xmlsecurity/source/helper/xsecverify.cxx | 86 ++-
1 file changed, 74 insertions(+), 12 deletions(-)
New commits:
commit e57f68d7e7811584a006ecb8e71f8f96045c48e7
Author: Michael Stahl mst...@redhat.com
Date: Sat Feb 18 00:03:39 2012 +0100
fdo#39657: fix crash when parsing XML signatures
(cherry picked from commit 67c396fb66a9c21c9eafaf4bcc3654706f643df0)
Signed-off-by: Caolán McNamara caol...@redhat.com
diff --git a/xmlsecurity/source/helper/xsecverify.cxx
b/xmlsecurity/source/helper/xsecverify.cxx
index a61eb6e..0f22599 100644
--- a/xmlsecurity/source/helper/xsecverify.cxx
+++ b/xmlsecurity/source/helper/xsecverify.cxx
@@ -121,7 +121,12 @@ void XSecController::addSignature()
void XSecController::addReference( const rtl::OUString ouUri)
{
-InternalSignatureInformation isi =
m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+if (m_vInternalSignatureInformations.empty())
+{
+OSL_TRACE(XSecController::addReference: no signature);
+return;
+}
+InternalSignatureInformation isi =
m_vInternalSignatureInformations.back();
isi.addReference(TYPE_SAMEDOCUMENT_REFERENCE,ouUri, -1 );
}
@@ -131,7 +136,12 @@ void XSecController::addStreamReference(
{
sal_Int32 type =
(isBinary?TYPE_BINARYSTREAM_REFERENCE:TYPE_XMLSTREAM_REFERENCE);
-InternalSignatureInformation isi =
m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+if (m_vInternalSignatureInformations.empty())
+{
+OSL_TRACE(XSecController::addStreamReference: no signature);
+return;
+}
+InternalSignatureInformation isi =
m_vInternalSignatureInformations.back();
if ( isi.xReferenceResolvedListener.is() )
{
@@ -154,7 +164,13 @@ void XSecController::addStreamReference(
void XSecController::setReferenceCount() const
{
-const InternalSignatureInformation isi =
m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+if (m_vInternalSignatureInformations.empty())
+{
+OSL_TRACE(XSecController::setReferenceCount: no signature);
+return;
+}
+const InternalSignatureInformation isi =
+m_vInternalSignatureInformations.back();
if ( isi.xReferenceResolvedListener.is() )
{
@@ -182,51 +198,97 @@ void XSecController::setReferenceCount() const
void XSecController::setX509IssuerName( rtl::OUString ouX509IssuerName )
{
-InternalSignatureInformation isi =
m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+if (m_vInternalSignatureInformations.empty())
+{
+OSL_TRACE(XSecController::setX509IssuerName: no signature);
+return;
+}
+InternalSignatureInformation isi =
m_vInternalSignatureInformations.back();
isi.signatureInfor.ouX509IssuerName = ouX509IssuerName;
}
void XSecController::setX509SerialNumber( rtl::OUString ouX509SerialNumber )
{
-InternalSignatureInformation isi =
m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+if (m_vInternalSignatureInformations.empty())
+{
+OSL_TRACE(XSecController::setX509SerialNumber: no signature);
+return;
+}
+InternalSignatureInformation isi =
m_vInternalSignatureInformations.back();
isi.signatureInfor.ouX509SerialNumber = ouX509SerialNumber;
}
void XSecController::setX509Certificate( rtl::OUString ouX509Certificate )
{
-InternalSignatureInformation isi =
m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+if (m_vInternalSignatureInformations.empty())
+{
+OSL_TRACE(XSecController::setX509Certificate: no signature);
+return;
+}
+InternalSignatureInformation isi =
m_vInternalSignatureInformations.back();
isi.signatureInfor.ouX509Certificate = ouX509Certificate;
}
void XSecController::setSignatureValue( rtl::OUString ouSignatureValue )
{
-InternalSignatureInformation isi =
m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+if (m_vInternalSignatureInformations.empty())
+{
+OSL_TRACE(XSecController::setSignatureValue: no signature);
+return;
+}
+InternalSignatureInformation isi =
m_vInternalSignatureInformations.back();
isi.signatureInfor.ouSignatureValue = ouSignatureValue;
}
void XSecController::setDigestValue( rtl::OUString ouDigestValue )
{
-SignatureInformation si =
m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1].signatureInfor;
-SignatureReferenceInformation reference =
si.vSignatureReferenceInfors[si.vSignatureReferenceInfors.size()-1];
+if (m_vInternalSignatureInformations.empty())
+{
+OSL_TRACE(XSecController::setDigestValue: no signature);
+return;
+}
+InternalSignatureInformation isi =
m_vInternalSignatureInformations.back();
+if