subject:"\"\\\\\\\[Libreoffice\\\\\\\-commits\\\\\\\] core.git\\\\\\\: Branch 'libreoffice\\\\\\\-6\\\\\\\-0' \\\\\\\- package\\\\\\\/source\""

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source xmlsecurity/qa

2018-06-29 Thread Thorsten Behrens

 package/source/manifest/ManifestDefines.hxx |9 +++
 package/source/manifest/ManifestImport.cxx  |   48 ++--
 package/source/manifest/ManifestImport.hxx  |   12 +++-
 xmlsecurity/qa/unit/signing/data/encryptedGPG_odf13.odt |binary
 xmlsecurity/qa/unit/signing/signing.cxx |8 ++
 5 files changed, 71 insertions(+), 6 deletions(-)

New commits:
commit dd9232a6b2bcd32c7279e1476445214c6bb9e417
Author: Thorsten Behrens 
Date:   Thu Jun 28 15:17:40 2018 +0200

ODF1.3: import new OpenPGP encryption markup

With OFFICE-3940 the loext markup got accepted for ODF1.3 (and
the redundant KeyInfo element removed). Make sure manifest parser
can import new markup.

Change-Id: Id3c88654e8e6e0e256cd68fbb43f1ef670849cf7
Reviewed-on: https://gerrit.libreoffice.org/56597
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens 
(cherry picked from commit a7bf6488ebb544e1efaed0a1e53073df9cc2064d)
Reviewed-on: https://gerrit.libreoffice.org/56678
Reviewed-by: Katarina Behrens 

diff --git a/package/source/manifest/ManifestDefines.hxx 
b/package/source/manifest/ManifestDefines.hxx
index c68c241c7514..44c0cb4c5254 100644
--- a/package/source/manifest/ManifestDefines.hxx
+++ b/package/source/manifest/ManifestDefines.hxx
@@ -46,6 +46,15 @@
 #define ATTRIBUTE_ALGORITHM "loext:PGPAlgorithm"
 #define ELEMENT_CIPHERDATA "loext:CipherData"
 #define ELEMENT_CIPHERVALUE "loext:CipherValue"
+#define ELEMENT_MANIFEST13_KEYINFO "manifest:keyinfo"
+#define ELEMENT_ENCRYPTEDKEY13 "manifest:encrypted-key"
+#define ELEMENT_ENCRYPTIONMETHOD13 "manifest:encryption-method"
+#define ELEMENT_PGPDATA13 "manifest:PGPData"
+#define ELEMENT_PGPKEYID13 "manifest:PGPKeyID"
+#define ELEMENT_PGPKEYPACKET13 "manifest:PGPKeyPacket"
+#define ATTRIBUTE_ALGORITHM13 "manifest:PGPAlgorithm"
+#define ELEMENT_CIPHERDATA13 "manifest:CipherData"
+#define ELEMENT_CIPHERVALUE13 "manifest:CipherValue"
 
 #define ELEMENT_ENCRYPTION_DATA "manifest:encryption-data"
 #define ATTRIBUTE_CHECKSUM_TYPE "manifest:checksum-type"
diff --git a/package/source/manifest/ManifestImport.cxx 
b/package/source/manifest/ManifestImport.cxx
index 98a9d61128b5..fda529838214 100644
--- a/package/source/manifest/ManifestImport.cxx
+++ b/package/source/manifest/ManifestImport.cxx
@@ -69,6 +69,16 @@ ManifestImport::ManifestImport( vector < Sequence < 
PropertyValue > > & rNewManV
 , sCipherDataElement( ELEMENT_CIPHERDATA )
 , sCipherValueElement   ( ELEMENT_CIPHERVALUE )
 
+, sManifestKeyInfoElement13   ( ELEMENT_MANIFEST13_KEYINFO )
+, sEncryptedKeyElement13  ( ELEMENT_ENCRYPTEDKEY13 )
+, sEncryptionMethodElement13  ( ELEMENT_ENCRYPTIONMETHOD13 )
+, sPgpDataElement13   ( ELEMENT_PGPDATA13 )
+, sPgpKeyIDElement13  ( ELEMENT_PGPKEYID13 )
+, sPGPKeyPacketElement13  ( ELEMENT_PGPKEYPACKET13 )
+, sAlgorithmAttribute13   ( ATTRIBUTE_ALGORITHM13 )
+, sCipherDataElement13( ELEMENT_CIPHERDATA13 )
+, sCipherValueElement13   ( ELEMENT_CIPHERVALUE13 )
+
 , sFullPathProperty ( "FullPath" )
 , sMediaTypeProperty( "MediaType" )
 , sVersionProperty  ( "Version" )
@@ -148,9 +158,10 @@ void ManifestImport::doEncryptedKey(StringHashMap &)
 aKeyInfoSequence.resize(3);
 }
 
-void ManifestImport::doEncryptionMethod(StringHashMap &rConvertedAttribs)
+void ManifestImport::doEncryptionMethod(StringHashMap &rConvertedAttribs,
+const OUString& rAlgoAttrName)
 {
-OUString aString = rConvertedAttribs[sAlgorithmAttribute];
+OUString aString = rConvertedAttribs[rAlgoAttrName];
 if ( aKeyInfoSequence.size() != 3
  || aString != "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"; )
 {
@@ -339,7 +350,9 @@ void SAL_CALL ManifestImport::startElement( const OUString& 
aName, const uno::Re
 case 2: {
 if (aConvertedName == sFileEntryElement) //manifest:file-entry
 doFileEntry(aConvertedAttribs);
-else if (aConvertedName == sManifestKeyInfoElement) //loext:KeyInfo
+else if (aConvertedName == sManifestKeyInfoElement) //loext:keyinfo
+doKeyInfoEntry(aConvertedAttribs);
+else if (aConvertedName == sManifestKeyInfoElement13) 
//manifest:keyinfo
 doKeyInfoEntry(aConvertedAttribs);
 else
 aStack.back().m_bValid = false;
@@ -355,6 +368,8 @@ void SAL_CALL ManifestImport::startElement( const OUString& 
aName, const uno::Re
 doEncryptionData(aConvertedAttribs);
 else if (aConvertedName == sEncryptedKeyElement)   
//loext:encrypted-key
 doEncryptedKey(aConvertedAttribs);
+else if (aConvertedName == sEncryptedKeyElement13)   
//manifest:encrypted-key
+doEncryptedKey(aConvertedAttribs);
 else
 aStack.back().m_bValid = false;

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source sw/qa

2018-04-10 Thread Caolán McNamara

 package/source/xstor/xstorage.cxx   |2 --
 sw/qa/core/data/odt/fail/forcepoint-xstor-1.odt |binary
 2 files changed, 2 deletions(-)

New commits:
commit 8182037871daf1d94f4beff63afeb56b20055480
Author: Caolán McNamara 
Date:   Sat Apr 7 20:24:40 2018 +0100

forcepoint#37 revert tdf#108572 let remove storage element

reverts

commit 26957fc325c27cf61e8efb380d627def4931
Date:   Wed Sep 6 10:54:50 2017 +0200

tdf#108572 let remove storage element

void OStorage_Impl::RemoveElement( SotElement_Impl* pElement )
expects that m_pAntiImpl will be nullptr, if not throws an exception.
This caused that in case of deleting embedded database used for
mail merge it wasn't fully removed and

The problem is that by allowing the removal of the element, existing 
readonly
accessors are left pointing to the deleted element which causes quite some 
problems
as seen in this sample document

Change-Id: Ie6ac36e6dea771b02637d77b78eb8026e3bb7ae8
Reviewed-on: https://gerrit.libreoffice.org/52600
Tested-by: Jenkins 
Reviewed-by: Michael Stahl 

diff --git a/package/source/xstor/xstorage.cxx 
b/package/source/xstor/xstorage.cxx
index 5c494a586197..48bc0d6aeb04 100644
--- a/package/source/xstor/xstorage.cxx
+++ b/package/source/xstor/xstorage.cxx
@@ -2813,8 +2813,6 @@ void SAL_CALL OStorage::removeElement( const OUString& 
aElementName )
 if ( !pElement )
 throw container::NoSuchElementException( THROW_WHERE ); //???
 
-if ( pElement->m_xStorage )
-pElement->m_xStorage->m_pAntiImpl = nullptr;
 m_pImpl->RemoveElement( pElement );
 
 m_pImpl->m_bIsModified = true;
diff --git a/sw/qa/core/data/odt/fail/forcepoint-xstor-1.odt 
b/sw/qa/core/data/odt/fail/forcepoint-xstor-1.odt
new file mode 100755
index ..1844d7882ba9
Binary files /dev/null and b/sw/qa/core/data/odt/fail/forcepoint-xstor-1.odt 
differ
___
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source

2018-03-15 Thread himajin100000

 package/source/manifest/ManifestExport.cxx |4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

New commits:
commit ce5d2cd0d9fe0c04fde50ba54fb4ca154f2bdf12
Author: himajin10 
Date:   Mon Mar 12 04:52:30 2018 +0900

tdf#116351: fix re-use of AttributeList on PGP manifest

multiple attributes of the same name on the same element,
because AttributeList was wrongly re-used

Change-Id: I29b2317ce3d836d7349fa0474709726bed2c5ad4
Reviewed-on: https://gerrit.libreoffice.org/51087
Reviewed-by: Thorsten Behrens 
Tested-by: Thorsten Behrens 
(cherry picked from commit 32f42d093d4408666151d03f04823e2bb39e46cd)
Reviewed-on: https://gerrit.libreoffice.org/51250
Tested-by: Jenkins 
Reviewed-by: Samuel Mehrbrodt 

diff --git a/package/source/manifest/ManifestExport.cxx 
b/package/source/manifest/ManifestExport.cxx
index 5cf87334ca62..d8c00cf5f9a0 100644
--- a/package/source/manifest/ManifestExport.cxx
+++ b/package/source/manifest/ManifestExport.cxx
@@ -231,8 +231,6 @@ ManifestExport::ManifestExport( uno::Reference< 
xml::sax::XDocumentHandler > con
 {
 // yeah, so that goes directly below the manifest:manifest
 // element
-::comphelper::AttributeList * pNewAttrList = new 
::comphelper::AttributeList;
-uno::Reference < xml::sax::XAttributeList > xNewAttrList 
(pNewAttrList);
 OUStringBuffer aBuffer;
 
 xHandler->ignorableWhitespace ( sWhiteSpace );
@@ -267,6 +265,8 @@ ManifestExport::ManifestExport( uno::Reference< 
xml::sax::XDocumentHandler > con
 xHandler->startElement( sEncryptedKeyElement, nullptr );
 xHandler->ignorableWhitespace ( sWhiteSpace );
 
+::comphelper::AttributeList * pNewAttrList = new 
::comphelper::AttributeList;
+uno::Reference < xml::sax::XAttributeList > xNewAttrList 
(pNewAttrList);
 // TODO: the algorithm should rather be configurable
 pNewAttrList->AddAttribute ( sAlgorithmAttribute, 
sCdataAttribute,
  
"http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"; );
___
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source

2018-02-23 Thread Caolán McNamara

 package/source/zipapi/ZipFile.cxx |7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

New commits:
commit 060c6a01a23375ba60ac8158e1b97edc9ac49f03
Author: Caolán McNamara 
Date:   Fri Feb 23 12:53:34 2018 +

forcepoint #5 check for short read

a zip file within a structured storage stream. underlying storage stream
claims larger size that it can satisfy on read

Change-Id: I8516b12df33ad78b2525192826f5e3aef2622eb8
Reviewed-on: https://gerrit.libreoffice.org/50239
Reviewed-by: Michael Stahl 
Tested-by: Jenkins 

diff --git a/package/source/zipapi/ZipFile.cxx 
b/package/source/zipapi/ZipFile.cxx
index 6e9351c69f1a..1ef81bf582a5 100644
--- a/package/source/zipapi/ZipFile.cxx
+++ b/package/source/zipapi/ZipFile.cxx
@@ -838,11 +838,14 @@ sal_Int32 ZipFile::findEND()
 nEnd = nPos >= 0 ? nPos : 0 ;
 
 aGrabber.seek( nEnd );
-aGrabber.readBytes ( aBuffer, nLength - nEnd );
+
+auto nSize = nLength - nEnd;
+if (nSize != aGrabber.readBytes(aBuffer, nSize))
+throw ZipException("Zip END signature not found!" );
 
 const sal_Int8 *pBuffer = aBuffer.getConstArray();
 
-nPos = nLength - nEnd - ENDHDR;
+nPos = nSize - ENDHDR;
 while ( nPos >= 0 )
 {
 if (pBuffer[nPos] == 'P' && pBuffer[nPos+1] == 'K' && 
pBuffer[nPos+2] == 5 && pBuffer[nPos+3] == 6 )
___
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source

2018-02-07 Thread Caolán McNamara

 package/source/zipapi/ZipFile.cxx |8 +---
 1 file changed, 5 insertions(+), 3 deletions(-)

New commits:
commit 52f549cc523e6dcf27da5a3a1ee6be89c041bdda
Author: Caolán McNamara 
Date:   Tue Feb 6 21:21:30 2018 +

MemoryByteGrabber sequence has to exist for Grabber lifetime

it just takes a c++ ref, so a temp is an unsuitable arg

Change-Id: I40490e94d977df91b985bc4ae458b68ee85d5dfe
Reviewed-on: https://gerrit.libreoffice.org/49322
Tested-by: Jenkins 
Reviewed-by: Stephan Bergmann 
Reviewed-by: Michael Stahl 

diff --git a/package/source/zipapi/ZipFile.cxx 
b/package/source/zipapi/ZipFile.cxx
index 1d10a56aaf9c..6e9351c69f1a 100644
--- a/package/source/zipapi/ZipFile.cxx
+++ b/package/source/zipapi/ZipFile.cxx
@@ -902,7 +902,7 @@ sal_Int32 ZipFile::readCEN()
 if ( static_cast < sal_Int64 > ( nCenLen ) != nRead )
 throw ZipException ("Error reading CEN into memory buffer!" );
 
-MemoryByteGrabber aMemGrabber ( aCENBuffer );
+MemoryByteGrabber aMemGrabber(aCENBuffer);
 
 ZipEntry aEntry;
 sal_Int16 nCommentLen;
@@ -1015,7 +1015,8 @@ void ZipFile::recover()
 if ( nPos < nBufSize - 30 && pBuffer[nPos] == 'P' && 
pBuffer[nPos+1] == 'K' && pBuffer[nPos+2] == 3 && pBuffer[nPos+3] == 4 )
 {
 ZipEntry aEntry;
-MemoryByteGrabber aMemGrabber ( Sequence< sal_Int8 >( 
&(pBuffer[nPos+4]), 26 ) );
+Sequence aTmpBuffer(&(pBuffer[nPos+4]), 26);
+MemoryByteGrabber aMemGrabber(aTmpBuffer);
 
 aEntry.nVersion = aMemGrabber.ReadInt16();
 if ( ( aEntry.nVersion & 1 ) != 1 )
@@ -1084,7 +1085,8 @@ void ZipFile::recover()
 else if (pBuffer[nPos] == 'P' && pBuffer[nPos+1] == 'K' && 
pBuffer[nPos+2] == 7 && pBuffer[nPos+3] == 8 )
 {
 sal_Int64 nCompressedSize, nSize;
-MemoryByteGrabber aMemGrabber ( Sequence< sal_Int8 >( 
&(pBuffer[nPos+4]), 12 ) );
+Sequence aTmpBuffer(&(pBuffer[nPos+4]), 12);
+MemoryByteGrabber aMemGrabber(aTmpBuffer);
 sal_Int32 nCRC32 = aMemGrabber.ReadInt32();
 sal_uInt32 nCompressedSize32 = aMemGrabber.ReadUInt32();
 sal_uInt32 nSize32 = aMemGrabber.ReadUInt32();
___
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source

2018-01-07 Thread Michael Meeks

 package/source/zipapi/XUnbufferedStream.cxx |1 +
 1 file changed, 1 insertion(+)

New commits:
commit 0435aa08f4f6504dee6065ea6e4a55fbb07b8f77
Author: Michael Meeks 
Date:   Fri Jan 5 12:18:18 2018 +

tdf#114819 - include the synthetic encrpytion header into the size.

Change-Id: I090347046725a1ebb7a36f465654c29f7443d20d
Reviewed-on: https://gerrit.libreoffice.org/47467
Tested-by: Jenkins 
Reviewed-by: Michael Meeks 
(cherry picked from commit dc885c071b71e6f6f76bedaecf7f0b1a81dd1d57)
Reviewed-on: https://gerrit.libreoffice.org/47499
Reviewed-by: jan iversen 
Tested-by: Markus Mohrhard 
Reviewed-by: Markus Mohrhard 

diff --git a/package/source/zipapi/XUnbufferedStream.cxx 
b/package/source/zipapi/XUnbufferedStream.cxx
index 1e219b698871..162bab6d7580 100644
--- a/package/source/zipapi/XUnbufferedStream.cxx
+++ b/package/source/zipapi/XUnbufferedStream.cxx
@@ -102,6 +102,7 @@ XUnbufferedStream::XUnbufferedStream(
 sal_Int8 * pHeader = maHeader.getArray();
 ZipFile::StaticFillHeader( rData, rEntry.nSize, aMediaType, pHeader );
 mnHeaderToRead = static_cast < sal_Int16 > ( maHeader.getLength() );
+mnZipSize += mnHeaderToRead;
 }
 }
 
___
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source

2018-01-03 Thread Caolán McNamara

 package/source/zipapi/ZipFile.cxx |   12 ++--
 1 file changed, 10 insertions(+), 2 deletions(-)

New commits:
commit 6a40c4e0ddf606f2fac776764eede2fb5ccde354
Author: CaolÃ¡n McNamara 
Date:   Wed Dec 27 18:38:42 2017 +

ofz#4806 Infinite loop

Change-Id: I89a24fa3ce4034ef207233b96c5e26a7b7787444
Reviewed-on: https://gerrit.libreoffice.org/47101
Tested-by: Jenkins 
Reviewed-by: Michael Stahl 

diff --git a/package/source/zipapi/ZipFile.cxx 
b/package/source/zipapi/ZipFile.cxx
index 61f7ea1dacc1..de4c1a364acd 100644
--- a/package/source/zipapi/ZipFile.cxx
+++ b/package/source/zipapi/ZipFile.cxx
@@ -539,6 +539,7 @@ public:
 const sal_Int32 nBufSize = 8192;
 
 sal_Int32 nRemaining = xSrcStream->available();
+sal_Int32 nRead = 0;
 maBytes.reserve(nRemaining);
 uno::Sequence aBuf(nBufSize);
 
@@ -552,10 +553,17 @@ public:
 };
 
 while (nRemaining > nBufSize)
-nRemaining -= readAndCopy(nBufSize);
+{
+const auto nBytes = readAndCopy(nBufSize);
+if (!nBytes)
+break;
+nRead += nBytes;
+nRemaining -= nBytes;
+}
 
 if (nRemaining)
-readAndCopy(nRemaining);
+nRead += readAndCopy(nRemaining);
+maBytes.resize(nRead);
 }
 
 virtual sal_Int32 SAL_CALL readBytes( uno::Sequence& rData, 
sal_Int32 nBytesToRead ) override
___
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source

2017-12-02 Thread Caolán McNamara

 package/source/zippackage/ZipPackage.cxx |   17 ++---
 1 file changed, 14 insertions(+), 3 deletions(-)

New commits:
commit ac022ecc76337eb58c4a002775463c11bb0e8b86
Author: CaolÃ¡n McNamara 
Date:   Fri Dec 1 13:16:46 2017 +

ofz#4491 Bad-Cast

Change-Id: Ibee0c3e51ecd2b976d67c3ab28cabf0acb10c6b8
Reviewed-on: https://gerrit.libreoffice.org/45660
Reviewed-by: Michael Stahl 
Reviewed-by: CaolÃ¡n McNamara 
Tested-by: CaolÃ¡n McNamara 

diff --git a/package/source/zippackage/ZipPackage.cxx 
b/package/source/zippackage/ZipPackage.cxx
index 9bdd03d7cfd1..3823ed07ffb8 100644
--- a/package/source/zippackage/ZipPackage.cxx
+++ b/package/source/zippackage/ZipPackage.cxx
@@ -517,7 +517,12 @@ void ZipPackage::getZipFileContents()
 pCurrent = pPkgFolder;
 }
 else
-pCurrent = pCurrent->doGetByName( sTemp ).pFolder;
+{
+ZipContentInfo& rInfo = pCurrent->doGetByName(sTemp);
+if (!rInfo.bFolder)
+throw css::packages::zip::ZipIOException("Bad Zip 
File, stream as folder");
+pCurrent = rInfo.pFolder;
+}
 nOldIndex = nIndex+1;
 }
 if ( nStreamIndex != -1 && !sDirName.isEmpty() )
@@ -813,7 +818,10 @@ Any SAL_CALL ZipPackage::getByHierarchicalName( const 
OUString& aName )
 throw NoSuchElementException(THROW_WHERE );
 
 pPrevious = pCurrent;
-pCurrent = pCurrent->doGetByName( sTemp ).pFolder;
+ZipContentInfo& rInfo = pCurrent->doGetByName(sTemp);
+if (!rInfo.bFolder)
+throw css::packages::zip::ZipIOException("Bad Zip File, stream as 
folder");
+pCurrent = rInfo.pFolder;
 nOldIndex = nIndex+1;
 }
 
@@ -893,7 +901,10 @@ sal_Bool SAL_CALL ZipPackage::hasByHierarchicalName( const 
OUString& aName )
 if ( pCurrent->hasByName( sTemp ) )
 {
 pPrevious = pCurrent;
-pCurrent = pCurrent->doGetByName( sTemp ).pFolder;
+ZipContentInfo& rInfo = pCurrent->doGetByName(sTemp);
+if (!rInfo.bFolder)
+throw css::packages::zip::ZipIOException("Bad Zip File, 
stream as folder");
+pCurrent = rInfo.pFolder;
 }
 else
 return false;
___
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source

2017-11-28 Thread Caolán McNamara

 package/source/zipapi/MemoryByteGrabber.hxx |2 ++
 package/source/zipapi/ZipFile.cxx   |3 +++
 2 files changed, 5 insertions(+)

New commits:
commit 2867c32c99b85e42b018266988dc8f7796c1fc77
Author: CaolÃ¡n McNamara 
Date:   Mon Nov 27 16:29:37 2017 +

keep track of available data

Change-Id: Idc54cdef0f3a4355a7e26f25cdc5b50d65d9d583
Reviewed-on: https://gerrit.libreoffice.org/45353
Reviewed-by: Michael Stahl 
Reviewed-by: CaolÃ¡n McNamara 
Tested-by: CaolÃ¡n McNamara 

diff --git a/package/source/zipapi/MemoryByteGrabber.hxx 
b/package/source/zipapi/MemoryByteGrabber.hxx
index 1366eea478b0..5417406db379 100644
--- a/package/source/zipapi/MemoryByteGrabber.hxx
+++ b/package/source/zipapi/MemoryByteGrabber.hxx
@@ -36,6 +36,8 @@ public:
 }
 const sal_Int8 * getCurrentPos () { return mpBuffer + mnCurrent; }
 
+sal_Int32 remainingSize() const { return mnEnd - mnCurrent; }
+
 // XInputStream chained
 
 /// @throws css::io::NotConnectedException
diff --git a/package/source/zipapi/ZipFile.cxx 
b/package/source/zipapi/ZipFile.cxx
index b7cdf7289d4c..61f7ea1dacc1 100644
--- a/package/source/zipapi/ZipFile.cxx
+++ b/package/source/zipapi/ZipFile.cxx
@@ -934,6 +934,9 @@ sal_Int32 ZipFile::readCEN()
 if ( aEntry.nExtraLen < 0 )
 throw ZipException("unexpected extra header info length" );
 
+if (aEntry.nPathLen > aMemGrabber.remainingSize())
+throw ZipException("name too long");
+
 // read always in UTF8, some tools seem not to set UTF8 bit
 aEntry.sPath = OUString::intern ( reinterpret_cast(aMemGrabber.getCurrentPos()),
aEntry.nPathLen,
___
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source xmlsecurity/qa

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source sw/qa

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source

[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source

9 matches

Site Navigation

Mail list logo

Footer information