cui/source/dialogs/cuicharmap.cxx | 7
cui/source/inc/chardlg.hxx | 3
cui/source/tabpages/chardlg.cxx | 25 ++-
cui/uiconfig/ui/tsaurldialog.ui | 66
+++-----
filter/source/graphicfilter/icgm/cgm.cxx | 8 -
filter/source/graphicfilter/icgm/class1.cxx | 17 +-
filter/source/graphicfilter/icgm/class4.cxx | 25 ++-
include/sal/log-areas.dox | 1
include/vcl/menu.hxx | 4
officecfg/registry/data/org/openoffice/Office/UI/CalcCommands.xcu | 3
sc/inc/arealink.hxx | 1
sc/inc/refdata.hxx | 2
sc/inc/scabstdlg.hxx | 2
sc/source/core/tool/interpr4.cxx | 19 ++
sc/source/core/tool/interpr6.cxx | 6
sc/source/core/tool/refdata.cxx | 5
sc/source/core/tool/token.cxx | 19 ++
sc/source/ui/attrdlg/scdlgfact.cxx | 9 +
sc/source/ui/attrdlg/scdlgfact.hxx | 8 -
sc/source/ui/docshell/arealink.cxx | 32 +---
sc/source/ui/view/cellsh1.cxx | 69
++++-----
sfx2/source/dialog/dialog.hrc | 3
sfx2/source/dialog/templdlg.cxx | 9 -
sfx2/source/dialog/templdlg.src | 15 ++
sw/qa/extras/ooxmlexport/data/tdf106974_int32Crop.docx |binary
sw/qa/extras/ooxmlexport/ooxmlexport3.cxx | 10 +
sw/source/core/layout/laycache.cxx | 61
+++++++-
sw/source/core/layout/layhelp.hxx | 4
sw/source/filter/ww8/docxattributeoutput.cxx | 8 -
sw/source/filter/ww8/ww8par.hxx | 2
sw/source/filter/ww8/ww8par2.cxx | 44 +++++
sw/source/filter/ww8/ww8par6.cxx | 2
sw/source/filter/ww8/ww8scan.cxx | 5
sw/source/filter/ww8/ww8struc.hxx | 2
vcl/source/window/menu.cxx | 4
vcl/source/window/menufloatingwindow.cxx | 74
++++++----
vcl/source/window/menuitemlist.cxx | 7
vcl/source/window/menuitemlist.hxx | 1
38 files changed, 393 insertions(+), 189 deletions(-)
New commits:
commit 012f2d0a24f649250b89a6ece0462a14c21b84a6
Author: Justin Luth <justin_l...@sil.org>
Date: Thu Apr 6 13:06:29 2017 +0300
tdf#106974 docx export: Crop is "long", not sal_Int16
I got size sal_Int16 from the return value type of the border
spacing, but somehow failed to lookup the return value of GraphicCrop.
It now matches .doc export's sal_Int32.
Bad mistake: regression 8eff1decd91cbfb10094c25d4cf1d2b434a4da72
Change-Id: Ie149630b9da9a067de319149f23ca21f78a186cf
Reviewed-on: https://gerrit.libreoffice.org/36231
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Justin Luth <justin_l...@sil.org>
(cherry picked from commit dd3325f0938aeb79221a0bb765b0fbed0fef42e6)
diff --git a/sw/qa/extras/ooxmlexport/data/tdf106974_int32Crop.docx
b/sw/qa/extras/ooxmlexport/data/tdf106974_int32Crop.docx
new file mode 100755
index 000000000000..e73cf5e28dcf
Binary files /dev/null and
b/sw/qa/extras/ooxmlexport/data/tdf106974_int32Crop.docx differ
diff --git a/sw/qa/extras/ooxmlexport/ooxmlexport3.cxx
b/sw/qa/extras/ooxmlexport/ooxmlexport3.cxx
index e5e4880556c4..08fafb1f25b3 100644
--- a/sw/qa/extras/ooxmlexport/ooxmlexport3.cxx
+++ b/sw/qa/extras/ooxmlexport/ooxmlexport3.cxx
@@ -629,6 +629,16 @@ DECLARE_OOXMLEXPORT_TEST(testImageCrop, "ImageCrop.docx")
CPPUNIT_ASSERT_EQUAL( sal_Int32( 2291 ), aGraphicCropStruct.Bottom );
}
+DECLARE_OOXMLEXPORT_TEST(testTdf106974_int32Crop, "tdf106974_int32Crop.docx")
+{
+ uno::Reference<drawing::XShape> image = getShape(1);
+ uno::Reference<beans::XPropertySet> imageProperties(image, uno::UNO_QUERY);
+ css::text::GraphicCrop aGraphicCropStruct;
+
+ imageProperties->getPropertyValue( "GraphicCrop" ) >>= aGraphicCropStruct;
+ CPPUNIT_ASSERT( sal_Int32( 46000 ) < aGraphicCropStruct.Right );
+}
+
DECLARE_OOXMLEXPORT_TEST(testLineSpacingexport, "test_line_spacing.docx")
{
// The Problem was that the w:line attribute value in w:spacing tag was
incorrect
diff --git a/sw/source/filter/ww8/docxattributeoutput.cxx
b/sw/source/filter/ww8/docxattributeoutput.cxx
index 1b6b786c8b7f..845fac3cf733 100644
--- a/sw/source/filter/ww8/docxattributeoutput.cxx
+++ b/sw/source/filter/ww8/docxattributeoutput.cxx
@@ -4140,10 +4140,10 @@ void DocxAttributeOutput::WriteSrcRect(const SdrObject*
pSdrObj, const SwFrameFo
css::text::GraphicCrop aGraphicCropStruct;
xPropSet->getPropertyValue( "GraphicCrop" ) >>= aGraphicCropStruct;
- sal_Int16 nCropL = aGraphicCropStruct.Left;
- sal_Int16 nCropR = aGraphicCropStruct.Right;
- sal_Int16 nCropT = aGraphicCropStruct.Top;
- sal_Int16 nCropB = aGraphicCropStruct.Bottom;
+ sal_Int32 nCropL = aGraphicCropStruct.Left;
+ sal_Int32 nCropR = aGraphicCropStruct.Right;
+ sal_Int32 nCropT = aGraphicCropStruct.Top;
+ sal_Int32 nCropB = aGraphicCropStruct.Bottom;
// simulate border padding as a negative crop.
const SfxPoolItem* pItem;
commit c064cd8dbc5258db9b0a935cff5fc6868126a3d9
Author: Yousuf Philips <philip...@hotmail.com>
Date: Thu Apr 6 19:33:20 2017 +0400
tdf#104706 Enable icon for Clear Direct Formatting command
Change-Id: Iba3cbd8148794ac984a91d22d33cdec1f4453c5f
Reviewed-on: https://gerrit.libreoffice.org/36221
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Katarina Behrens <katarina.behr...@cib.de>
(cherry picked from commit 54f6a0fe470096f6bdc3942e9f3032e40dbfcd23)
Reviewed-on: https://gerrit.libreoffice.org/36237
Reviewed-by: Adolfo Jayme Barrientos <fit...@ubuntu.com>
(cherry picked from commit bb8b699f217dd0d0f25e4efb37ef5380074c61ca)
diff --git a/officecfg/registry/data/org/openoffice/Office/UI/CalcCommands.xcu
b/officecfg/registry/data/org/openoffice/Office/UI/CalcCommands.xcu
index d843fb219778..b3e62acb5374 100644
--- a/officecfg/registry/data/org/openoffice/Office/UI/CalcCommands.xcu
+++ b/officecfg/registry/data/org/openoffice/Office/UI/CalcCommands.xcu
@@ -41,6 +41,9 @@
<prop oor:name="Label" oor:type="xs:string">
<value xml:lang="en-US">Clear ~Direct Formatting</value>
</prop>
+ <prop oor:name="Properties" oor:type="xs:int">
+ <value>1</value>
+ </prop>
</node>
<node oor:name=".uno:ClearArrowPrecedents" oor:op="replace">
<prop oor:name="Label" oor:type="xs:string">
commit a7e3104ab320bd60ac4f4bf991f252423fe6fc43
Author: Caolán McNamara <caol...@redhat.com>
Date: Thu Apr 6 15:12:10 2017 +0100
ofz: treat short properties as run end
Change-Id: I00a5bab63663e2dde43825707e84568fca6aa594
Reviewed-on: https://gerrit.libreoffice.org/36216
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Michael Stahl <mst...@redhat.com>
(cherry picked from commit fedd27b758db58bfc0e283a03e3fbf7d7fb6090c)
diff --git a/sw/source/filter/ww8/ww8par6.cxx b/sw/source/filter/ww8/ww8par6.cxx
index d1f9e76ba051..1e5b5bf55305 100644
--- a/sw/source/filter/ww8/ww8par6.cxx
+++ b/sw/source/filter/ww8/ww8par6.cxx
@@ -3827,7 +3827,7 @@ void SwWW8ImplReader::Read_Language( sal_uInt16 nId,
const sal_uInt8* pData, sho
return;
}
- if( nLen < 0 ) // end of attribute
+ if (nLen < 2) // end of attribute
m_pCtrlStck->SetAttr( *m_pPaM->GetPoint(), nId );
else
{
commit d16fff201bbbf6677556ae1196295b2a0f111983
Author: Kohei Yoshida <kohei.yosh...@collabora.com>
Date: Wed Mar 22 21:21:31 2017 -0400
tdf#105908: restore previously deleted range references upon undo.
Change-Id: If1932a5eb10da4c50fbcc3329af75f2e7a0a5137
Reviewed-on: https://gerrit.libreoffice.org/35607
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Kohei Yoshida <libreoff...@kohei.us>
(cherry picked from commit 749405af4fc38e0c16dc7e860d23a13dfceb4e40)
Reviewed-on: https://gerrit.libreoffice.org/35672
Reviewed-by: Eike Rathke <er...@redhat.com>
(cherry picked from commit 97ce2a4eb0b2b479d48afe28299ad0ff1d3a264d)
diff --git a/sc/inc/refdata.hxx b/sc/inc/refdata.hxx
index 5f3e7626940a..098f24de28fd 100644
--- a/sc/inc/refdata.hxx
+++ b/sc/inc/refdata.hxx
@@ -190,6 +190,8 @@ struct ScComplexRefData
@return TRUE if changed. */
bool IncEndRowSticky( SCROW nDelta, const ScAddress& rPos );
+ bool IsDeleted() const;
+
#if DEBUG_FORMULA_COMPILER
void Dump( int nIndent = 0 ) const;
#endif
diff --git a/sc/source/core/tool/interpr4.cxx b/sc/source/core/tool/interpr4.cxx
index 7a0b08b06c96..13ab48391fb3 100644
--- a/sc/source/core/tool/interpr4.cxx
+++ b/sc/source/core/tool/interpr4.cxx
@@ -975,10 +975,17 @@ void ScInterpreter::PopSingleRef( ScAddress& rAdr )
break;
case svSingleRef:
{
+ const ScSingleRefData* pRefData = p->GetSingleRef();
+ if (pRefData->IsDeleted())
+ {
+ SetError( FormulaError::NoRef);
+ break;
+ }
+
SCCOL nCol;
SCROW nRow;
SCTAB nTab;
- SingleRefToVars( *p->GetSingleRef(), nCol, nRow, nTab);
+ SingleRefToVars( *pRefData, nCol, nRow, nTab);
rAdr.Set( nCol, nRow, nTab );
if (!pDok->m_TableOpList.empty())
ReplaceCell( rAdr );
@@ -1100,9 +1107,17 @@ void ScInterpreter::PopDoubleRef( ScRange & rRange,
short & rParam, size_t & rRe
nGlobalError = pToken->GetError();
break;
case svDoubleRef:
+ {
--sp;
- DoubleRefToRange( *pToken->GetDoubleRef(), rRange);
+ const ScComplexRefData* pRefData = pToken->GetDoubleRef();
+ if (pRefData->IsDeleted())
+ {
+ SetError( FormulaError::NoRef);
+ break;
+ }
+ DoubleRefToRange( *pRefData, rRange);
break;
+ }
case svRefList:
{
const ScRefList* pList = pToken->GetRefList();
diff --git a/sc/source/core/tool/interpr6.cxx b/sc/source/core/tool/interpr6.cxx
index 368ee2a157ee..c42f0f4545d3 100644
--- a/sc/source/core/tool/interpr6.cxx
+++ b/sc/source/core/tool/interpr6.cxx
@@ -613,6 +613,9 @@ double ScInterpreter::IterateParameters( ScIterFunc eFunc,
bool bTextAsZero )
case svSingleRef :
{
PopSingleRef( aAdr );
+ if (nGlobalError == FormulaError::NoRef)
+ return 0.0;
+
if ( nGlobalError != FormulaError::NONE && ( eFunc == ifCOUNT2
|| eFunc == ifCOUNT ||
( mnSubTotalFlags & SubtotalFlags::IgnoreErrVal ) ) )
{
@@ -676,6 +679,9 @@ double ScInterpreter::IterateParameters( ScIterFunc eFunc,
bool bTextAsZero )
case svRefList :
{
PopDoubleRef( aRange, nParamCount, nRefInList);
+ if (nGlobalError == FormulaError::NoRef)
+ return 0.0;
+
if ( nGlobalError != FormulaError::NONE && ( eFunc == ifCOUNT2
|| eFunc == ifCOUNT ||
( mnSubTotalFlags & SubtotalFlags::IgnoreErrVal ) ) )
{
diff --git a/sc/source/core/tool/refdata.cxx b/sc/source/core/tool/refdata.cxx
index d97289345ae5..5d7d0f320f68 100644
--- a/sc/source/core/tool/refdata.cxx
+++ b/sc/source/core/tool/refdata.cxx
@@ -553,6 +553,11 @@ bool ScComplexRefData::IncEndRowSticky( SCROW nDelta,
const ScAddress& rPos )
return true;
}
+bool ScComplexRefData::IsDeleted() const
+{
+ return Ref1.IsDeleted() || Ref2.IsDeleted();
+}
+
#if DEBUG_FORMULA_COMPILER
void ScComplexRefData::Dump( int nIndent ) const
{
diff --git a/sc/source/core/tool/token.cxx b/sc/source/core/tool/token.cxx
index 77f5c36eef4d..23f986981784 100644
--- a/sc/source/core/tool/token.cxx
+++ b/sc/source/core/tool/token.cxx
@@ -2624,6 +2624,12 @@ void setRefDeleted( ScComplexRefData& rRef, const
sc::RefUpdateContext& rCxt )
}
}
+void restoreDeletedRef( ScComplexRefData& rRef, const sc::RefUpdateContext&
rCxt )
+{
+ restoreDeletedRef(rRef.Ref1, rCxt);
+ restoreDeletedRef(rRef.Ref2, rCxt);
+}
+
bool shrinkRange( const sc::RefUpdateContext& rCxt, ScRange& rRefRange, const
ScRange& rDeletedRange,
const ScComplexRefData& rRef )
{
@@ -2999,6 +3005,19 @@ sc::RefUpdateResult
ScTokenArray::AdjustReferenceOnShift( const sc::RefUpdateCon
}
}
+ if (!rCxt.isDeleted() && rRef.IsDeleted())
+ {
+ // Check if the token has reference to previously
deleted region.
+ ScRange aCheckRange = rRef.toAbs(aNewPos);
+ if (aSelectedRange.In(aCheckRange))
+ {
+ // This reference was previously in the
deleted region. Restore it.
+ restoreDeletedRef(rRef, rCxt);
+ aRes.mbValueChanged = true;
+ break;
+ }
+ }
+
if (rCxt.isInserted())
{
if (expandRange(rCxt, aAbs, aSelectedRange, rRef))
commit 0c6dc960be884d2469c5dffc765bfa34c5507366
Author: Noel Grandin <noel.gran...@collabora.co.uk>
Date: Tue Apr 4 14:16:43 2017 +0200
tdf#106868: fix crash when modify external link
The EndDialog callback Hdl was disposing the Dialog, which is a little
troublesome since the stack wants to go back through the Dialog code
when the callback is done.
Rather just the more normal synchronous Execute() style of Dialog
execute, instead of the asynchronous StartExecuteModal.
Change-Id: I14933bd475da228c9648a6fa0564bda4a60d9d12
Reviewed-on: https://gerrit.libreoffice.org/36074
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Noel Grandin <noel.gran...@collabora.co.uk>
(cherry picked from commit cedbc4031f26ea13b188a4ecc5b90cc9646095fb)
Reviewed-on: https://gerrit.libreoffice.org/36179
(cherry picked from commit 16e2701d02e777673c957ff77bcc0a66e24f9d81)
diff --git a/sc/inc/arealink.hxx b/sc/inc/arealink.hxx
index c7e5aa3d1291..69b6b5a8d40f 100644
--- a/sc/inc/arealink.hxx
+++ b/sc/inc/arealink.hxx
@@ -75,7 +75,6 @@ public:
const ScRange& GetDestArea() const { return aDestArea; }
DECL_LINK( RefreshHdl, Timer*, void );
- DECL_LINK( AreaEndEditHdl, Dialog&, void );
};
#endif
diff --git a/sc/inc/scabstdlg.hxx b/sc/inc/scabstdlg.hxx
index 9b9b130ebf05..67be06b9ad73 100644
--- a/sc/inc/scabstdlg.hxx
+++ b/sc/inc/scabstdlg.hxx
@@ -221,7 +221,7 @@ public:
virtual OUString GetSelectEntry() const = 0;
};
-class AbstractScLinkedAreaDlg : public VclAbstractDialog2
+class AbstractScLinkedAreaDlg : public VclAbstractDialog
{
protected:
virtual ~AbstractScLinkedAreaDlg() override = default;
diff --git a/sc/source/ui/attrdlg/scdlgfact.cxx
b/sc/source/ui/attrdlg/scdlgfact.cxx
index be4d216707b8..733afc03d39a 100644
--- a/sc/source/ui/attrdlg/scdlgfact.cxx
+++ b/sc/source/ui/attrdlg/scdlgfact.cxx
@@ -90,7 +90,6 @@ IMPL_ABSTDLG_BASE(AbstractScInsertCellDlg_Impl);
IMPL_ABSTDLG_BASE(AbstractScInsertContentsDlg_Impl);
IMPL_ABSTDLG_BASE(AbstractScInsertTableDlg_Impl);
IMPL_ABSTDLG_BASE(AbstractScSelEntryDlg_Impl);
-IMPL_ABSTDLG2_BASE(AbstractScLinkedAreaDlg_Impl);
IMPL_ABSTDLG_BASE(AbstractScMetricInputDlg_Impl);
IMPL_ABSTDLG_BASE(AbstractScMoveTableDlg_Impl);
IMPL_ABSTDLG_BASE(AbstractScNameCreateDlg_Impl);
@@ -110,6 +109,14 @@ IMPL_ABSTDLG_BASE(AbstractScImportOptionsDlg_Impl);
IMPL_ABSTDLG_BASE(AbstractScTextImportOptionsDlg_Impl);
IMPL_ABSTDLG_BASE(ScAbstractTabDialog_Impl);
+AbstractScLinkedAreaDlg_Impl::~AbstractScLinkedAreaDlg_Impl()
+{
+}
+short AbstractScLinkedAreaDlg_Impl::Execute()
+{
+ return pDlg->Execute();
+}
+
void ScAbstractTabDialog_Impl::SetCurPageId( sal_uInt16 nId )
{
pDlg->SetCurPageId( nId );
diff --git a/sc/source/ui/attrdlg/scdlgfact.hxx
b/sc/source/ui/attrdlg/scdlgfact.hxx
index 30e69a2aab1e..b069c779efb2 100644
--- a/sc/source/ui/attrdlg/scdlgfact.hxx
+++ b/sc/source/ui/attrdlg/scdlgfact.hxx
@@ -258,8 +258,12 @@ class AbstractScSelEntryDlg_Impl : public
AbstractScSelEntryDlg
class AbstractScLinkedAreaDlg_Impl : public AbstractScLinkedAreaDlg
{
- DECL_ABSTDLG2_BASE( AbstractScLinkedAreaDlg_Impl, ScLinkedAreaDlg)
-
+ ScopedVclPtr<ScLinkedAreaDlg> pDlg;
+public:
+ explicit AbstractScLinkedAreaDlg_Impl( ScLinkedAreaDlg* p)
+ : pDlg(p) {}
+ virtual ~AbstractScLinkedAreaDlg_Impl() override;
+ virtual short Execute() override;
virtual void InitFromOldLink( const OUString& rFile, const
OUString& rFilter,
const OUString& rOptions, const
OUString& rSource,
sal_uLong nRefresh ) override;
diff --git a/sc/source/ui/docshell/arealink.cxx
b/sc/source/ui/docshell/arealink.cxx
index 10127c6e4888..d5b486afdb4b 100644
--- a/sc/source/ui/docshell/arealink.cxx
+++ b/sc/source/ui/docshell/arealink.cxx
@@ -92,7 +92,18 @@ void ScAreaLink::Edit(vcl::Window* pParent, const
Link<SvBaseLink&,void>& /* rEn
OSL_ENSURE(pDlg, "Dialog create fail!");
pDlg->InitFromOldLink( aFileName, aFilterName, aOptions, aSourceArea,
GetRefreshDelay() );
pImpl->m_pDialog = pDlg;
- pDlg->StartExecuteModal( LINK( this, ScAreaLink, AreaEndEditHdl ) );
+ if ( pDlg->Execute() == RET_OK )
+ {
+ aOptions = pImpl->m_pDialog->GetOptions();
+ Refresh( pImpl->m_pDialog->GetURL(), pImpl->m_pDialog->GetFilter(),
+ pImpl->m_pDialog->GetSource(), pImpl->m_pDialog->GetRefresh()
);
+
+ // copy source data from members (set in Refresh) into link name for
dialog
+ OUString aNewLinkName;
+ sfx2::MakeLnkName( aNewLinkName, nullptr, aFileName, aSourceArea,
&aFilterName );
+ SetName( aNewLinkName );
+ }
+ pImpl->m_pDialog.clear(); // dialog is deleted with parent
}
::sfx2::SvBaseLink::UpdateResult ScAreaLink::DataChanged(
@@ -482,23 +493,4 @@ IMPL_LINK_NOARG(ScAreaLink, RefreshHdl, Timer *, void)
Refresh( aFileName, aFilterName, aSourceArea, GetRefreshDelay() );
}
-IMPL_LINK_NOARG(ScAreaLink, AreaEndEditHdl, Dialog&, void)
-{
- // #i76514# can't use link argument to access the dialog,
- // because it's the ScLinkedAreaDlg, not AbstractScLinkedAreaDlg
-
- if ( pImpl->m_pDialog && pImpl->m_pDialog->GetResult() == RET_OK )
- {
- aOptions = pImpl->m_pDialog->GetOptions();
- Refresh( pImpl->m_pDialog->GetURL(), pImpl->m_pDialog->GetFilter(),
- pImpl->m_pDialog->GetSource(), pImpl->m_pDialog->GetRefresh()
);
-
- // copy source data from members (set in Refresh) into link name for
dialog
- OUString aNewLinkName;
- sfx2::MakeLnkName( aNewLinkName, nullptr, aFileName, aSourceArea,
&aFilterName );
- SetName( aNewLinkName );
- }
- pImpl->m_pDialog.clear(); // dialog is deleted with parent
-}
-
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/sc/source/ui/view/cellsh1.cxx b/sc/source/ui/view/cellsh1.cxx
index 2b1fd53c11f8..7433ba0f1f0a 100644
--- a/sc/source/ui/view/cellsh1.cxx
+++ b/sc/source/ui/view/cellsh1.cxx
@@ -2540,16 +2540,16 @@ void ScCellShell::ExecuteEdit( SfxRequest& rReq )
case SID_EXTERNAL_SOURCE:
{
- OUString aFile;
- OUString aFilter;
- OUString aOptions;
- OUString aSource;
- sal_uLong nRefresh=0;
-
const SfxStringItem* pFile =
rReq.GetArg<SfxStringItem>(SID_FILE_NAME);
const SfxStringItem* pSource =
rReq.GetArg<SfxStringItem>(FN_PARAM_1);
if ( pFile && pSource )
{
+ OUString aFile;
+ OUString aFilter;
+ OUString aOptions;
+ OUString aSource;
+ sal_uLong nRefresh=0;
+
aFile = pFile->GetValue();
aSource = pSource->GetValue();
const SfxStringItem* pFilter =
rReq.GetArg<SfxStringItem>(SID_FILTER_NAME);
@@ -2561,6 +2561,8 @@ void ScCellShell::ExecuteEdit( SfxRequest& rReq )
const SfxUInt32Item* pRefresh =
rReq.GetArg<SfxUInt32Item>(FN_PARAM_2);
if ( pRefresh )
nRefresh = pRefresh->GetValue();
+
+ ExecuteExternalSource( aFile, aFilter, aOptions, aSource,
nRefresh, rReq );
}
else
{
@@ -2573,11 +2575,29 @@ void ScCellShell::ExecuteEdit( SfxRequest& rReq )
OSL_ENSURE(pImpl->m_pLinkedDlg, "Dialog create fail!");
delete pImpl->m_pRequest;
pImpl->m_pRequest = new SfxRequest( rReq );
- pImpl->m_pLinkedDlg->StartExecuteModal( LINK( this,
ScCellShell, DialogClosed ) );
- return;
- }
+ OUString sFile, sFilter, sOptions, sSource;
+ sal_uLong nRefresh = 0;
+ if (pImpl->m_pLinkedDlg->Execute() == RET_OK)
+ {
+ sFile = pImpl->m_pLinkedDlg->GetURL();
+ sFilter = pImpl->m_pLinkedDlg->GetFilter();
+ sOptions = pImpl->m_pLinkedDlg->GetOptions();
+ sSource = pImpl->m_pLinkedDlg->GetSource();
+ nRefresh = pImpl->m_pLinkedDlg->GetRefresh();
+ if ( !sFile.isEmpty() )
+ pImpl->m_pRequest->AppendItem( SfxStringItem(
SID_FILE_NAME, sFile ) );
+ if ( !sFilter.isEmpty() )
+ pImpl->m_pRequest->AppendItem( SfxStringItem(
SID_FILTER_NAME, sFilter ) );
+ if ( !sOptions.isEmpty() )
+ pImpl->m_pRequest->AppendItem( SfxStringItem(
SID_FILE_FILTEROPTIONS, sOptions ) );
+ if ( !sSource.isEmpty() )
+ pImpl->m_pRequest->AppendItem( SfxStringItem(
FN_PARAM_1, sSource ) );
+ if ( nRefresh )
+ pImpl->m_pRequest->AppendItem( SfxUInt32Item(
FN_PARAM_2, nRefresh ) );
+ }
- ExecuteExternalSource( aFile, aFilter, aOptions, aSource,
nRefresh, rReq );
+ ExecuteExternalSource( sFile, sFilter, sOptions, sSource,
nRefresh, *(pImpl->m_pRequest) );
+ }
}
break;
@@ -2994,35 +3014,6 @@ void ScCellShell::ExecuteFillSingleEdit()
SC_MOD()->SetInputMode(SC_INPUT_TABLE, &aInit);
}
-IMPL_LINK_NOARG(ScCellShell, DialogClosed, Dialog&, void)
-{
- assert(pImpl->m_pLinkedDlg && "ScCellShell::DialogClosed(): invalid
request");
- assert(pImpl->m_pRequest && "ScCellShell::DialogClosed(): invalid
request");
- OUString sFile, sFilter, sOptions, sSource;
- sal_uLong nRefresh = 0;
-
- if ( pImpl->m_pLinkedDlg->GetResult() == RET_OK )
- {
- sFile = pImpl->m_pLinkedDlg->GetURL();
- sFilter = pImpl->m_pLinkedDlg->GetFilter();
- sOptions = pImpl->m_pLinkedDlg->GetOptions();
- sSource = pImpl->m_pLinkedDlg->GetSource();
- nRefresh = pImpl->m_pLinkedDlg->GetRefresh();
- if ( !sFile.isEmpty() )
- pImpl->m_pRequest->AppendItem( SfxStringItem( SID_FILE_NAME, sFile
) );
- if ( !sFilter.isEmpty() )
- pImpl->m_pRequest->AppendItem( SfxStringItem( SID_FILTER_NAME,
sFilter ) );
- if ( !sOptions.isEmpty() )
- pImpl->m_pRequest->AppendItem( SfxStringItem(
SID_FILE_FILTEROPTIONS, sOptions ) );
- if ( !sSource.isEmpty() )
- pImpl->m_pRequest->AppendItem( SfxStringItem( FN_PARAM_1, sSource
) );
- if ( nRefresh )
- pImpl->m_pRequest->AppendItem( SfxUInt32Item( FN_PARAM_2, nRefresh
) );
- }
-
- ExecuteExternalSource( sFile, sFilter, sOptions, sSource, nRefresh,
*(pImpl->m_pRequest) );
-}
-
CellShell_Impl::~CellShell_Impl()
{
}
commit f75be566b13e6361f9792fb227d6cd2b839e1fb6
Author: Aron Budea <aron.bu...@collabora.com>
Date: Mon Apr 3 02:21:28 2017 +0200
tdf#104686: do not crash if Menu has been somehow disposed
The rare crashes in MenuFloatingWindow::ImplGetStartY() and
MenuFloatingWindow::ImplScroll(bool) likely happen because
of a disposed Menu.
Let's guard against invalid accesses.
Change-Id: Ie31240abbc48c06edd40d0a95f319725cdb3db16
Reviewed-on: https://gerrit.libreoffice.org/36026
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Michael Meeks <michael.me...@collabora.com>
Reviewed-on: https://gerrit.libreoffice.org/36151
Reviewed-by: Aron Budea <aron.bu...@collabora.com>
(cherry picked from commit 9fcb6cb86893b991ceb6395fbabba63c962f59db)
diff --git a/include/vcl/menu.hxx b/include/vcl/menu.hxx
index e09289e451d3..a16e5cccffad 100644
--- a/include/vcl/menu.hxx
+++ b/include/vcl/menu.hxx
@@ -133,7 +133,7 @@ class VCL_DLLPUBLIC Menu : public Resource, public
VclReferenceBase
friend struct ImplMenuDelData;
private:
ImplMenuDelData* mpFirstDel;
- MenuItemList* pItemList; // Liste mit den MenuItems
+ std::unique_ptr<MenuItemList> pItemList; // list with MenuItems
MenuLogo* pLogo;
VclPtr<Menu> pStartedFrom;
VclPtr<vcl::Window> pWindow;
@@ -359,7 +359,7 @@ public:
// Fuer Menu-'Funktionen'
MenuItemList* GetItemList() const
{
- return pItemList;
+ return pItemList.get();
}
// returns the system's menu handle if native menus are supported
diff --git a/vcl/source/window/menu.cxx b/vcl/source/window/menu.cxx
index 854affea713f..0852b953442a 100644
--- a/vcl/source/window/menu.cxx
+++ b/vcl/source/window/menu.cxx
@@ -175,9 +175,11 @@ void Menu::dispose()
bKilled = true;
- delete pItemList;
+ pItemList->Clear();
delete pLogo;
+ pLogo = nullptr;
delete mpLayoutData;
+ mpLayoutData = nullptr;
// Native-support: destroy SalMenu
ImplSetSalMenu( nullptr );
diff --git a/vcl/source/window/menufloatingwindow.cxx
b/vcl/source/window/menufloatingwindow.cxx
index 366aeed1ad1d..6bf2fde56e3e 100644
--- a/vcl/source/window/menufloatingwindow.cxx
+++ b/vcl/source/window/menufloatingwindow.cxx
@@ -152,6 +152,12 @@ long MenuFloatingWindow::ImplGetStartY() const
long nY = 0;
if( pMenu )
{
+ // avoid crash if somehow menu got disposed, and MenuItemList is empty
(workaround for tdf#104686)
+ if ( nFirstEntry > 0 &&
!pMenu->GetItemList()->GetDataFromPos(nFirstEntry - 1) )
+ {
+ return 0;
+ }
+
for ( sal_uInt16 n = 0; n < nFirstEntry; n++ )
nY += pMenu->GetItemList()->GetDataFromPos( n )->aSz.Height();
nY -= pMenu->GetTitleHeight();
@@ -606,45 +612,55 @@ void MenuFloatingWindow::ImplScroll( bool bUp )
nFirstEntry = pMenu->ImplGetPrevVisible( nFirstEntry );
SAL_WARN_IF( nFirstEntry == ITEMPOS_INVALID, "vcl", "Scroll?!" );
- long nScrollEntryHeight = pMenu->GetItemList()->GetDataFromPos(
nFirstEntry )->aSz.Height();
-
- if ( !bScrollDown )
+ // avoid crash if somehow menu got disposed, and MenuItemList is empty
(workaround for tdf#104686)
+ const auto pItemData = pMenu->GetItemList()->GetDataFromPos(
nFirstEntry );
+ if ( pItemData )
{
- bScrollDown = true;
- Invalidate();
- }
+ long nScrollEntryHeight = pItemData->aSz.Height();
- if ( pMenu->ImplGetPrevVisible( nFirstEntry ) == ITEMPOS_INVALID )
- {
- bScrollUp = false;
- Invalidate();
- }
+ if ( !bScrollDown )
+ {
+ bScrollDown = true;
+ Invalidate();
+ }
+
+ if ( pMenu->ImplGetPrevVisible( nFirstEntry ) == ITEMPOS_INVALID )
+ {
+ bScrollUp = false;
+ Invalidate();
+ }
- Scroll( 0, nScrollEntryHeight, ImplCalcClipRegion( false
).GetBoundRect(), ScrollFlags::Clip );
+ Scroll( 0, nScrollEntryHeight, ImplCalcClipRegion( false
).GetBoundRect(), ScrollFlags::Clip );
+ }
}
else if ( bScrollDown && !bUp )
{
- long nScrollEntryHeight = pMenu->GetItemList()->GetDataFromPos(
nFirstEntry )->aSz.Height();
+ // avoid crash if somehow menu got disposed, and MenuItemList is empty
(workaround for tdf#104686)
+ const auto pItemData = pMenu->GetItemList()->GetDataFromPos(
nFirstEntry );
+ if ( pItemData )
+ {
+ long nScrollEntryHeight = pItemData->aSz.Height();
- nFirstEntry = pMenu->ImplGetNextVisible( nFirstEntry );
- SAL_WARN_IF( nFirstEntry == ITEMPOS_INVALID, "vcl", "Scroll?!" );
+ nFirstEntry = pMenu->ImplGetNextVisible( nFirstEntry );
+ SAL_WARN_IF( nFirstEntry == ITEMPOS_INVALID, "vcl", "Scroll?!" );
- if ( !bScrollUp )
- {
- bScrollUp = true;
- Invalidate();
- }
+ if ( !bScrollUp )
+ {
+ bScrollUp = true;
+ Invalidate();
+ }
- long nHeight = GetOutputSizePixel().Height();
- sal_uInt16 nLastVisible;
- static_cast<PopupMenu*>(pMenu.get())->ImplCalcVisEntries( nHeight,
nFirstEntry, &nLastVisible );
- if ( pMenu->ImplGetNextVisible( nLastVisible ) == ITEMPOS_INVALID )
- {
- bScrollDown = false;
- Invalidate();
- }
+ long nHeight = GetOutputSizePixel().Height();
+ sal_uInt16 nLastVisible;
+ static_cast<PopupMenu*>(pMenu.get())->ImplCalcVisEntries( nHeight,
nFirstEntry, &nLastVisible );
+ if ( pMenu->ImplGetNextVisible( nLastVisible ) == ITEMPOS_INVALID )
+ {
+ bScrollDown = false;
+ Invalidate();
+ }
- Scroll( 0, -nScrollEntryHeight, ImplCalcClipRegion( false
).GetBoundRect(), ScrollFlags::Clip );
+ Scroll( 0, -nScrollEntryHeight, ImplCalcClipRegion( false
).GetBoundRect(), ScrollFlags::Clip );
+ }
}
Invalidate();
diff --git a/vcl/source/window/menuitemlist.cxx
b/vcl/source/window/menuitemlist.cxx
index 44757a4778ba..30bd874d9763 100644
--- a/vcl/source/window/menuitemlist.cxx
+++ b/vcl/source/window/menuitemlist.cxx
@@ -135,6 +135,13 @@ void MenuItemList::Remove( size_t nPos )
}
}
+void MenuItemList::Clear()
+{
+ for (MenuItemData* i : maItemList)
+ delete i;
+ maItemList.resize(0);
+}
+
MenuItemData* MenuItemList::GetData( sal_uInt16 nSVId, size_t& rPos ) const
{
for( size_t i = 0, n = maItemList.size(); i < n; ++i )
diff --git a/vcl/source/window/menuitemlist.hxx
b/vcl/source/window/menuitemlist.hxx
index 89befc106e28..556a5a049597 100644
--- a/vcl/source/window/menuitemlist.hxx
+++ b/vcl/source/window/menuitemlist.hxx
@@ -116,6 +116,7 @@ public:
);
void InsertSeparator(const OString &rIdent, size_t nPos);
void Remove( size_t nPos );
+ void Clear();
MenuItemData* GetData( sal_uInt16 nSVId, size_t& rPos ) const;
MenuItemData* GetData( sal_uInt16 nSVId ) const
commit 5ec306f3fb4b8965c4aa0aa14ec09a135471571e
Author: Michael Stahl <mst...@redhat.com>
Date: Mon Apr 3 14:28:56 2017 +0200
tdf#106237 sw: do some basic sanity checking on layout-cache
The bugdoc, with claimed generator AOO4.1.1 on Windows, contains
a bogus layout-cache:
debug:26706:1: nType P nIndex 29 2147483647
debug:26706:1: nType P nIndex 66 2147483647
debug:26706:1: nType P nIndex 105 2147483647
debug:26706:1: nType P nIndex 142 2147483647
debug:26706:1: nType P nIndex 178 2147483647
debug:26706:1: nType P nIndex 205 2147483647
debug:26706:1: nType P nIndex 229 2147483647
debug:26706:1: nType T nIndex 314 65535
Due to a loop-control this causes incorrect pagination if CalcLayout()
is called only once.
It should look like this:
debug:26765:1: nType T nIndex 382 65535
debug:26765:1: nType T nIndex 790 65535
In this case we can easily detect that the indexes and types in
the layout-cache are bogus by checking against the node types, so
do that in SwLayHelper::SwLayHelper().
(cherry picked from commit 8a5374f2fdbd1e15c107133f55930cbc431edbd5)
sw: [loplugin:sallogareas]
(cherry picked from commit 282b3e8c4d45aacae57e3542b872cdbfebcc7195)
loplugin:loopvartoosmall
(cherry picked from commit dbaab58c1442e7f62ef0732376fe5a49840e9fd6)
Change-Id: I7091af49a8c29bf0a11ceff0be9ba84b1f710fdb
Reviewed-on: https://gerrit.libreoffice.org/36046
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Miklos Vajna <vmik...@collabora.co.uk>
(cherry picked from commit 137ad218db262fb3531215adbc88b7093b4999c7)
diff --git a/include/sal/log-areas.dox b/include/sal/log-areas.dox
index e51c82c14970..bd4ab2f1240e 100644
--- a/include/sal/log-areas.dox
+++ b/include/sal/log-areas.dox
@@ -467,6 +467,7 @@ certain functionality.
@li @c sw
@li @c sw.a11y - accessibility
@li @c sw.core - Writer core
+@li @c sw.layout - Writer core view: document layout
@li @c sw.createcopy
@li @c sw.doc
@li @c sw.docappend
diff --git a/sw/source/core/layout/laycache.cxx
b/sw/source/core/layout/laycache.cxx
index 8a5beb52f327..5d3cbafb0d35 100644
--- a/sw/source/core/layout/laycache.cxx
+++ b/sw/source/core/layout/laycache.cxx
@@ -454,6 +454,51 @@ SwActualSection::SwActualSection( SwActualSection *pUp,
}
}
+namespace {
+
+bool sanityCheckLayoutCache(SwLayCacheImpl const& rCache,
+ SwNodes const& rNodes, sal_uLong nNodeIndex)
+{
+ auto const
nStartOfContent(rNodes.GetEndOfContent().StartOfSectionNode()->GetIndex());
+ nNodeIndex -= nStartOfContent;
+ auto const nMaxIndex(rNodes.GetEndOfContent().GetIndex() -
nStartOfContent);
+ for (size_t nIndex = 0; nIndex < rCache.size(); ++nIndex)
+ {
+ auto const nBreakIndex(rCache.GetBreakIndex(nIndex));
+ if (nBreakIndex < nNodeIndex || nMaxIndex <= nBreakIndex)
+ {
+ SAL_WARN("sw.layout",
+ "invalid node index in layout-cache: " << nBreakIndex);
+ return false;
+ }
+ auto const nBreakType(rCache.GetBreakType(nIndex));
+ switch (nBreakType)
+ {
+ case SW_LAYCACHE_IO_REC_PARA:
+ if (!rNodes[nBreakIndex + nStartOfContent]->IsTextNode())
+ {
+ SAL_WARN("sw.layout",
+ "invalid node of type 'P' in layout-cache");
+ return false;
+ }
+ break;
+ case SW_LAYCACHE_IO_REC_TABLE:
+ if (!rNodes[nBreakIndex + nStartOfContent]->IsTableNode())
+ {
+ SAL_WARN("sw.layout",
+ "invalid node of type 'T' in layout-cache");
+ return false;
+ }
+ break;
+ default:
+ assert(false); // Read shouldn't have inserted that
+ }
+ }
+ return true;
+}
+
+} // namespace
+
/** helper class, which utilizes the layout cache information
* to distribute the document content to the right pages.
* It's used by the InsertCnt_(..)-function.
@@ -478,19 +523,19 @@ SwLayHelper::SwLayHelper( SwDoc *pD, SwFrame* &rpF,
SwFrame* &rpP, SwPageFrame*
pImpl = pDoc->GetLayoutCache() ? pDoc->GetLayoutCache()->LockImpl() :
nullptr;
if( pImpl )
{
- nMaxParaPerPage = 1000;
- nStartOfContent =
pDoc->GetNodes().GetEndOfContent().StartOfSectionNode()
- ->GetIndex();
- nNodeIndex -= nStartOfContent;
- nIndex = 0;
- while( nIndex < pImpl->size() && pImpl->GetBreakIndex( nIndex ) <
nNodeIndex )
+ SwNodes const& rNodes(pDoc->GetNodes());
+ if (sanityCheckLayoutCache(*pImpl, rNodes, nNodeIndex))
{
- ++nIndex;
+ nIndex = 0;
+ nStartOfContent =
rNodes.GetEndOfContent().StartOfSectionNode()->GetIndex();
+ nMaxParaPerPage = 1000;
}
- if( nIndex >= pImpl->size() )
+ else
{
pDoc->GetLayoutCache()->UnlockImpl();
pImpl = nullptr;
+ nIndex = USHRT_MAX;
+ nStartOfContent = USHRT_MAX;
}
}
else
diff --git a/sw/source/core/layout/layhelp.hxx
b/sw/source/core/layout/layhelp.hxx
index 57c747b4c0d1..3da3a10bce10 100644
--- a/sw/source/core/layout/layhelp.hxx
+++ b/sw/source/core/layout/layhelp.hxx
@@ -66,9 +66,9 @@ public:
bool Read( SvStream& rStream );
- sal_uLong GetBreakIndex( sal_uInt16 nIdx ) const { return mIndices[ nIdx
]; }
+ sal_uLong GetBreakIndex( size_t nIdx ) const { return mIndices[ nIdx ]; }
sal_Int32 GetBreakOfst( size_t nIdx ) const { return aOffset[ nIdx ]; }
- sal_uInt16 GetBreakType( sal_uInt16 nIdx ) const { return aType[ nIdx ]; }
+ sal_uInt16 GetBreakType( size_t nIdx ) const { return aType[ nIdx ]; }
size_t GetFlyCount() const { return m_FlyCache.size(); }
SwFlyCache& GetFlyCache( size_t nIdx ) { return m_FlyCache[ nIdx ]; }
commit ef7a181168e7f4e6a65d39f70dd16fb5ed11c5f2
Author: Caolán McNamara <caol...@redhat.com>
Date: Fri Mar 31 15:15:31 2017 +0100
Related: tdf#106515 show OpenSymbol if unavailable StarSymbol requested
Change-Id: I442df1c44839642bd1f91afedee577214032466b
(cherry picked from commit 011e1cdbf33e50626f1fefa8b7b4031fa368f3e8)
Reviewed-on: https://gerrit.libreoffice.org/35974
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Miklos Vajna <vmik...@collabora.co.uk>
(cherry picked from commit 7bb46f684ca939fbbbe67bdb1e427e37eec430a7)
diff --git a/cui/source/dialogs/cuicharmap.cxx
b/cui/source/dialogs/cuicharmap.cxx
index 5ac0bf270535..24a03364bd1f 100644
--- a/cui/source/dialogs/cuicharmap.cxx
+++ b/cui/source/dialogs/cuicharmap.cxx
@@ -380,6 +380,13 @@ void SvxCharacterMap::SetCharFont( const vcl::Font& rFont )
// like "Times New Roman;Times" resolved
vcl::Font aTmp( GetFontMetric( rFont ) );
+ if (aTmp.GetFamilyName() == "StarSymbol" &&
m_pFontLB->GetEntryPos(aTmp.GetFamilyName()) == LISTBOX_ENTRY_NOTFOUND)
+ {
+ //if for some reason, like font in an old document, StarSymbol is
requested and its not available, then
+ //try OpenSymbol instead
+ aTmp.SetFamilyName("OpenSymbol");
+ }
+
if ( m_pFontLB->GetEntryPos( aTmp.GetFamilyName() ) ==
LISTBOX_ENTRY_NOTFOUND )
return;
commit 73616e6ae184806f57b75b475fb7e11734501b86
Author: Caolán McNamara <caol...@redhat.com>
Date: Wed Mar 29 17:03:29 2017 +0100
Resolves: tdf#106080 fix explicitly setting automatic in search by format
this is still somewhat broken in that what you see is not what you get
if you don't explicitly set automatic, but clears the regression part
of things in that the old broken behavior is restored instead of the
new broken behavior
Change-Id: I8f53a276ee60f5c9f2f28d3b92a13990cc20314a
(cherry picked from commit d7f1a1689d70b2d66d0f727b6a898ef1a971da9d)
Reviewed-on: https://gerrit.libreoffice.org/35894
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Miklos Vajna <vmik...@collabora.co.uk>
(cherry picked from commit f75cf4c772279f680839e288b3f6104f9f98c13c)
diff --git a/cui/source/inc/chardlg.hxx b/cui/source/inc/chardlg.hxx
index e537150d1c18..1d54b6890b0f 100644
--- a/cui/source/inc/chardlg.hxx
+++ b/cui/source/inc/chardlg.hxx
@@ -173,6 +173,9 @@ class SvxCharEffectsPage : public SvxCharBasePage
private:
static const sal_uInt16 pEffectsRanges[];
+ bool m_bOrigFontColor;
+ bool m_bNewFontColor;
+ Color m_aOrigFontColor;
VclPtr<FixedText> m_pFontColorFT;
VclPtr<SvxColorListBox> m_pFontColorLB;
diff --git a/cui/source/tabpages/chardlg.cxx b/cui/source/tabpages/chardlg.cxx
index 5bb00f455dc9..f9958c81dd1c 100644
--- a/cui/source/tabpages/chardlg.cxx
+++ b/cui/source/tabpages/chardlg.cxx
@@ -1343,6 +1343,8 @@ void SvxCharNamePage::PageCreated(const SfxAllItemSet&
aSet)
SvxCharEffectsPage::SvxCharEffectsPage( vcl::Window* pParent, const
SfxItemSet& rInSet )
: SvxCharBasePage(pParent, "EffectsPage", "cui/ui/effectspage.ui", rInSet)
+ , m_bOrigFontColor(false)
+ , m_bNewFontColor(false)
{
get(m_pFontColorFT, "fontcolorft");
get(m_pFontColorLB, "fontcolorlb");
@@ -1559,6 +1561,7 @@ void SvxCharEffectsPage::ResetColor_Impl( const
SfxItemSet& rSet )
sal_uInt16 nWhich = GetWhich( SID_ATTR_CHAR_COLOR );
SfxItemState eState = rSet.GetItemState( nWhich );
+ m_bOrigFontColor = false;
switch ( eState )
{
case SfxItemState::UNKNOWN:
@@ -1592,22 +1595,29 @@ void SvxCharEffectsPage::ResetColor_Impl( const
SfxItemSet& rSet )
m_pPreviewWin->Invalidate();
m_pFontColorLB->SelectEntry(aColor);
+
+ m_aOrigFontColor = aColor;
+ m_bOrigFontColor = true;
break;
}
}
+ m_bNewFontColor = false;
}
bool SvxCharEffectsPage::FillItemSetColor_Impl( SfxItemSet& rSet )
{
sal_uInt16 nWhich = GetWhich( SID_ATTR_CHAR_COLOR );
- const SvxColorItem* pOld = static_cast<const SvxColorItem*>(GetOldItem(
rSet, SID_ATTR_CHAR_COLOR ));
- bool bChanged = true;
const SfxItemSet& rOldSet = GetItemSet();
- Color aSelectedColor = m_pFontColorLB->GetSelectEntryColor();
+ Color aSelectedColor;
+ bool bChanged = m_bNewFontColor;
- if (pOld && pOld->GetValue() == aSelectedColor)
- bChanged = false;
+ if (bChanged)
+ {
+ aSelectedColor = m_pFontColorLB->GetSelectEntryColor();
+ if (m_bOrigFontColor)
+ bChanged = aSelectedColor != m_aOrigFontColor;
+ }
if (bChanged)
rSet.Put( SvxColorItem( aSelectedColor, nWhich ) );
@@ -1677,8 +1687,10 @@ IMPL_LINK_NOARG(SvxCharEffectsPage, TristClickHdl_Impl,
Button*, void)
}
-IMPL_LINK_NOARG(SvxCharEffectsPage, ColorBoxSelectHdl_Impl, SvxColorListBox&,
void)
+IMPL_LINK(SvxCharEffectsPage, ColorBoxSelectHdl_Impl, SvxColorListBox&, rBox,
void)
{
+ if (m_pFontColorLB == &rBox)
+ m_bNewFontColor = true;
UpdatePreview_Impl();
}
@@ -2113,7 +2125,6 @@ void SvxCharEffectsPage::ChangesApplied()
m_pShadowBtn->SaveValue();
m_pBlinkingBtn->SaveValue();
m_pHiddenBtn->SaveValue();
- m_pFontColorLB->SaveValue();
}
bool SvxCharEffectsPage::FillItemSet( SfxItemSet* rSet )
commit 0e3c6fc907dada12d677de8b730280cebcc46a4d
Author: Caolán McNamara <caol...@redhat.com>
Date: Tue Apr 4 19:13:12 2017 +0100
ofz: check olst sprm for valid ANLD payload len
Change-Id: Ic1b6681a3f48ef0fe3f52eda9db8b7bc003ded55
(cherry picked from commit 98151bf95bda8d647310bdba6936dc6b388b05de)
Reviewed-on: https://gerrit.libreoffice.org/36098
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Michael Stahl <mst...@redhat.com>
(cherry picked from commit 14028af4d978f126779e641a9605c6d4d864b3b6)
diff --git a/sw/source/filter/ww8/ww8par2.cxx b/sw/source/filter/ww8/ww8par2.cxx
index 48417eeb38a6..f93b97a01fb2 100644
--- a/sw/source/filter/ww8/ww8par2.cxx
+++ b/sw/source/filter/ww8/ww8par2.cxx
@@ -952,6 +952,14 @@ void SwWW8ImplReader::Read_OLST( sal_uInt16, const
sal_uInt8* pData, short nLen
m_pNumOlst = nullptr;
return;
}
+
+ if (static_cast<size_t>(nLen) < sizeof(WW8_OLST))
+ {
+ SAL_WARN("sw.ww8", "WW8_OLST property is " << nLen << " long, needs to
be at least " << sizeof(WW8_OLST));
+ m_pNumOlst = nullptr;
+ return;
+ }
+
m_pNumOlst = new WW8_OLST;
if( nLen < sal::static_int_cast< sal_Int32 >(sizeof( WW8_OLST )) ) //
fill if to short
memset( m_pNumOlst, 0, sizeof( *m_pNumOlst ) );
commit 3f4eb2c3ad8ad8894751320aace518ca8b1100f0
Author: Thomas Beck <thomas.b...@cib.de>
Date: Tue Apr 4 13:31:22 2017 +0200
tdf#106938 TSA Dialog: Improve Dialog Layout
Moved Label above the content area
Change-Id: I0a23af5540bedc849c83fd342ac43538827e6b4a
Reviewed-on: https://gerrit.libreoffice.org/36071
Reviewed-by: Samuel Mehrbrodt <samuel.mehrbr...@cib.de>
Tested-by: Samuel Mehrbrodt <samuel.mehrbr...@cib.de>
(cherry picked from commit 3873669fef3cac05a9b530de08f15e0d2a3fdc57)
Reviewed-on: https://gerrit.libreoffice.org/36105
Reviewed-by: Adolfo Jayme Barrientos <fit...@ubuntu.com>
Tested-by: Adolfo Jayme Barrientos <fit...@ubuntu.com>
(cherry picked from commit c15eba1b1de9c41acd76f0b2a16cfbe38bf4fccb)
diff --git a/cui/uiconfig/ui/tsaurldialog.ui b/cui/uiconfig/ui/tsaurldialog.ui
index c1d6bc0a655a..172970d3d9e1 100644
--- a/cui/uiconfig/ui/tsaurldialog.ui
+++ b/cui/uiconfig/ui/tsaurldialog.ui
@@ -1,7 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!-- Generated with glade 3.18.3 -->
<interface>
- <requires lib="gtk+" version="3.0"/>
+ <!-- interface-requires gtk+ 3.0 -->
<object class="GtkDialog" id="TSAURLDialog">
<property name="can_focus">False</property>
<property name="border_width">6</property>
@@ -118,16 +117,15 @@
<property name="top_padding">6</property>
<property name="left_padding">12</property>
<child>
- <object class="GtkGrid" id="grid1">
+ <object class="GtkBox" id="box2">
<property name="visible">True</property>
<property name="can_focus">False</property>
- <property name="hexpand">True</property>
- <property name="vexpand">True</property>
- <property name="row_spacing">6</property>
+ <property name="orientation">vertical</property>
<child>
<object class="GtkLabel" id="label2">
<property name="visible">True</property>
<property name="can_focus">False</property>
+ <property name="margin_bottom">6</property>
<property name="xalign">0</property>
<property name="yalign">0</property>
<property name="label" translatable="yes">Add or
delete Time Stamp Authority URLs</property>
@@ -136,8 +134,25 @@
<property name="max_width_chars">60</property>
</object>
<packing>
- <property name="left_attach">0</property>
- <property name="top_attach">0</property>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">0</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkTreeView" id="urls:border">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="hexpand">True</property>
+ <property name="vexpand">True</property>
+ <child internal-child="selection">
+ <object class="GtkTreeSelection"
id="treeview-selection3"/>
+ </child>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">1</property>
</packing>
</child>
<child>
@@ -154,6 +169,8 @@
<packing>
<property name="left_attach">2</property>
<property name="top_attach">0</property>
+ <property name="width">1</property>
+ <property name="height">1</property>
</packing>
</child>
<child>
@@ -164,37 +181,11 @@
</child>
</object>
<packing>
- <property name="left_attach">0</property>
- <property name="top_attach">1</property>
- </packing>
- </child>
- <child>
- <object class="GtkScrolledWindow" id="scrolledwindow1">
- <property name="visible">True</property>
- <property name="can_focus">True</property>
- <property name="hexpand">True</property>
- <property name="vexpand">True</property>
- <property name="shadow_type">in</property>
- <child>
- <object class="GtkTreeView" id="urls:border">
- <property name="visible">True</property>
- <property name="can_focus">True</property>
- <property name="hexpand">True</property>
- <property name="vexpand">True</property>
- <child internal-child="selection">
- <object class="GtkTreeSelection"
id="urls-selection"/>
- </child>
- </object>
- </child>
- </object>
- <packing>
- <property name="left_attach">1</property>
- <property name="top_attach">0</property>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">2</property>
</packing>
</child>
- <child>
- <placeholder/>
- </child>
</object>
</child>
</object>
@@ -220,6 +211,7 @@
</child>
<action-widgets>
<action-widget response="0">help</action-widget>
+ <action-widget response="0">delete</action-widget>
<action-widget response="0">add</action-widget>
<action-widget response="0">ok</action-widget>
<action-widget response="0">cancel</action-widget>
commit 5be0e69b8773e9cc3723bacdb5766b481e1f9375
Author: Caolán McNamara <caol...@redhat.com>
Date: Tue Apr 4 14:29:00 2017 +0100
Resolves: tdf#106935 restore traditional toolbar labels
(cherry picked from commit f1a53e7a0b388e0a5303fe68dfbb4c60f4c7a0ff)
Change-Id: I00cf16e9ce429f9186cc900a07f4d386e33b8f7b
Reviewed-on: https://gerrit.libreoffice.org/36083
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Adolfo Jayme Barrientos <fit...@ubuntu.com>
(cherry picked from commit 8e0220ce0d9e20577694b56011cfe34d1bc35fc5)
diff --git a/sfx2/source/dialog/dialog.hrc b/sfx2/source/dialog/dialog.hrc
index 800f71750b18..5d4f2538c471 100644
--- a/sfx2/source/dialog/dialog.hrc
+++ b/sfx2/source/dialog/dialog.hrc
@@ -62,6 +62,9 @@
#define STR_STYLE_ELEMTLIST ( RC_DIALOG_BEGIN + 125 )
#define STR_FONT_TABPAGE ( RC_DIALOG_BEGIN + 126 )
#define STR_PREVIEW_CHECKBOX ( RC_DIALOG_BEGIN + 127 )
+#define STR_STYLE_FILL_FORMAT_MODE ( RC_DIALOG_BEGIN + 128 )
+#define STR_STYLE_NEW_STYLE_FROM_SELECTION ( RC_DIALOG_BEGIN + 129 )
+#define STR_STYLE_UPDATE_STYLE ( RC_DIALOG_BEGIN + 130 )
#endif
diff --git a/sfx2/source/dialog/templdlg.cxx b/sfx2/source/dialog/templdlg.cxx
index 7ffe615edaea..994e3ccb1a3f 100644
--- a/sfx2/source/dialog/templdlg.cxx
+++ b/sfx2/source/dialog/templdlg.cxx
@@ -2196,18 +2196,15 @@
SfxTemplateDialog_Impl::SfxTemplateDialog_Impl(SfxBindings* pB, SfxTemplatePanel
if (xUICommands.is())
{
uno::Any aCommand = xUICommands->getByName(".uno:StyleApply");
- OUString sLabel = lcl_GetLabel( aCommand );
- m_aActionTbR->InsertItem( SID_STYLE_WATERCAN, sLabel );
+ m_aActionTbR->InsertItem( SID_STYLE_WATERCAN,
SfxResId(STR_STYLE_FILL_FORMAT_MODE).toString() );
m_aActionTbR->SetHelpId(SID_STYLE_WATERCAN, HID_TEMPLDLG_WATERCAN);
aCommand = xUICommands->getByName(".uno:StyleNewByExample");
- sLabel = lcl_GetLabel( aCommand );
- m_aActionTbR->InsertItem( SID_STYLE_NEW_BY_EXAMPLE, sLabel );
+ m_aActionTbR->InsertItem( SID_STYLE_NEW_BY_EXAMPLE,
SfxResId(STR_STYLE_NEW_STYLE_FROM_SELECTION).toString() );
m_aActionTbR->SetHelpId(SID_STYLE_NEW_BY_EXAMPLE,
HID_TEMPLDLG_NEWBYEXAMPLE);
aCommand = xUICommands->getByName(".uno:StyleUpdateByExample");
- sLabel = lcl_GetLabel( aCommand );
- m_aActionTbR->InsertItem( SID_STYLE_UPDATE_BY_EXAMPLE, sLabel );
+ m_aActionTbR->InsertItem( SID_STYLE_UPDATE_BY_EXAMPLE,
SfxResId(STR_STYLE_UPDATE_STYLE).toString() );
m_aActionTbR->SetHelpId(SID_STYLE_UPDATE_BY_EXAMPLE,
HID_TEMPLDLG_UPDATEBYEXAMPLE);
}
}
diff --git a/sfx2/source/dialog/templdlg.src b/sfx2/source/dialog/templdlg.src
index 0381acfbb7c8..f0c1e50cdfd6 100644
--- a/sfx2/source/dialog/templdlg.src
+++ b/sfx2/source/dialog/templdlg.src
@@ -44,4 +44,19 @@ String STR_STYLE_FILTER_HIERARCHICAL
Text [ en-US ] = "Hierarchical" ;
};
+String STR_STYLE_FILL_FORMAT_MODE
+{
+ Text [ en-US ] = "Fill Format Mode" ;
+};
+
+String STR_STYLE_NEW_STYLE_FROM_SELECTION
+{
+ Text [ en-US ] = "New Style from Selection" ;
+};
+
+String STR_STYLE_UPDATE_STYLE
+{
+ Text [ en-US ] = "Update Style" ;
+};
+
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
commit 8b4782a6ff19fb4cd5bf006c20cbec4c41fba69e
Author: Caolán McNamara <caol...@redhat.com>
Date: Tue Apr 4 12:31:04 2017 +0100
ofz: guard against bogus sprm len
Change-Id: I9b4074e1024753549f468f427afbfdf9cd01b674
(cherry picked from commit d30fb62f4f1022ae6294e246974d0018596cf8ec)
ofz: guard harder against bogus sprm len
Change-Id: Ic82526e1454b24f094d3deee89647e88760bc44b
(cherry picked from commit 924624b40a97d6925f66374259c2c21707805fcd)
Reviewed-on: https://gerrit.libreoffice.org/36078
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Michael Stahl <mst...@redhat.com>
(cherry picked from commit feecc82753c48b1c82df2315896b9996e33af2e2)
diff --git a/sw/source/filter/ww8/ww8scan.cxx b/sw/source/filter/ww8/ww8scan.cxx
index b2a1fe3d04ff..439acd15ecd0 100644
--- a/sw/source/filter/ww8/ww8scan.cxx
+++ b/sw/source/filter/ww8/ww8scan.cxx
@@ -4902,6 +4902,11 @@ void WW8PLCFMan::GetSprmStart( short nIdx,
WW8PLCFManResult* pRes ) const
{
// Length of actual sprm
pRes->nMemLen = maSprmParser.GetSprmSize(pRes->nSprmId, pRes->pMemPos);
+ if (pRes->nMemLen > p->nSprmsLen)
+ {
+ SAL_WARN("sw.ww8", "Short sprm, len " << pRes->nMemLen << "
claimed, max possible is " << p->nSprmsLen);
+ pRes->nSprmId = 0;
+ }
}
}
commit 89fc91553330c9b14f87032abd72fe4383f3da96
Author: Caolán McNamara <caol...@redhat.com>
Date: Mon Apr 3 21:22:00 2017 +0100
ofz: check anldPap sprm for valid ANLD payload len
Change-Id: Ie034e3b37e01c29cf19fe8ad78b1121f6eadecb2
Reviewed-on: https://gerrit.libreoffice.org/36053
Reviewed-by: Caolán McNamara <caol...@redhat.com>
Tested-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit 29cf858a971273039fff50808082f231dbd43c92)
Reviewed-on: https://gerrit.libreoffice.org/36075
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Michael Stahl <mst...@redhat.com>
(cherry picked from commit 5d5731a372e540fbb9344533b6dd7e06fc123687)
diff --git a/sw/source/filter/ww8/ww8par2.cxx b/sw/source/filter/ww8/ww8par2.cxx
index f214d213f85b..48417eeb38a6 100644
--- a/sw/source/filter/ww8/ww8par2.cxx
+++ b/sw/source/filter/ww8/ww8par2.cxx
@@ -883,6 +883,13 @@ void SwWW8ImplReader::Read_ANLevelDesc( sal_uInt16, const
sal_uInt8* pData, shor
return;
}
+ if (static_cast<size_t>(nLen) < sizeof(WW8_ANLD))
+ {
+ SAL_WARN("sw.ww8", "ANLevelDesc property is " << nLen << " long, needs
to be at least " << sizeof(WW8_ANLD));
+ m_nSwNumLevel = 0xff;
+ return;
+ }
+
if( m_nSwNumLevel <= MAXLEVEL // Value range mapping WW:1..9 ->
SW:0..8
&& m_nSwNumLevel <= 9 ){ // No Bullets or Numbering
commit 3e2c275cb5b6697588526951155ec90327e2ba7d
Author: Caolán McNamara <caol...@redhat.com>
Date: Sun Apr 2 11:31:10 2017 +0100
ofz: check bounds on read
Change-Id: I07779bec876b90e36f20a81d6dbf06ae727edf85
(cherry picked from commit fb05611064e12c8eda09bc32c42544cde8c2ab49)
Reviewed-on: https://gerrit.libreoffice.org/36018
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Michael Stahl <mst...@redhat.com>
(cherry picked from commit daa13c049f1d527e51a776f75748ddfba4e9666b)
diff --git a/filter/source/graphicfilter/icgm/cgm.cxx
b/filter/source/graphicfilter/icgm/cgm.cxx
index 00d3ceca3567..7cdac8fadd54 100644
--- a/filter/source/graphicfilter/icgm/cgm.cxx
+++ b/filter/source/graphicfilter/icgm/cgm.cxx
@@ -101,7 +101,7 @@ sal_uInt32 CGM::GetBackGroundColor()
sal_uInt32 CGM::ImplGetUI16( sal_uInt32 /*nAlign*/ )
{
sal_uInt8* pSource = mpSource + mnParaSize;
- if (pSource + 2 > mpEndValidSource)
+ if (mpEndValidSource - pSource < 2)
throw css::uno::Exception("attempt to read past end of input",
nullptr);
mnParaSize += 2;
return ( pSource[ 0 ] << 8 ) + pSource[ 1 ];
@@ -115,7 +115,7 @@ sal_uInt8 CGM::ImplGetByte( sal_uInt32 nSource, sal_uInt32
nPrecision )
sal_Int32 CGM::ImplGetI( sal_uInt32 nPrecision )
{
sal_uInt8* pSource = mpSource + mnParaSize;
- if (pSource + nPrecision > mpEndValidSource)
+ if (static_cast<sal_uIntPtr>(mpEndValidSource - pSource) < nPrecision)
throw css::uno::Exception("attempt to read past end of input",
nullptr);
mnParaSize += nPrecision;
switch( nPrecision )
@@ -147,7 +147,7 @@ sal_Int32 CGM::ImplGetI( sal_uInt32 nPrecision )
sal_uInt32 CGM::ImplGetUI( sal_uInt32 nPrecision )
{
sal_uInt8* pSource = mpSource + mnParaSize;
- if (pSource + nPrecision > mpEndValidSource)
+ if (static_cast<sal_uIntPtr>(mpEndValidSource - pSource) < nPrecision)
throw css::uno::Exception("attempt to read past end of input",
nullptr);
mnParaSize += nPrecision;
switch( nPrecision )
@@ -202,7 +202,7 @@ double CGM::ImplGetFloat( RealPrecision eRealPrecision,
sal_uInt32 nRealSize )
const bool bCompatible = false;
#endif
- if (mpSource + mnParaSize + nRealSize > mpEndValidSource)
+ if (static_cast<sal_uIntPtr>(mpEndValidSource - (mpSource + mnParaSize)) <
nRealSize)
throw css::uno::Exception("attempt to read past end of input",
nullptr);
if ( bCompatible )
diff --git a/filter/source/graphicfilter/icgm/class1.cxx
b/filter/source/graphicfilter/icgm/class1.cxx
index 641355924f74..895dd8247d0b 100644
--- a/filter/source/graphicfilter/icgm/class1.cxx
+++ b/filter/source/graphicfilter/icgm/class1.cxx
@@ -176,8 +176,11 @@ void CGM::ImplDoClass1()
{
while ( mnParaSize < mnElementSize )
{
- sal_uInt32 nSize;
- nSize = ImplGetUI( 1 );
+ sal_uInt32 nSize = ImplGetUI(1);
+
+ if (static_cast<sal_uIntPtr>(mpEndValidSource - (mpSource +
mnParaSize)) < nSize)
+ throw css::uno::Exception("attempt to read past end of
input", nullptr);
+
pElement->aFontList.InsertName( mpSource + mnParaSize, nSize );
mnParaSize += nSize;
}
@@ -187,10 +190,12 @@ void CGM::ImplDoClass1()
{
while ( mnParaSize < mnElementSize )
{
- sal_uInt32 nCharSetType;
- sal_uInt32 nSize;
- nCharSetType = ImplGetUI16();
- nSize = ImplGetUI( 1 );
+ sal_uInt32 nCharSetType = ImplGetUI16();
+ sal_uInt32 nSize = ImplGetUI(1);
+
+ if (static_cast<sal_uIntPtr>(mpEndValidSource - (mpSource +
mnParaSize)) < nSize)
+ throw css::uno::Exception("attempt to read past end of
input", nullptr);
+
pElement->aFontList.InsertCharSet( (CharSetType)nCharSetType,
mpSource + mnParaSize, nSize );
mnParaSize += nSize;
}
diff --git a/filter/source/graphicfilter/icgm/class4.cxx
b/filter/source/graphicfilter/icgm/class4.cxx
index 442f10dc087d..ff574c4eece4 100644
--- a/filter/source/graphicfilter/icgm/class4.cxx
+++ b/filter/source/graphicfilter/icgm/class4.cxx
@@ -178,15 +178,18 @@ void CGM::ImplDoClass4()
case 0x04 : /*Text*/
{
FloatPoint aFloatPoint;
- sal_uInt32 nType, nSize;
if ( mbFigure )
mpOutAct->CloseRegion();
ImplGetPoint ( aFloatPoint, true );
- nType = ImplGetUI16( 4 );
- nSize = ImplGetUI( 1 );
- mpSource[ mnParaSize + nSize ] = 0;
+ sal_uInt32 nType = ImplGetUI16( 4 );
+ sal_uInt32 nSize = ImplGetUI( 1 );
+
+ if (static_cast<sal_uIntPtr>(mpEndValidSource - (mpSource +
mnParaSize)) < nSize)
+ throw css::uno::Exception("attempt to read past end of
input", nullptr);
+
+ mpSource[mnParaSize + nSize] = 0;
awt::Size aSize;
awt::Point aPoint( (long)aFloatPoint.X, (long)aFloatPoint.Y );
@@ -200,7 +203,6 @@ void CGM::ImplDoClass4()
{
double dx, dy;
FloatPoint aFloatPoint;
- sal_uInt32 nType, nSize;
if ( mbFigure )
mpOutAct->CloseRegion();
@@ -219,8 +221,11 @@ void CGM::ImplDoClass4()
ImplMapDouble( dy );
ImplGetPoint ( aFloatPoint, true );
- nType = ImplGetUI16( 4 );
- nSize = ImplGetUI( 1 );
+ sal_uInt32 nType = ImplGetUI16(4);
+ sal_uInt32 nSize = ImplGetUI(1);
+
+ if (static_cast<sal_uIntPtr>(mpEndValidSource - (mpSource +
mnParaSize)) < nSize)
+ throw css::uno::Exception("attempt to read past end of
input", nullptr);
mpSource[ mnParaSize + nSize ] = 0;
@@ -234,10 +239,12 @@ void CGM::ImplDoClass4()
case 0x06 : /*Append Text*/
{
- sal_uInt32 nSize;
sal_uInt32 nType = ImplGetUI16( 4 );
+ sal_uInt32 nSize = ImplGetUI( 1 );
+
+ if (static_cast<sal_uIntPtr>(mpEndValidSource - (mpSource +
mnParaSize)) < nSize)
+ throw css::uno::Exception("attempt to read past end of
input", nullptr);
- nSize = ImplGetUI( 1 );
mpSource[ mnParaSize + nSize ] = 0;
mpOutAct->AppendText( reinterpret_cast<char*>(mpSource) +
mnParaSize, nSize, (FinalFlag)nType );
commit acc586d99d4bf1059d61308c7bb6c1750e06774a
Author: Caolán McNamara <caol...@redhat.com>
Date: Mon Apr 3 20:36:06 2017 +0100
ofz: check anlv text bounds
Change-Id: I6288aae2d439cde6a2b95c005a2090f73e21bb7a
(cherry picked from commit 3feabd87ad8066b45b55d61cd72684e47fd79082)
Reviewed-on: https://gerrit.libreoffice.org/36051
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Michael Stahl <mst...@redhat.com>
(cherry picked from commit 09f5f4a39e4a9304d81565c33c009e8e0552778d)
diff --git a/sw/source/filter/ww8/ww8par.hxx b/sw/source/filter/ww8/ww8par.hxx
index 7a986b677b05..3b4b3dd935f4 100644
--- a/sw/source/filter/ww8/ww8par.hxx
+++ b/sw/source/filter/ww8/ww8par.hxx
@@ -1537,7 +1537,7 @@ private:
// the corresponding structures are: LSTF, LVLF, LFO LFOLVL
void SetAnlvStrings(SwNumFormat &rNum, WW8_ANLV const &rAV, const
sal_uInt8* pText,
- bool bOutline);
+ size_t nStart, size_t nElements, bool bOutline);
void SetAnld(SwNumRule* pNumR, WW8_ANLD const * pAD, sal_uInt8 nSwLevel,
bool bOutLine);
void SetNumOlst( SwNumRule* pNumR, WW8_OLST* pO, sal_uInt8 nSwLevel );
SwNumRule* GetStyRule();
diff --git a/sw/source/filter/ww8/ww8par2.cxx b/sw/source/filter/ww8/ww8par2.cxx
index 76b7b9dffae0..f214d213f85b 100644
--- a/sw/source/filter/ww8/ww8par2.cxx
+++ b/sw/source/filter/ww8/ww8par2.cxx
@@ -680,8 +680,14 @@ static void SetBaseAnlv(SwNumFormat &rNum, WW8_ANLV const
&rAV, sal_uInt8 nSwLev
}
void SwWW8ImplReader::SetAnlvStrings(SwNumFormat &rNum, WW8_ANLV const &rAV,
- const sal_uInt8* pText, bool bOutline)
+ const sal_uInt8* pText, size_t nStart, size_t nElements, bool bOutline)
{
+ if (nStart > nElements)
+ return;
+
+ pText += nStart;
+ nElements -= nStart;
+
bool bInsert = false; // Default
rtl_TextEncoding eCharSet = m_eStructCharSet;
@@ -689,13 +695,26 @@ void SwWW8ImplReader::SetAnlvStrings(SwNumFormat &rNum,
WW8_ANLV const &rAV,
bool bListSymbol = pF && ( pF->chs == 2 ); // Symbol/WingDings/...
OUString sText;
+ sal_uInt32 nLen = rAV.cbTextBefore + rAV.cbTextAfter;
if (m_bVer67)
{
- sText = OUString(reinterpret_cast<char const *>(pText),
rAV.cbTextBefore + rAV.cbTextAfter, eCharSet);
+ if (nLen > nElements)
+ {
+ SAL_WARN("sw.ww8", "SetAnlvStrings: ignoring out of range "
+ << nLen << " vs " << nElements << " max");
+ return;
+ }
+ sText = OUString(reinterpret_cast<char const *>(pText), nLen,
eCharSet);
}
else
{
- for(sal_Int32 i = 0; i < rAV.cbTextBefore + rAV.cbTextAfter; ++i,
pText += 2)
+ if (nLen > nElements / 2)
+ {
+ SAL_WARN("sw.ww8", "SetAnlvStrings: ignoring out of range "
+ << nLen << " vs " << nElements / 2 << " max");
+ return;
+ }
+ for(sal_uInt32 i = 0; i < nLen; ++i, pText += 2)
{
sText += OUStringLiteral1(SVBT16ToShort(*reinterpret_cast<SVBT16
const *>(pText)));
}
@@ -780,7 +799,7 @@ void SwWW8ImplReader::SetAnld(SwNumRule* pNumR, WW8_ANLD
const * pAD, sal_uInt8
m_bAktAND_fNumberAcross = 0 != pAD->fNumberAcross;
WW8_ANLV const &rAV = pAD->eAnlv;
SetBaseAnlv(aNF, rAV, nSwLevel); // set the base
format
- SetAnlvStrings(aNF, rAV, pAD->rgchAnld, bOutLine ); // set the rest
+ SetAnlvStrings(aNF, rAV, pAD->rgchAnld, 0,
SAL_N_ELEMENTS(pAD->rgchAnld), bOutLine); // set the rest
}
pNumR->Set(nSwLevel, aNF);
}
@@ -910,7 +929,7 @@ void SwWW8ImplReader::SetNumOlst(SwNumRule* pNumR,
WW8_OLST* pO, sal_uInt8 nSwLe
if (!m_bVer67)
nTextOfs *= 2;
- SetAnlvStrings(aNF, rAV, pO->rgch + nTextOfs, true); // and apply
+ SetAnlvStrings(aNF, rAV, pO->rgch, nTextOfs, SAL_N_ELEMENTS(pO->rgch),
true); // and apply
pNumR->Set(nSwLevel, aNF);
}
diff --git a/sw/source/filter/ww8/ww8struc.hxx
b/sw/source/filter/ww8/ww8struc.hxx
index 097391dde1e2..ba7768caac0b 100644
--- a/sw/source/filter/ww8/ww8struc.hxx
+++ b/sw/source/filter/ww8/ww8struc.hxx
@@ -649,7 +649,7 @@ struct WW8_ANLD
sal_uInt8 fNumberAcross; // 0x11 number across cells in table
rows(instead of down)
sal_uInt8 fRestartHdn; // 0x12 restart heading number on section
boundary
sal_uInt8 fSpareX; // 0x13 unused( should be 0)
- sal_uInt8 rgchAnld[32]; // 0x14 characters displayed before/after
autonumber
+ sal_uInt8 rgchAnld[32]; // 0x14 characters displayed before/after
autonumber
};
struct WW8_OLST
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
