[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source xmlsecurity/qa
package/source/manifest/ManifestDefines.hxx |9 +++ package/source/manifest/ManifestImport.cxx | 48 ++-- package/source/manifest/ManifestImport.hxx | 12 +++- xmlsecurity/qa/unit/signing/data/encryptedGPG_odf13.odt |binary xmlsecurity/qa/unit/signing/signing.cxx |8 ++ 5 files changed, 71 insertions(+), 6 deletions(-) New commits: commit dd9232a6b2bcd32c7279e1476445214c6bb9e417 Author: Thorsten Behrens Date: Thu Jun 28 15:17:40 2018 +0200 ODF1.3: import new OpenPGP encryption markup With OFFICE-3940 the loext markup got accepted for ODF1.3 (and the redundant KeyInfo element removed). Make sure manifest parser can import new markup. Change-Id: Id3c88654e8e6e0e256cd68fbb43f1ef670849cf7 Reviewed-on: https://gerrit.libreoffice.org/56597 Tested-by: Jenkins Reviewed-by: Thorsten Behrens (cherry picked from commit a7bf6488ebb544e1efaed0a1e53073df9cc2064d) Reviewed-on: https://gerrit.libreoffice.org/56678 Reviewed-by: Katarina Behrens diff --git a/package/source/manifest/ManifestDefines.hxx b/package/source/manifest/ManifestDefines.hxx index c68c241c7514..44c0cb4c5254 100644 --- a/package/source/manifest/ManifestDefines.hxx +++ b/package/source/manifest/ManifestDefines.hxx @@ -46,6 +46,15 @@ #define ATTRIBUTE_ALGORITHM "loext:PGPAlgorithm" #define ELEMENT_CIPHERDATA "loext:CipherData" #define ELEMENT_CIPHERVALUE "loext:CipherValue" +#define ELEMENT_MANIFEST13_KEYINFO "manifest:keyinfo" +#define ELEMENT_ENCRYPTEDKEY13 "manifest:encrypted-key" +#define ELEMENT_ENCRYPTIONMETHOD13 "manifest:encryption-method" +#define ELEMENT_PGPDATA13 "manifest:PGPData" +#define ELEMENT_PGPKEYID13 "manifest:PGPKeyID" +#define ELEMENT_PGPKEYPACKET13 "manifest:PGPKeyPacket" +#define ATTRIBUTE_ALGORITHM13 "manifest:PGPAlgorithm" +#define ELEMENT_CIPHERDATA13 "manifest:CipherData" +#define ELEMENT_CIPHERVALUE13 "manifest:CipherValue" #define ELEMENT_ENCRYPTION_DATA "manifest:encryption-data" #define ATTRIBUTE_CHECKSUM_TYPE "manifest:checksum-type" diff --git a/package/source/manifest/ManifestImport.cxx b/package/source/manifest/ManifestImport.cxx index 98a9d61128b5..fda529838214 100644 --- a/package/source/manifest/ManifestImport.cxx +++ b/package/source/manifest/ManifestImport.cxx @@ -69,6 +69,16 @@ ManifestImport::ManifestImport( vector < Sequence < PropertyValue > > & rNewManV , sCipherDataElement( ELEMENT_CIPHERDATA ) , sCipherValueElement ( ELEMENT_CIPHERVALUE ) +, sManifestKeyInfoElement13 ( ELEMENT_MANIFEST13_KEYINFO ) +, sEncryptedKeyElement13 ( ELEMENT_ENCRYPTEDKEY13 ) +, sEncryptionMethodElement13 ( ELEMENT_ENCRYPTIONMETHOD13 ) +, sPgpDataElement13 ( ELEMENT_PGPDATA13 ) +, sPgpKeyIDElement13 ( ELEMENT_PGPKEYID13 ) +, sPGPKeyPacketElement13 ( ELEMENT_PGPKEYPACKET13 ) +, sAlgorithmAttribute13 ( ATTRIBUTE_ALGORITHM13 ) +, sCipherDataElement13( ELEMENT_CIPHERDATA13 ) +, sCipherValueElement13 ( ELEMENT_CIPHERVALUE13 ) + , sFullPathProperty ( "FullPath" ) , sMediaTypeProperty( "MediaType" ) , sVersionProperty ( "Version" ) @@ -148,9 +158,10 @@ void ManifestImport::doEncryptedKey(StringHashMap &) aKeyInfoSequence.resize(3); } -void ManifestImport::doEncryptionMethod(StringHashMap &rConvertedAttribs) +void ManifestImport::doEncryptionMethod(StringHashMap &rConvertedAttribs, +const OUString& rAlgoAttrName) { -OUString aString = rConvertedAttribs[sAlgorithmAttribute]; +OUString aString = rConvertedAttribs[rAlgoAttrName]; if ( aKeyInfoSequence.size() != 3 || aString != "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"; ) { @@ -339,7 +350,9 @@ void SAL_CALL ManifestImport::startElement( const OUString& aName, const uno::Re case 2: { if (aConvertedName == sFileEntryElement) //manifest:file-entry doFileEntry(aConvertedAttribs); -else if (aConvertedName == sManifestKeyInfoElement) //loext:KeyInfo +else if (aConvertedName == sManifestKeyInfoElement) //loext:keyinfo +doKeyInfoEntry(aConvertedAttribs); +else if (aConvertedName == sManifestKeyInfoElement13) //manifest:keyinfo doKeyInfoEntry(aConvertedAttribs); else aStack.back().m_bValid = false; @@ -355,6 +368,8 @@ void SAL_CALL ManifestImport::startElement( const OUString& aName, const uno::Re doEncryptionData(aConvertedAttribs); else if (aConvertedName == sEncryptedKeyElement) //loext:encrypted-key doEncryptedKey(aConvertedAttribs); +else if (aConvertedName == sEncryptedKeyElement13) //manifest:encrypted-key +doEncryptedKey(aConvertedAttribs); else aStack.back().m_bValid = false;
[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source sw/qa
package/source/xstor/xstorage.cxx |2 -- sw/qa/core/data/odt/fail/forcepoint-xstor-1.odt |binary 2 files changed, 2 deletions(-) New commits: commit 8182037871daf1d94f4beff63afeb56b20055480 Author: Caolán McNamara Date: Sat Apr 7 20:24:40 2018 +0100 forcepoint#37 revert tdf#108572 let remove storage element reverts commit 26957fc325c27cf61e8efb380d627def4931 Date: Wed Sep 6 10:54:50 2017 +0200 tdf#108572 let remove storage element void OStorage_Impl::RemoveElement( SotElement_Impl* pElement ) expects that m_pAntiImpl will be nullptr, if not throws an exception. This caused that in case of deleting embedded database used for mail merge it wasn't fully removed and The problem is that by allowing the removal of the element, existing readonly accessors are left pointing to the deleted element which causes quite some problems as seen in this sample document Change-Id: Ie6ac36e6dea771b02637d77b78eb8026e3bb7ae8 Reviewed-on: https://gerrit.libreoffice.org/52600 Tested-by: Jenkins Reviewed-by: Michael Stahl diff --git a/package/source/xstor/xstorage.cxx b/package/source/xstor/xstorage.cxx index 5c494a586197..48bc0d6aeb04 100644 --- a/package/source/xstor/xstorage.cxx +++ b/package/source/xstor/xstorage.cxx @@ -2813,8 +2813,6 @@ void SAL_CALL OStorage::removeElement( const OUString& aElementName ) if ( !pElement ) throw container::NoSuchElementException( THROW_WHERE ); //??? -if ( pElement->m_xStorage ) -pElement->m_xStorage->m_pAntiImpl = nullptr; m_pImpl->RemoveElement( pElement ); m_pImpl->m_bIsModified = true; diff --git a/sw/qa/core/data/odt/fail/forcepoint-xstor-1.odt b/sw/qa/core/data/odt/fail/forcepoint-xstor-1.odt new file mode 100755 index ..1844d7882ba9 Binary files /dev/null and b/sw/qa/core/data/odt/fail/forcepoint-xstor-1.odt differ ___ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source
package/source/manifest/ManifestExport.cxx |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) New commits: commit ce5d2cd0d9fe0c04fde50ba54fb4ca154f2bdf12 Author: himajin10 Date: Mon Mar 12 04:52:30 2018 +0900 tdf#116351: fix re-use of AttributeList on PGP manifest multiple attributes of the same name on the same element, because AttributeList was wrongly re-used Change-Id: I29b2317ce3d836d7349fa0474709726bed2c5ad4 Reviewed-on: https://gerrit.libreoffice.org/51087 Reviewed-by: Thorsten Behrens Tested-by: Thorsten Behrens (cherry picked from commit 32f42d093d4408666151d03f04823e2bb39e46cd) Reviewed-on: https://gerrit.libreoffice.org/51250 Tested-by: Jenkins Reviewed-by: Samuel Mehrbrodt diff --git a/package/source/manifest/ManifestExport.cxx b/package/source/manifest/ManifestExport.cxx index 5cf87334ca62..d8c00cf5f9a0 100644 --- a/package/source/manifest/ManifestExport.cxx +++ b/package/source/manifest/ManifestExport.cxx @@ -231,8 +231,6 @@ ManifestExport::ManifestExport( uno::Reference< xml::sax::XDocumentHandler > con { // yeah, so that goes directly below the manifest:manifest // element -::comphelper::AttributeList * pNewAttrList = new ::comphelper::AttributeList; -uno::Reference < xml::sax::XAttributeList > xNewAttrList (pNewAttrList); OUStringBuffer aBuffer; xHandler->ignorableWhitespace ( sWhiteSpace ); @@ -267,6 +265,8 @@ ManifestExport::ManifestExport( uno::Reference< xml::sax::XDocumentHandler > con xHandler->startElement( sEncryptedKeyElement, nullptr ); xHandler->ignorableWhitespace ( sWhiteSpace ); +::comphelper::AttributeList * pNewAttrList = new ::comphelper::AttributeList; +uno::Reference < xml::sax::XAttributeList > xNewAttrList (pNewAttrList); // TODO: the algorithm should rather be configurable pNewAttrList->AddAttribute ( sAlgorithmAttribute, sCdataAttribute, "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"; ); ___ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source
package/source/zipapi/ZipFile.cxx |7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) New commits: commit 060c6a01a23375ba60ac8158e1b97edc9ac49f03 Author: Caolán McNamara Date: Fri Feb 23 12:53:34 2018 + forcepoint #5 check for short read a zip file within a structured storage stream. underlying storage stream claims larger size that it can satisfy on read Change-Id: I8516b12df33ad78b2525192826f5e3aef2622eb8 Reviewed-on: https://gerrit.libreoffice.org/50239 Reviewed-by: Michael Stahl Tested-by: Jenkins diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx index 6e9351c69f1a..1ef81bf582a5 100644 --- a/package/source/zipapi/ZipFile.cxx +++ b/package/source/zipapi/ZipFile.cxx @@ -838,11 +838,14 @@ sal_Int32 ZipFile::findEND() nEnd = nPos >= 0 ? nPos : 0 ; aGrabber.seek( nEnd ); -aGrabber.readBytes ( aBuffer, nLength - nEnd ); + +auto nSize = nLength - nEnd; +if (nSize != aGrabber.readBytes(aBuffer, nSize)) +throw ZipException("Zip END signature not found!" ); const sal_Int8 *pBuffer = aBuffer.getConstArray(); -nPos = nLength - nEnd - ENDHDR; +nPos = nSize - ENDHDR; while ( nPos >= 0 ) { if (pBuffer[nPos] == 'P' && pBuffer[nPos+1] == 'K' && pBuffer[nPos+2] == 5 && pBuffer[nPos+3] == 6 ) ___ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source
package/source/zipapi/ZipFile.cxx |8 +--- 1 file changed, 5 insertions(+), 3 deletions(-) New commits: commit 52f549cc523e6dcf27da5a3a1ee6be89c041bdda Author: Caolán McNamara Date: Tue Feb 6 21:21:30 2018 + MemoryByteGrabber sequence has to exist for Grabber lifetime it just takes a c++ ref, so a temp is an unsuitable arg Change-Id: I40490e94d977df91b985bc4ae458b68ee85d5dfe Reviewed-on: https://gerrit.libreoffice.org/49322 Tested-by: Jenkins Reviewed-by: Stephan Bergmann Reviewed-by: Michael Stahl diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx index 1d10a56aaf9c..6e9351c69f1a 100644 --- a/package/source/zipapi/ZipFile.cxx +++ b/package/source/zipapi/ZipFile.cxx @@ -902,7 +902,7 @@ sal_Int32 ZipFile::readCEN() if ( static_cast < sal_Int64 > ( nCenLen ) != nRead ) throw ZipException ("Error reading CEN into memory buffer!" ); -MemoryByteGrabber aMemGrabber ( aCENBuffer ); +MemoryByteGrabber aMemGrabber(aCENBuffer); ZipEntry aEntry; sal_Int16 nCommentLen; @@ -1015,7 +1015,8 @@ void ZipFile::recover() if ( nPos < nBufSize - 30 && pBuffer[nPos] == 'P' && pBuffer[nPos+1] == 'K' && pBuffer[nPos+2] == 3 && pBuffer[nPos+3] == 4 ) { ZipEntry aEntry; -MemoryByteGrabber aMemGrabber ( Sequence< sal_Int8 >( &(pBuffer[nPos+4]), 26 ) ); +Sequence aTmpBuffer(&(pBuffer[nPos+4]), 26); +MemoryByteGrabber aMemGrabber(aTmpBuffer); aEntry.nVersion = aMemGrabber.ReadInt16(); if ( ( aEntry.nVersion & 1 ) != 1 ) @@ -1084,7 +1085,8 @@ void ZipFile::recover() else if (pBuffer[nPos] == 'P' && pBuffer[nPos+1] == 'K' && pBuffer[nPos+2] == 7 && pBuffer[nPos+3] == 8 ) { sal_Int64 nCompressedSize, nSize; -MemoryByteGrabber aMemGrabber ( Sequence< sal_Int8 >( &(pBuffer[nPos+4]), 12 ) ); +Sequence aTmpBuffer(&(pBuffer[nPos+4]), 12); +MemoryByteGrabber aMemGrabber(aTmpBuffer); sal_Int32 nCRC32 = aMemGrabber.ReadInt32(); sal_uInt32 nCompressedSize32 = aMemGrabber.ReadUInt32(); sal_uInt32 nSize32 = aMemGrabber.ReadUInt32(); ___ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source
package/source/zipapi/XUnbufferedStream.cxx |1 + 1 file changed, 1 insertion(+) New commits: commit 0435aa08f4f6504dee6065ea6e4a55fbb07b8f77 Author: Michael Meeks Date: Fri Jan 5 12:18:18 2018 + tdf#114819 - include the synthetic encrpytion header into the size. Change-Id: I090347046725a1ebb7a36f465654c29f7443d20d Reviewed-on: https://gerrit.libreoffice.org/47467 Tested-by: Jenkins Reviewed-by: Michael Meeks (cherry picked from commit dc885c071b71e6f6f76bedaecf7f0b1a81dd1d57) Reviewed-on: https://gerrit.libreoffice.org/47499 Reviewed-by: jan iversen Tested-by: Markus Mohrhard Reviewed-by: Markus Mohrhard diff --git a/package/source/zipapi/XUnbufferedStream.cxx b/package/source/zipapi/XUnbufferedStream.cxx index 1e219b698871..162bab6d7580 100644 --- a/package/source/zipapi/XUnbufferedStream.cxx +++ b/package/source/zipapi/XUnbufferedStream.cxx @@ -102,6 +102,7 @@ XUnbufferedStream::XUnbufferedStream( sal_Int8 * pHeader = maHeader.getArray(); ZipFile::StaticFillHeader( rData, rEntry.nSize, aMediaType, pHeader ); mnHeaderToRead = static_cast < sal_Int16 > ( maHeader.getLength() ); +mnZipSize += mnHeaderToRead; } } ___ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source
package/source/zipapi/ZipFile.cxx | 12 ++-- 1 file changed, 10 insertions(+), 2 deletions(-) New commits: commit 6a40c4e0ddf606f2fac776764eede2fb5ccde354 Author: Caolán McNamara Date: Wed Dec 27 18:38:42 2017 + ofz#4806 Infinite loop Change-Id: I89a24fa3ce4034ef207233b96c5e26a7b7787444 Reviewed-on: https://gerrit.libreoffice.org/47101 Tested-by: Jenkins Reviewed-by: Michael Stahl diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx index 61f7ea1dacc1..de4c1a364acd 100644 --- a/package/source/zipapi/ZipFile.cxx +++ b/package/source/zipapi/ZipFile.cxx @@ -539,6 +539,7 @@ public: const sal_Int32 nBufSize = 8192; sal_Int32 nRemaining = xSrcStream->available(); +sal_Int32 nRead = 0; maBytes.reserve(nRemaining); uno::Sequence aBuf(nBufSize); @@ -552,10 +553,17 @@ public: }; while (nRemaining > nBufSize) -nRemaining -= readAndCopy(nBufSize); +{ +const auto nBytes = readAndCopy(nBufSize); +if (!nBytes) +break; +nRead += nBytes; +nRemaining -= nBytes; +} if (nRemaining) -readAndCopy(nRemaining); +nRead += readAndCopy(nRemaining); +maBytes.resize(nRead); } virtual sal_Int32 SAL_CALL readBytes( uno::Sequence& rData, sal_Int32 nBytesToRead ) override ___ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source
package/source/zippackage/ZipPackage.cxx | 17 ++--- 1 file changed, 14 insertions(+), 3 deletions(-) New commits: commit ac022ecc76337eb58c4a002775463c11bb0e8b86 Author: Caolán McNamara Date: Fri Dec 1 13:16:46 2017 + ofz#4491 Bad-Cast Change-Id: Ibee0c3e51ecd2b976d67c3ab28cabf0acb10c6b8 Reviewed-on: https://gerrit.libreoffice.org/45660 Reviewed-by: Michael Stahl Reviewed-by: Caolán McNamara Tested-by: Caolán McNamara diff --git a/package/source/zippackage/ZipPackage.cxx b/package/source/zippackage/ZipPackage.cxx index 9bdd03d7cfd1..3823ed07ffb8 100644 --- a/package/source/zippackage/ZipPackage.cxx +++ b/package/source/zippackage/ZipPackage.cxx @@ -517,7 +517,12 @@ void ZipPackage::getZipFileContents() pCurrent = pPkgFolder; } else -pCurrent = pCurrent->doGetByName( sTemp ).pFolder; +{ +ZipContentInfo& rInfo = pCurrent->doGetByName(sTemp); +if (!rInfo.bFolder) +throw css::packages::zip::ZipIOException("Bad Zip File, stream as folder"); +pCurrent = rInfo.pFolder; +} nOldIndex = nIndex+1; } if ( nStreamIndex != -1 && !sDirName.isEmpty() ) @@ -813,7 +818,10 @@ Any SAL_CALL ZipPackage::getByHierarchicalName( const OUString& aName ) throw NoSuchElementException(THROW_WHERE ); pPrevious = pCurrent; -pCurrent = pCurrent->doGetByName( sTemp ).pFolder; +ZipContentInfo& rInfo = pCurrent->doGetByName(sTemp); +if (!rInfo.bFolder) +throw css::packages::zip::ZipIOException("Bad Zip File, stream as folder"); +pCurrent = rInfo.pFolder; nOldIndex = nIndex+1; } @@ -893,7 +901,10 @@ sal_Bool SAL_CALL ZipPackage::hasByHierarchicalName( const OUString& aName ) if ( pCurrent->hasByName( sTemp ) ) { pPrevious = pCurrent; -pCurrent = pCurrent->doGetByName( sTemp ).pFolder; +ZipContentInfo& rInfo = pCurrent->doGetByName(sTemp); +if (!rInfo.bFolder) +throw css::packages::zip::ZipIOException("Bad Zip File, stream as folder"); +pCurrent = rInfo.pFolder; } else return false; ___ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
[Libreoffice-commits] core.git: Branch 'libreoffice-6-0' - package/source
package/source/zipapi/MemoryByteGrabber.hxx |2 ++ package/source/zipapi/ZipFile.cxx |3 +++ 2 files changed, 5 insertions(+) New commits: commit 2867c32c99b85e42b018266988dc8f7796c1fc77 Author: Caolán McNamara Date: Mon Nov 27 16:29:37 2017 + keep track of available data Change-Id: Idc54cdef0f3a4355a7e26f25cdc5b50d65d9d583 Reviewed-on: https://gerrit.libreoffice.org/45353 Reviewed-by: Michael Stahl Reviewed-by: Caolán McNamara Tested-by: Caolán McNamara diff --git a/package/source/zipapi/MemoryByteGrabber.hxx b/package/source/zipapi/MemoryByteGrabber.hxx index 1366eea478b0..5417406db379 100644 --- a/package/source/zipapi/MemoryByteGrabber.hxx +++ b/package/source/zipapi/MemoryByteGrabber.hxx @@ -36,6 +36,8 @@ public: } const sal_Int8 * getCurrentPos () { return mpBuffer + mnCurrent; } +sal_Int32 remainingSize() const { return mnEnd - mnCurrent; } + // XInputStream chained /// @throws css::io::NotConnectedException diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx index b7cdf7289d4c..61f7ea1dacc1 100644 --- a/package/source/zipapi/ZipFile.cxx +++ b/package/source/zipapi/ZipFile.cxx @@ -934,6 +934,9 @@ sal_Int32 ZipFile::readCEN() if ( aEntry.nExtraLen < 0 ) throw ZipException("unexpected extra header info length" ); +if (aEntry.nPathLen > aMemGrabber.remainingSize()) +throw ZipException("name too long"); + // read always in UTF8, some tools seem not to set UTF8 bit aEntry.sPath = OUString::intern ( reinterpret_cast(aMemGrabber.getCurrentPos()), aEntry.nPathLen, ___ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits