avmedia/source/viewer/mediawindow_impl.cxx         |   13 +++---
 editeng/source/items/frmitems.cxx                  |   10 +++-
 embeddedobj/source/commonembedding/persistence.cxx |   17 ++++++--
 forms/source/component/ImageControl.cxx            |    4 +
 forms/source/component/clickableimage.cxx          |    2 
 sfx2/source/appl/linkmgr2.cxx                      |    5 +-
 sw/source/filter/html/htmlgrin.cxx                 |    3 -
 toolkit/source/controls/unocontrols.cxx            |    3 -
 tools/qa/cppunit/test_urlobj.cxx                   |   44 +++++++++++++++++++++
 tools/source/fsys/urlobj.cxx                       |   31 ++++++++++++--
 unotools/source/misc/mediadescriptor.cxx           |    3 +
 vcl/source/filter/graphicfilter.cxx                |    8 +++
 12 files changed, 121 insertions(+), 22 deletions(-)

New commits:
commit af327e823ebbf826a36387ebacfcbc0cea0c2d98
Author:     Stephan Bergmann <stephan.bergm...@allotropia.de>
AuthorDate: Sat Dec 7 17:36:22 2024 +0100
Commit:     Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Wed Dec 11 20:08:10 2024 +0000

    Fix check for further exotic protocols
    
    ...that were added in 59891cd3985469bc44dbd05c9fc704eeb07f0c78 "look at
    'embedded' protocols for protocols that support them"
    
    Change-Id: I42836d6fd27cd99e39ab07e626053f002a2651f5
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/178047
    Tested-by: Jenkins
    Reviewed-by: Stephan Bergmann <stephan.bergm...@allotropia.de>
    (cherry picked from commit 8075798b22f2188530f57b8747589923bfd419ef)
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/178065
    Tested-by: Caolán McNamara <caolan.mcnam...@collabora.com>
    Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/178166
    Reviewed-by: Miklos Vajna <vmik...@collabora.com>
    Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
    (cherry picked from commit a58893f2de8210008fa7bb403e9c9000869e6c04)

diff --git a/tools/qa/cppunit/test_urlobj.cxx b/tools/qa/cppunit/test_urlobj.cxx
index 273b5feff954..1df859b305f9 100644
--- a/tools/qa/cppunit/test_urlobj.cxx
+++ b/tools/qa/cppunit/test_urlobj.cxx
@@ -354,6 +354,49 @@ namespace tools_urlobj
             }
         }
 
+        void testIsExoticProtocol() {
+            {
+                INetURLObject url(u"vnd.sun.star.pkg://slot%3A0");
+                CPPUNIT_ASSERT_EQUAL(INetProtocol::VndSunStarPkg, 
url.GetProtocol());
+                CPPUNIT_ASSERT(url.IsExoticProtocol());
+            }
+            {
+                INetURLObject 
url(u"vnd.sun.star.pkg://vnd.sun.star.pkg%3A%2F%2Fslot%253A0");
+                CPPUNIT_ASSERT_EQUAL(INetProtocol::VndSunStarPkg, 
url.GetProtocol());
+                CPPUNIT_ASSERT(url.IsExoticProtocol());
+            }
+            {
+                INetURLObject 
url(u"vnd.sun.star.pkg://http%3A%2F%2Fexample.net");
+                CPPUNIT_ASSERT_EQUAL(INetProtocol::VndSunStarPkg, 
url.GetProtocol());
+                CPPUNIT_ASSERT(!url.IsExoticProtocol());
+            }
+            {
+                INetURLObject url(u"vnd.sun.star.zip://slot%3A0");
+                CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+                CPPUNIT_ASSERT(url.IsExoticProtocol());
+            }
+            {
+                INetURLObject url(u"vnd.sun.star.zip://slot%3A0/foo");
+                CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+                CPPUNIT_ASSERT(url.IsExoticProtocol());
+            }
+            {
+                INetURLObject url(u"vnd.sun.star.zip://slot%3A0?foo");
+                CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+                CPPUNIT_ASSERT(url.IsExoticProtocol());
+            }
+            {
+                INetURLObject url(u"vnd.sun.star.zip://slot%3A0#foo");
+                CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+                CPPUNIT_ASSERT(url.IsExoticProtocol());
+            }
+            {
+                INetURLObject 
url(u"vnd.sun.star.zip://http%3A%2F%2Fexample.net");
+                CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+                CPPUNIT_ASSERT(!url.IsExoticProtocol());
+            }
+        }
+
         // Change the following lines only, if you add, remove or rename
         // member functions of the current class,
         // because these macros are need by auto register mechanism.
@@ -371,6 +414,7 @@ namespace tools_urlobj
         CPPUNIT_TEST( testChangeScheme );
         CPPUNIT_TEST( testTd146382 );
         CPPUNIT_TEST( testParseSmart );
+        CPPUNIT_TEST( testIsExoticProtocol );
         CPPUNIT_TEST_SUITE_END(  );
     };                          // class createPool
 
diff --git a/tools/source/fsys/urlobj.cxx b/tools/source/fsys/urlobj.cxx
index 7faf15dcd073..827fbe217965 100644
--- a/tools/source/fsys/urlobj.cxx
+++ b/tools/source/fsys/urlobj.cxx
@@ -4891,10 +4891,21 @@ bool INetURLObject::IsExoticProtocol() const
     {
         return true;
     }
-    if (isSchemeEqualTo(u"vnd.sun.star.pkg") || 
isSchemeEqualTo(u"vnd.sun.star.zip"))
+    if (m_eScheme == INetProtocol::VndSunStarPkg) {
+        return 
INetURLObject(GetHost(INetURLObject::DecodeMechanism::WithCharset))
+            .IsExoticProtocol();
+    }
+    if (isSchemeEqualTo(u"vnd.sun.star.zip"))
     {
-        OUString sPayloadURL = 
GetURLPath(INetURLObject::DecodeMechanism::WithCharset);
-        return sPayloadURL.startsWith(u"//") && 
INetURLObject(sPayloadURL.subView(2)).IsExoticProtocol();
+        OUString sPayloadURL = 
GetURLPath(INetURLObject::DecodeMechanism::NONE);
+        if (!sPayloadURL.startsWith(u"//")) {
+            return false;
+        }
+        auto const find = [&sPayloadURL](auto c) {
+            auto const n = sPayloadURL.indexOf(c, 2);
+            return n == -1 ? sPayloadURL.getLength() : n;
+        };
+        return INetURLObject(decode(sPayloadURL.subView(2, std::min(find('/'), 
find('?')) - 2), 
INetURLObject::DecodeMechanism::WithCharset)).IsExoticProtocol();
     }
     return false;
 }
commit 24e7bd132cab74e8c145c0c7b395ef3edf10fc41
Author:     Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Fri Dec 6 14:41:19 2024 +0000
Commit:     Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Wed Dec 11 20:08:10 2024 +0000

    look at 'embedded' protocols too
    
    Change-Id: Ie99f5f5a390639bdc69397c831e0a32594a5030c
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/177981
    Tested-by: Jenkins
    Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
    (cherry picked from commit 59891cd3985469bc44dbd05c9fc704eeb07f0c78)
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/177987
    Reviewed-by: Stephan Bergmann <stephan.bergm...@allotropia.de>
    (cherry picked from commit b63aa51c55244ee67410201fa5e7c003427b1009)
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/178164
    Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
    Reviewed-by: Miklos Vajna <vmik...@collabora.com>
    (cherry picked from commit e25d074b3163971d64d24976af1a9bd0634c8da5)

diff --git a/tools/source/fsys/urlobj.cxx b/tools/source/fsys/urlobj.cxx
index 23a0d67d2717..7faf15dcd073 100644
--- a/tools/source/fsys/urlobj.cxx
+++ b/tools/source/fsys/urlobj.cxx
@@ -4882,12 +4882,21 @@ OUString INetURLObject::CutExtension()
 
 bool INetURLObject::IsExoticProtocol() const
 {
-    return m_eScheme == INetProtocol::Slot ||
-           m_eScheme == INetProtocol::Macro ||
-           m_eScheme == INetProtocol::Uno ||
-           m_eScheme == INetProtocol::VndSunStarExpand ||
-           isSchemeEqualTo(u"vnd.sun.star.script") ||
-           isSchemeEqualTo(u"service");
+    if (m_eScheme == INetProtocol::Slot ||
+        m_eScheme == INetProtocol::Macro ||
+        m_eScheme == INetProtocol::Uno ||
+        m_eScheme == INetProtocol::VndSunStarExpand ||
+        isSchemeEqualTo(u"vnd.sun.star.script") ||
+        isSchemeEqualTo(u"service"))
+    {
+        return true;
+    }
+    if (isSchemeEqualTo(u"vnd.sun.star.pkg") || 
isSchemeEqualTo(u"vnd.sun.star.zip"))
+    {
+        OUString sPayloadURL = 
GetURLPath(INetURLObject::DecodeMechanism::WithCharset);
+        return sPayloadURL.startsWith(u"//") && 
INetURLObject(sPayloadURL.subView(2)).IsExoticProtocol();
+    }
+    return false;
 }
 
 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
commit fd74505b78e5d09c345aaf66f7e7b8ed3170591e
Author:     Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Fri Nov 15 12:30:39 2024 +0000
Commit:     Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Wed Dec 11 20:08:10 2024 +0000

    consider VndSunStarExpand an exotic protocol
    
    and generally don't bother with it when fetching data
    from urls
    
    Change-Id: I51a2601c6fb7d6c32f9e2d1286ee0d3b05b370b9
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/176922
    Reviewed-by: Miklos Vajna <vmik...@collabora.com>
    Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
    (cherry picked from commit 4fbe740677b90d8b73842b60863e2f4c9f4ea382)

diff --git a/avmedia/source/viewer/mediawindow_impl.cxx 
b/avmedia/source/viewer/mediawindow_impl.cxx
index 82ca1b92821c..7a6755e40052 100644
--- a/avmedia/source/viewer/mediawindow_impl.cxx
+++ b/avmedia/source/viewer/mediawindow_impl.cxx
@@ -170,15 +170,16 @@ void MediaWindowImpl::dispose()
 
 uno::Reference<media::XPlayer> MediaWindowImpl::createPlayer(const OUString& 
rURL, const OUString& rReferer, const OUString*)
 {
-    uno::Reference<media::XPlayer> xPlayer;
-
     if( rURL.isEmpty() )
-        return xPlayer;
+        return nullptr;
 
     if (SvtSecurityOptions::isUntrustedReferer(rReferer))
-    {
-        return xPlayer;
-    }
+        return nullptr;
+
+    if (INetURLObject(rURL).IsExoticProtocol())
+        return nullptr;
+
+    uno::Reference<media::XPlayer> xPlayer;
 
     // currently there isn't anything else, throw any mime type to the media 
players
     //if (!pMimeType || *pMimeType == AVMEDIA_MIMETYPE_COMMON)
diff --git a/editeng/source/items/frmitems.cxx 
b/editeng/source/items/frmitems.cxx
index 94b7704303ba..d79f75109a21 100644
--- a/editeng/source/items/frmitems.cxx
+++ b/editeng/source/items/frmitems.cxx
@@ -46,6 +46,7 @@
 #include <svl/memberid.h>
 #include <rtl/math.hxx>
 #include <rtl/ustring.hxx>
+#include <sal/log.hxx>
 #include <tools/mapunit.hxx>
 #include <tools/UnitConversion.hxx>
 #include <vcl/graphicfilter.hxx>
@@ -4398,6 +4399,13 @@ const GraphicObject* 
SvxBrushItem::GetGraphicObject(OUString const & referer) co
             return nullptr;
         }
 
+        INetURLObject aGraphicURL( maStrLink );
+        if (aGraphicURL.IsExoticProtocol())
+        {
+            SAL_WARN("editeng", "Ignore exotic protocol: " << maStrLink);
+            return nullptr;
+        }
+
         // tdf#94088 prepare graphic and state
         Graphic aGraphic;
         bool bGraphicLoaded = false;
@@ -4418,8 +4426,6 @@ const GraphicObject* 
SvxBrushItem::GetGraphicObject(OUString const & referer) co
         // a 'data:' scheme url and try to load that (embedded graphics)
         if(!bGraphicLoaded)
         {
-            INetURLObject aGraphicURL( maStrLink );
-
             if( INetProtocol::Data == aGraphicURL.GetProtocol() )
             {
                 std::unique_ptr<SvMemoryStream> const 
xMemStream(aGraphicURL.getData());
diff --git a/embeddedobj/source/commonembedding/persistence.cxx 
b/embeddedobj/source/commonembedding/persistence.cxx
index 1ccd15884318..35154da9b75f 100644
--- a/embeddedobj/source/commonembedding/persistence.cxx
+++ b/embeddedobj/source/commonembedding/persistence.cxx
@@ -54,6 +54,7 @@
 #include <comphelper/mimeconfighelper.hxx>
 #include <comphelper/namedvaluecollection.hxx>
 #include <comphelper/propertyvalue.hxx>
+#include <tools/urlobj.hxx>
 #include <unotools/mediadescriptor.hxx>
 
 #include <comphelper/diagnose_ex.hxx>
@@ -373,11 +374,19 @@ uno::Reference< util::XCloseable > 
OCommonEmbeddedObject::LoadLink_Impl()
     uno::Sequence< beans::PropertyValue > aArgs( 
m_aDocMediaDescriptor.getLength() + nLen );
     auto pArgs = aArgs.getArray();
 
-    pArgs[0].Name = "URL";
-    if(m_aLinkTempFile.is())
-        pArgs[0].Value <<= m_aLinkTempFile->getUri();
+    OUString sURL;
+    if (m_aLinkTempFile.is())
+        sURL = m_aLinkTempFile->getUri();
     else
-        pArgs[0].Value <<= m_aLinkURL;
+        sURL = m_aLinkURL;
+    if (INetURLObject(sURL).IsExoticProtocol())
+    {
+        SAL_WARN("embeddedobj.common", "Ignore exotic protocol: " << 
pArgs[0].Value);
+        return nullptr;
+    }
+
+    pArgs[0].Name = "URL";
+    pArgs[0].Value <<= sURL;
 
     pArgs[1].Name = "FilterName";
     pArgs[1].Value <<= m_aLinkFilterName;
diff --git a/forms/source/component/ImageControl.cxx 
b/forms/source/component/ImageControl.cxx
index c2bc0953c6c8..0187456b0e8d 100644
--- a/forms/source/component/ImageControl.cxx
+++ b/forms/source/component/ImageControl.cxx
@@ -398,6 +398,10 @@ void OImageControlModel::read(const 
Reference<XObjectInputStream>& _rxInStream)
 
 bool OImageControlModel::impl_updateStreamForURL_lck( const OUString& _rURL, 
ValueChangeInstigator _eInstigator )
 {
+    if (INetURLObject(_rURL).IsExoticProtocol()) {
+        return false;
+    }
+
     // create a stream for the image specified by the URL
     std::unique_ptr< SvStream > pImageStream;
     Reference< XInputStream > xImageStream;
diff --git a/forms/source/component/clickableimage.cxx 
b/forms/source/component/clickableimage.cxx
index e1f6f068faf0..4908c12edfa9 100644
--- a/forms/source/component/clickableimage.cxx
+++ b/forms/source/component/clickableimage.cxx
@@ -736,7 +736,7 @@ namespace frm
 
         // the SfxMedium is not allowed to be created with an invalid URL, so 
we have to check this first
         INetURLObject aUrl(rURL);
-        if (INetProtocol::NotValid == aUrl.GetProtocol())
+        if (INetProtocol::NotValid == aUrl.GetProtocol() || 
aUrl.IsExoticProtocol())
             // we treat an invalid URL like we would treat no URL
             return;
 
diff --git a/sfx2/source/appl/linkmgr2.cxx b/sfx2/source/appl/linkmgr2.cxx
index 6a3e0c7e8821..587b99399f66 100644
--- a/sfx2/source/appl/linkmgr2.cxx
+++ b/sfx2/source/appl/linkmgr2.cxx
@@ -524,8 +524,11 @@ bool LinkManager::GetGraphicFromAny(std::u16string_view 
rMimeType,
             sReferer = sh->GetMedium()->GetName();
 
         OUString sURL = rValue.get<OUString>();
-        if (!SvtSecurityOptions::isUntrustedReferer(sReferer))
+        if (!SvtSecurityOptions::isUntrustedReferer(sReferer) &&
+            !INetURLObject(sURL).IsExoticProtocol())
+        {
             rGraphic = vcl::graphic::loadFromURL(sURL, pParentWin);
+        }
         if (rGraphic.IsNone())
             rGraphic.SetDefaultType();
         rGraphic.setOriginURL(sURL);
diff --git a/sw/source/filter/html/htmlgrin.cxx 
b/sw/source/filter/html/htmlgrin.cxx
index 1deccee5f9b2..1a5252aa1c6a 100644
--- a/sw/source/filter/html/htmlgrin.cxx
+++ b/sw/source/filter/html/htmlgrin.cxx
@@ -673,7 +673,8 @@ IMAGE_SETEVENT:
     bool bNeedWidth = (!bPercentWidth && !nWidth) || bRelWidthScale;
     bool bRelHeightScale = bPercentHeight && nHeight == 
SwFormatFrameSize::SYNCED;
     bool bNeedHeight = (!bPercentHeight && !nHeight) || bRelHeightScale;
-    if ((bNeedWidth || bNeedHeight) && !bFuzzing && allowAccessLink(*m_xDoc))
+    if ((bNeedWidth || bNeedHeight) && !bFuzzing && allowAccessLink(*m_xDoc) &&
+        !aGraphicURL.IsExoticProtocol())
     {
         GraphicDescriptor aDescriptor(aGraphicURL);
         if (aDescriptor.Detect(/*bExtendedInfo=*/true))
diff --git a/toolkit/source/controls/unocontrols.cxx 
b/toolkit/source/controls/unocontrols.cxx
index 7ce4b471c80c..51cebfd5f88d 100644
--- a/toolkit/source/controls/unocontrols.cxx
+++ b/toolkit/source/controls/unocontrols.cxx
@@ -32,6 +32,7 @@
 #include <controls/formattedcontrol.hxx>
 #include <toolkit/controls/unocontrols.hxx>
 #include <helper/property.hxx>
+#include <tools/urlobj.hxx>
 #include <toolkit/helper/macros.hxx>
 
 // for introspection
@@ -68,7 +69,7 @@ css::uno::Reference< css::graphic::XGraphic >
 ImageHelper::getGraphicFromURL_nothrow( const OUString& _rURL )
 {
     uno::Reference< graphic::XGraphic > xGraphic;
-    if ( _rURL.isEmpty() )
+    if (_rURL.isEmpty() || INetURLObject(_rURL).IsExoticProtocol())
         return xGraphic;
 
     try
diff --git a/tools/source/fsys/urlobj.cxx b/tools/source/fsys/urlobj.cxx
index 35b5e9244191..23a0d67d2717 100644
--- a/tools/source/fsys/urlobj.cxx
+++ b/tools/source/fsys/urlobj.cxx
@@ -4885,6 +4885,7 @@ bool INetURLObject::IsExoticProtocol() const
     return m_eScheme == INetProtocol::Slot ||
            m_eScheme == INetProtocol::Macro ||
            m_eScheme == INetProtocol::Uno ||
+           m_eScheme == INetProtocol::VndSunStarExpand ||
            isSchemeEqualTo(u"vnd.sun.star.script") ||
            isSchemeEqualTo(u"service");
 }
diff --git a/unotools/source/misc/mediadescriptor.cxx 
b/unotools/source/misc/mediadescriptor.cxx
index b8bb7f13469e..11e6f1e4619a 100644
--- a/unotools/source/misc/mediadescriptor.cxx
+++ b/unotools/source/misc/mediadescriptor.cxx
@@ -334,6 +334,9 @@ bool MediaDescriptor::impl_openStreamWithPostData( const 
css::uno::Reference< cs
 /*-----------------------------------------------*/
 bool MediaDescriptor::impl_openStreamWithURL( const OUString& sURL, bool 
bLockFile )
 {
+    if (INetURLObject(sURL).IsExoticProtocol())
+        return false;
+
     OUString referer(getUnpackedValueOrDefault(PROP_REFERRER, OUString()));
     if (SvtSecurityOptions::isUntrustedReferer(referer)) {
         return false;
diff --git a/vcl/source/filter/graphicfilter.cxx 
b/vcl/source/filter/graphicfilter.cxx
index 3c5b559d4d61..11b69da50c16 100644
--- a/vcl/source/filter/graphicfilter.cxx
+++ b/vcl/source/filter/graphicfilter.cxx
@@ -488,10 +488,16 @@ ErrCode GraphicFilter::CanImportGraphic( 
std::u16string_view rMainUrl, SvStream&
 ErrCode GraphicFilter::ImportGraphic( Graphic& rGraphic, const INetURLObject& 
rPath,
                                      sal_uInt16 nFormat, sal_uInt16 * 
pDeterminedFormat, GraphicFilterImportFlags nImportFlags )
 {
-    ErrCode nRetValue = ERRCODE_GRFILTER_FORMATERROR;
     SAL_WARN_IF( rPath.GetProtocol() == INetProtocol::NotValid, "vcl.filter", 
"GraphicFilter::ImportGraphic() : ProtType == INetProtocol::NotValid" );
 
     OUString    aMainUrl( rPath.GetMainURL( 
INetURLObject::DecodeMechanism::NONE ) );
+    if (rPath.IsExoticProtocol())
+    {
+        SAL_WARN("vcl.filter", "GraphicFilter::ImportGraphic(), ignore exotic 
protocol: " << aMainUrl);
+        return ERRCODE_GRFILTER_FORMATERROR;
+    }
+
+    ErrCode nRetValue = ERRCODE_GRFILTER_FORMATERROR;
     std::unique_ptr<SvStream> xStream(::utl::UcbStreamHelper::CreateStream( 
aMainUrl, StreamMode::READ | StreamMode::SHARE_DENYNONE ));
     if (xStream)
     {

Reply via email to