +public: + PcdFilterTest() : BootstrapFixture(true, false) {} + + virtual bool load(const OUString &, + const OUString &rURL, const OUString &, + unsigned int, unsigned int, unsigned int) SAL_OVERRIDE; + + /** + * Ensure CVEs remain unbroken + */ + void testCVEs(); + + CPPUNIT_TEST_SUITE(PcdFilterTest); + CPPUNIT_TEST(testCVEs); + CPPUNIT_TEST_SUITE_END(); +}; + +bool PcdFilterTest::load(const OUString &, + const OUString &rURL, const OUString &, + unsigned int, unsigned int, unsigned int) +{ + SvFileStream aFileStream(rURL, STREAM_READ); + Graphic aGraphic; + return GraphicImport(aFileStream, aGraphic, NULL); +} + +void PcdFilterTest::testCVEs() +{ + testDir(OUString(), + getURLFromSrc("/filter/qa/cppunit/data/pcd/"), + OUString()); +} + +CPPUNIT_TEST_SUITE_REGISTRATION(PcdFilterTest); + +CPPUNIT_PLUGIN_IMPLEMENT(); + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ commit 7b0f4dc514d3fb9c79809afcf3fb118f0a7d0b38 Author: Caolán McNamara <[email protected]> Date: Thu Nov 6 14:00:09 2014 +0000 coverity#1000834 Use of untrusted string value and coverity#706196 Use of untrusted string value coverity#1244947 Use of untrusted string value Change-Id: I5083aba2eff9e852a24513db431585922302b279 diff --git a/libreofficekit/qa/tilebench/tilebench.cxx b/libreofficekit/qa/tilebench/tilebench.cxx index 9e2e550..013f866 100644 --- a/libreofficekit/qa/tilebench/tilebench.cxx +++ b/libreofficekit/qa/tilebench/tilebench.cxx @@ -58,6 +58,7 @@ int main( int argc, char* argv[] ) } aTimes.push_back(TimeRecord("initialization")); + // coverity[tainted_string] - build time test tool Office *pOffice = lok_cpp_init(argv[1]); aTimes.push_back(TimeRecord()); diff --git a/smoketest/libtest.cxx b/smoketest/libtest.cxx index 91bbcae..14df882 100644 --- a/smoketest/libtest.cxx +++ b/smoketest/libtest.cxx @@ -48,6 +48,7 @@ int main (int argc, char **argv) return 1; } + // coverity[tainted_string] - build time test tool Office *pOffice = lok_cpp_init( argv[1] ); if( !pOffice ) { diff --git a/soltools/cpp/_cpp.c b/soltools/cpp/_cpp.c index bfa93be..08520f4 100644 --- a/soltools/cpp/_cpp.c +++ b/soltools/cpp/_cpp.c @@ -52,6 +52,7 @@ __cdecl curtime = ctime(&t); maketokenrow(3, &tr); expandlex(); + // coverity[tainted_string] - build time test tool setup(argc, argv); fixlex(); if (!Pflag) commit 7ca34b04c0915cb00345afa1ba7cfc736f82f9a1 Author: Caolán McNamara <[email protected]> Date: Thu Nov 6 13:47:59 2014 +0000 coverity#735645 Division or modulo by zero Change-Id: I03b8404f90b6a05189591d8e3423f32810057a47 diff --git a/sw/source/filter/xml/xmltbli.cxx b/sw/source/filter/xml/xmltbli.cxx index fdc0bbc..fb3ed88 100644 --- a/sw/source/filter/xml/xmltbli.cxx +++ b/sw/source/filter/xml/xmltbli.cxx @@ -23,6 +23,7 @@ #include <com/sun/star/lang/XMultiServiceFactory.hpp> #include <com/sun/star/text/XTextTable.hpp> #include <com/sun/star/table/XCellRange.hpp> +#include <o3tl/numeric.hxx> #include <svl/itemset.hxx> #include <svl/zformat.hxx> #include <sax/tools/converter.hxx> @@ -2446,6 +2447,8 @@ void SwXMLTableContext::_MakeTable( SwTableBox *pBox ) { if( !colIter->isRelative ) { + if (nMinAbsColWidth == 0) + throw o3tl::divide_by_zero(); sal_Int32 nRelCol = ( colIter->width * nMinRelColWidth) / nMinAbsColWidth; colIter->width = nRelCol; colIter->isRelative = true; commit 62eaee4858397f409da1474c71f1954b8d8e571e Author: Caolán McNamara <[email protected]> Date: Thu Nov 6 13:43:39 2014 +0000 coverity#1242693 Untrusted value as argument and coverity#1242727 Untrusted value as argument Change-Id: Ibb212c39f43bcd3f0e0ddf973d1512ed0d7c2fc6 diff --git a/svl/source/filerec/filerec.cxx b/svl/source/filerec/filerec.cxx index eb5b8b1..d8d3a10 100644 --- a/svl/source/filerec/filerec.cxx +++ b/svl/source/filerec/filerec.cxx @@ -527,6 +527,13 @@ bool SfxMultiRecordReader::ReadHeader_Impl() _pStream->SeekRel( + _nContentSize ); else _pStream->Seek( _nContentSize ); + const size_t nMaxRecords = _pStream->remainingSize() / sizeof(sal_uInt32); + if (_nContentCount > nMaxRecords) + { + SAL_WARN("svl", "Parsing error: " << nMaxRecords << " max possible entries, but " << + _nContentCount << " claimed, truncating"); + _nContentCount = nMaxRecords; + } _pContentOfs = new sal_uInt32[_nContentCount]; memset(_pContentOfs, 0, _nContentCount*sizeof(sal_uInt32)); #if defined(OSL_LITENDIAN) commit 85005715a516d47697e3fcf86f51df35f442648d Author: Caolán McNamara <[email protected]> Date: Thu Nov 6 13:31:26 2014 +0000 coverity#1242570 Untrusted value as argument Change-Id: Ic79bd1931ee291746b6dae138b3181d4baddbe3e diff --git a/svtools/source/misc/imap.cxx b/svtools/source/misc/imap.cxx index 4eebd55..344372d 100644 --- a/svtools/source/misc/imap.cxx +++ b/svtools/source/misc/imap.cxx @@ -883,8 +883,18 @@ void ImageMap::ImpWriteImageMap( SvStream& rOStm, const OUString& rBaseURL ) con void ImageMap::ImpReadImageMap( SvStream& rIStm, size_t nCount, const OUString& rBaseURL ) { + const size_t nMinRecordSize = 12; //circle, three 32bit numbers + const size_t nMaxRecords = rIStm.remainingSize() / nMinRecordSize; + + if (nCount > nMaxRecords) + { + SAL_WARN("svtools.misc", "Parsing error: " << nMaxRecords << " max possible entries, but " << + nCount << " claimed, truncating"); + nCount = nMaxRecords; + } + // neue Objekte einlesen - for ( size_t i = 0; i < nCount; i++ ) + for (size_t i = 0; i < nCount; ++i) { sal_uInt16 nType; commit 689f47d9c4a28468827bd0f9ed81911a024d59dc Author: Caolán McNamara <[email protected]> Date: Thu Nov 6 11:36:39 2014 +0000 coverity#1213366 Untrusted loop bound Change-Id: Id5f2c8d199ffae4f23934ceb92184562d72c0b90 diff --git a/vcl/source/fontsubset/sft.cxx b/vcl/source/fontsubset/sft.cxx index e8d8337..d66e158 100644 --- a/vcl/source/fontsubset/sft.cxx +++ b/vcl/source/fontsubset/sft.cxx @@ -1231,7 +1231,6 @@ static void FindCmap(TrueTypeFont *ttf) const sal_uInt8* table = getTable(ttf, O_cmap); sal_uInt32 table_size = getTableSize(ttf, O_cmap); sal_uInt16 ncmaps = GetUInt16(table, 2, 1); - unsigned int i; sal_uInt32 AppleUni = 0; // Apple Unicode sal_uInt32 ThreeZero = 0; /* MS Symbol */ sal_uInt32 ThreeOne = 0; /* MS UCS-2 */ @@ -1241,7 +1240,18 @@ static void FindCmap(TrueTypeFont *ttf) sal_uInt32 ThreeFive = 0; /* MS Wansung */ sal_uInt32 ThreeSix = 0; /* MS Johab */ - for (i = 0; i < ncmaps; i++) { + const sal_uInt32 remaining_table_size = table_size-4; + const sal_uInt32 nMinRecordSize = 8; + const sal_uInt32 nMaxRecords = remaining_table_size / nMinRecordSize; + if (ncmaps > nMaxRecords) + { + SAL_WARN("vcl.fonts", "Parsing error in " << OUString::createFromAscii(ttf->fname) << + ": " << nMaxRecords << " max possible entries, but " << + ncmaps << " claimed, truncating"); + ncmaps = nMaxRecords; + } + + for (unsigned int i = 0; i < ncmaps; i++) { /* sanity check, cmap entry must lie within table */ sal_uInt32 nLargestFixedOffsetPos = 8 + i * 8; sal_uInt32 nMinSize = nLargestFixedOffsetPos + sizeof(sal_uInt32);
_______________________________________________ Libreoffice-commits mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
