comphelper/source/misc/docpasswordhelper.cxx | 2 +- filter/source/msfilter/mscodec.cxx | 10 +++++----- helpcontent2 | 2 +- include/rtl/alloc.h | 19 ++++++++++++++++--- oox/source/core/binarycodec.cxx | 6 +++--- sal/rtl/alloc_cache.cxx | 15 +++++++++++++++ sal/rtl/alloc_global.cxx | 2 +- sal/rtl/digest.cxx | 4 ++-- sal/util/sal.map | 5 +++++ toolkit/source/awt/vclxwindow.cxx | 5 +++-- vcl/source/gdi/pdfwriter_impl2.cxx | 5 ++--- 11 files changed, 54 insertions(+), 21 deletions(-)
New commits: commit 8f379ddf5ae945cfec85dced286de4cfa282fd77 Author: Niklas Johansson <[email protected]> Date: Tue Mar 31 14:02:45 2015 +0200 Updated core Project: help 02143d13f587b3ce40834d709ca9c872ac907e13 tdf#89437 Add note, not all languages have autocorrection of ordinal suffixes Not all languages have the convention of printing ordinal suffixes as superscript. For English auto correction of 1st to 1^st can be correct in Swedish auto correction of 1:a to 1^:a is just plain wrong and LibreOffice does not do it anymore so lets add a short note about it in the help. Change-Id: Ic4c9273b74576d2a8d1e0c8ac3adbe4af40185fc Reviewed-on: https://gerrit.libreoffice.org/15088 Reviewed-by: Caolán McNamara <[email protected]> Tested-by: Caolán McNamara <[email protected]> diff --git a/helpcontent2 b/helpcontent2 index b1178f9..02143d1 160000 --- a/helpcontent2 +++ b/helpcontent2 @@ -1 +1 @@ -Subproject commit b1178f96fe29860b1d92c8c150d5169f96a964b2 +Subproject commit 02143d13f587b3ce40834d709ca9c872ac907e13 commit 2ec9d9dd81f3f4ee6785ba938f9a79395972b71e Author: Caolán McNamara <[email protected]> Date: Tue Mar 31 13:36:37 2015 +0100 Resolves: tdf#90228 1.06 turns into a monster Change-Id: I8ebb57fe8b94da2569593ffa7cf374cae64a846a diff --git a/toolkit/source/awt/vclxwindow.cxx b/toolkit/source/awt/vclxwindow.cxx index 5e53141..5886417 100644 --- a/toolkit/source/awt/vclxwindow.cxx +++ b/toolkit/source/awt/vclxwindow.cxx @@ -2331,8 +2331,9 @@ void VCLXWindow::setZoom( float fZoomX, float /*fZoomY*/ ) throw(::com::sun::sta // The implicit conversion from float to double can result in a precision loss, i.e. 1.2 is converted to // 1.200000000047something. To prevent this, we convert explicitly to double, and round it. double nZoom( fZoomX ); - nZoom = ::rtl::math::round( nZoom, 4 ); - GetWindow()->SetZoom( Fraction( nZoom ) ); + Fraction aZoom(::rtl::math::round(nZoom, 4)); + aZoom.ReduceInaccurate(10); // to avoid runovers and BigInt mapping + GetWindow()->SetZoom(aZoom); } } commit 026b17b7d725109f586622755b435ded3673c43a Author: Caolán McNamara <[email protected]> Date: Tue Mar 31 10:20:19 2015 +0100 V597: introduce a rtl_secureZeroMemory Change-Id: Id28046eb318cd3b2ed0b813fd266617547cf6ee2 diff --git a/comphelper/source/misc/docpasswordhelper.cxx b/comphelper/source/misc/docpasswordhelper.cxx index fdcb8a0..217a75e 100644 --- a/comphelper/source/misc/docpasswordhelper.cxx +++ b/comphelper/source/misc/docpasswordhelper.cxx @@ -341,7 +341,7 @@ Sequence< sal_Int8 > DocPasswordHelper::GetXLHashAsSequence( rtl_digest_rawMD5 ( hDigest, reinterpret_cast<sal_uInt8*>(aResultKey.getArray()), aResultKey.getLength() ); // Erase KeyData array and leave. - memset( pKeyData, 0, sizeof(pKeyData) ); + rtl_secureZeroMemory (pKeyData, sizeof(pKeyData)); } return aResultKey; diff --git a/filter/source/msfilter/mscodec.cxx b/filter/source/msfilter/mscodec.cxx index 77c572e..260d191 100644 --- a/filter/source/msfilter/mscodec.cxx +++ b/filter/source/msfilter/mscodec.cxx @@ -373,8 +373,8 @@ bool MSCodec_Std97::VerifyKey ( result = (memcmp (pBuffer, pDigest, sizeof(pDigest)) == 0); // Erase Buffer and Digest arrays. - (void)memset (pBuffer, 0, sizeof(pBuffer)); - (void)memset (pDigest, 0, sizeof(pDigest)); + rtl_secureZeroMemory (pBuffer, sizeof(pBuffer)); + rtl_secureZeroMemory (pDigest, sizeof(pDigest)); } return result; @@ -412,7 +412,7 @@ bool MSCodec_Std97::InitCipher (sal_uInt32 nCounter) pKeyData, RTL_DIGEST_LENGTH_MD5, 0, 0); // Erase KeyData array and leave. - (void)memset (pKeyData, 0, sizeof(pKeyData)); + rtl_secureZeroMemory (pKeyData, sizeof(pKeyData)); return (result == rtl_Cipher_E_None); } @@ -532,8 +532,8 @@ void MSCodec_Std97::GetEncryptKey ( rtl_cipher_encode ( m_hCipher, pDigest, 16, pSaltDigest, 16); - (void)memset (pBuffer, 0, sizeof(pBuffer)); - (void)memset (pDigest, 0, sizeof(pDigest)); + rtl_secureZeroMemory (pBuffer, sizeof(pBuffer)); + rtl_secureZeroMemory (pDigest, sizeof(pDigest)); } } diff --git a/include/rtl/alloc.h b/include/rtl/alloc.h index 835db15..bd3190d 100644 --- a/include/rtl/alloc.h +++ b/include/rtl/alloc.h @@ -71,7 +71,6 @@ SAL_DLLPUBLIC void SAL_CALL rtl_freeMemory ( void * Ptr ) SAL_THROW_EXTERN_C(); - /** Allocate and zero memory. A call to this function will return NULL upon the requested @@ -84,18 +83,32 @@ SAL_DLLPUBLIC void * SAL_CALL rtl_allocateZeroMemory ( sal_Size Bytes ) SAL_THROW_EXTERN_C(); +/** Zero memory + + Fills a block of memory with zeros in a way that is guaranteed to be secure + + @param Ptr [in] pointer to previously allocated memory. + @param Bytes [in] memory size. + + @since LibreOffice 4.5 + */ +SAL_DLLPUBLIC void SAL_CALL rtl_secureZeroMemory ( + void * Ptr, + sal_Size Bytes +) SAL_THROW_EXTERN_C(); + /** Zero and free memory. @param Ptr [in] pointer to previously allocated memory. @param Bytes [in] memory size. - @return none. Memory is zero'ed and released. Ptr is invalid. + @return none. Memory is zero'ed with rtl_secureZeroMemory and released. Ptr + is invalid. */ SAL_DLLPUBLIC void SAL_CALL rtl_freeZeroMemory ( void * Ptr, sal_Size Bytes ) SAL_THROW_EXTERN_C(); - /** Allocate aligned memory. A call to this function will return NULL upon the requested diff --git a/oox/source/core/binarycodec.cxx b/oox/source/core/binarycodec.cxx index 84d5c73..43eb3dc 100644 --- a/oox/source/core/binarycodec.cxx +++ b/oox/source/core/binarycodec.cxx @@ -347,8 +347,8 @@ bool BinaryCodec_RCF::verifyKey( const sal_uInt8 pnVerifier[ 16 ], const sal_uIn bool bResult = memcmp( pnBuffer, pnDigest, sizeof( pnDigest ) ) == 0; // erase buffer and digest arrays and leave - (void)memset( pnBuffer, 0, sizeof( pnBuffer ) ); - (void)memset( pnDigest, 0, sizeof( pnDigest ) ); + rtl_secureZeroMemory (pnBuffer, sizeof(pnBuffer)); + rtl_secureZeroMemory (pnDigest, sizeof(pnDigest)); return bResult; } @@ -379,7 +379,7 @@ bool BinaryCodec_RCF::startBlock( sal_Int32 nCounter ) rtl_cipher_init( mhCipher, rtl_Cipher_DirectionDecode, pnKeyData, RTL_DIGEST_LENGTH_MD5, 0, 0 ); // rrase key data array and leave - (void)memset( pnKeyData, 0, sizeof( pnKeyData ) ); + rtl_secureZeroMemory (pnKeyData, sizeof(pnKeyData)); return eResult == rtl_Cipher_E_None; } diff --git a/sal/rtl/alloc_cache.cxx b/sal/rtl/alloc_cache.cxx index 5944043..578ce33 100644 --- a/sal/rtl/alloc_cache.cxx +++ b/sal/rtl/alloc_cache.cxx @@ -1314,6 +1314,15 @@ rtl_cache_wsupdate_fini(); #if defined(SAL_UNX) +void SAL_CALL +rtl_secureZeroMemory (void *Ptr, sal_Size Bytes) SAL_THROW_EXTERN_C() +{ + //currently glibc doesn't implement memset_s + volatile char *p = reinterpret_cast<volatile char*>(Ptr); + while (Bytes--) + *p++ = 0; +} + #include <sys/time.h> static void * @@ -1369,6 +1378,12 @@ rtl_cache_wsupdate_fini() #elif defined(SAL_W32) +void SAL_CALL +rtl_secureZeroMemory (void *Ptr, sal_Size Bytes) SAL_THROW_EXTERN_C() +{ + RtlSecureZeroMemory(Ptr, Bytes); +} + static DWORD WINAPI rtl_cache_wsupdate_all (void * arg); diff --git a/sal/rtl/alloc_global.cxx b/sal/rtl/alloc_global.cxx index 6931370..60dbc9c 100644 --- a/sal/rtl/alloc_global.cxx +++ b/sal/rtl/alloc_global.cxx @@ -374,7 +374,7 @@ void SAL_CALL rtl_freeZeroMemory (void * p, sal_Size n) SAL_THROW_EXTERN_C() { if (p != 0) { - memset (p, 0, n); + rtl_secureZeroMemory (p, n); rtl_freeMemory (p); } } diff --git a/sal/rtl/digest.cxx b/sal/rtl/digest.cxx index 5aba0ea..d8f4c71 100644 --- a/sal/rtl/digest.cxx +++ b/sal/rtl/digest.cxx @@ -2071,7 +2071,7 @@ static void __rtl_digest_updatePBKDF2 ( for (k = 0; k < DIGEST_CBLOCK_PBKDF2; k++) T[k] ^= U[k]; } - memset (U, 0, DIGEST_CBLOCK_PBKDF2); + rtl_secureZeroMemory (U, DIGEST_CBLOCK_PBKDF2); } /*======================================================================== @@ -2124,7 +2124,7 @@ rtlDigestError SAL_CALL rtl_digest_PBKDF2 ( /* DK ||= T_(i) */ memcpy (pKeyData, T, nKeyLen); - memset (T, 0, DIGEST_CBLOCK_PBKDF2); + rtl_secureZeroMemory (T, DIGEST_CBLOCK_PBKDF2); } memset (&digest, 0, sizeof (digest)); diff --git a/sal/util/sal.map b/sal/util/sal.map index 6acd9c4..2a87243 100644 --- a/sal/util/sal.map +++ b/sal/util/sal.map @@ -678,6 +678,11 @@ LIBO_UDK_4.3 { # symbols available in >= LibO 4.3 osl_areCommandArgsSet; } LIBO_UDK_4.2; +LIBO_UDK_4.5 { # symbols available in >= LibO 4.5 + global: + rtl_secureZeroMemory; +} LIBO_UDK_4.3; + PRIVATE_1.0 { global: osl_detail_ObjectRegistry_storeAddresses; diff --git a/vcl/source/gdi/pdfwriter_impl2.cxx b/vcl/source/gdi/pdfwriter_impl2.cxx index 403d3e5..1bcd5cf 100644 --- a/vcl/source/gdi/pdfwriter_impl2.cxx +++ b/vcl/source/gdi/pdfwriter_impl2.cxx @@ -1220,9 +1220,8 @@ uno::Reference< beans::XMaterialHolder > PDFWriterImpl::initEncryption( const OU xResult.clear(); // trash temporary padded cleartext PWDs - memset( aPadOPW, 0, sizeof(aPadOPW) ); - memset( aPadUPW, 0, sizeof(aPadUPW) ); - + rtl_secureZeroMemory (aPadOPW, sizeof(aPadOPW)); + rtl_secureZeroMemory (aPadUPW, sizeof(aPadUPW)); } return xResult; }
_______________________________________________ Libreoffice-commits mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
