vcl/source/gdi/TypeSerializer.cxx | 15 +++++++++++++++ 1 file changed, 15 insertions(+)
New commits: commit c2615d52f6ec79d99f552299226106ff9415b08d Author: Caolán McNamara <[email protected]> AuthorDate: Sun Mar 1 15:26:55 2026 +0000 Commit: Xisco Fauli <[email protected]> CommitDate: Thu Mar 5 21:43:20 2026 +0100 ofz#473156285 Integer-overflow FWIW oox/source/drawingml/fillproperties.cxx is also clamping nOffsetX/nOffsetY to max 100. nBorder > 100% doesn't seem to make sense and the various GtkAdjustments for the ui limit those to 100% too. Change-Id: I9efb765af549ac13bdbd9c50a313f0d902059522 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/200713 Tested-by: Caolán McNamara <[email protected]> Reviewed-by: Caolán McNamara <[email protected]> (cherry picked from commit ac03040f68d91f6a185596108a8f055e74b99042) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/201057 Tested-by: Jenkins Reviewed-by: Xisco Fauli <[email protected]> diff --git a/vcl/source/gdi/TypeSerializer.cxx b/vcl/source/gdi/TypeSerializer.cxx index 0edf74bba537..adab7c48f9fb 100644 --- a/vcl/source/gdi/TypeSerializer.cxx +++ b/vcl/source/gdi/TypeSerializer.cxx @@ -67,8 +67,23 @@ void TypeSerializer::readGradient(Gradient& rGradient) nAngle = 0; } rGradient.SetAngle(Degree10(nAngle)); + if (nBorder > 100) + { + SAL_WARN("vcl", "border out of range " << nBorder); + nBorder = 100; + } rGradient.SetBorder(nBorder); + if (nOffsetX > 100) + { + SAL_WARN("vcl", "offset x out of range " << nOffsetX); + nOffsetX = 100; + } rGradient.SetOfsX(nOffsetX); + if (nOffsetY > 100) + { + SAL_WARN("vcl", "offset y out of range " << nOffsetY); + nOffsetY = 100; + } rGradient.SetOfsY(nOffsetY); rGradient.SetStartIntensity(nIntensityStart); rGradient.SetEndIntensity(nIntensityEnd);
