xmlsecurity/source/component/documentdigitalsignatures.cxx | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-)
New commits: commit ca98e505cd69bf95d8ddb9387cf3f8e03ae4577d Author: Michael Stahl <michael.st...@allotropia.de> AuthorDate: Fri Feb 26 19:51:39 2021 +0100 Commit: Michael Stahl <michael.st...@allotropia.de> CommitDate: Wed Mar 3 12:47:50 2021 +0100 xmlsecurity: fix crash in DocumentDigitalSignatures::isAuthorTrusted() If the argument is null. This function also should use EqualDistinguishedNames(). Change-Id: I4068aa94f9d9c422c96b394c82d3e28303774b0b Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111667 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.st...@allotropia.de> diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index f3b74de8f752..6dfb9799190d 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -655,15 +655,19 @@ void DocumentDigitalSignatures::showCertificate( } sal_Bool DocumentDigitalSignatures::isAuthorTrusted( - const Reference< css::security::XCertificate >& Author ) + const Reference<css::security::XCertificate>& xAuthor) { - OUString sSerialNum = xmlsecurity::bigIntegerToNumericString( Author->getSerialNumber() ); + if (!xAuthor.is()) + { + return false; + } + OUString sSerialNum = xmlsecurity::bigIntegerToNumericString(xAuthor->getSerialNumber()); std::vector< SvtSecurityOptions::Certificate > aTrustedAuthors = SvtSecurityOptions().GetTrustedAuthors(); return std::any_of(aTrustedAuthors.begin(), aTrustedAuthors.end(), - [&Author, &sSerialNum](const SvtSecurityOptions::Certificate& rAuthor) { - return ( rAuthor.SubjectName == Author->getIssuerName() ) + [&xAuthor, &sSerialNum](const SvtSecurityOptions::Certificate& rAuthor) { + return xmlsecurity::EqualDistinguishedNames(rAuthor.SubjectName, xAuthor->getIssuerName()) && ( rAuthor.SerialNumber == sSerialNum ); }); } _______________________________________________ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits