download.lst | 4 external/openssl/UnpackedTarball_openssl.mk | 1 external/openssl/openssl-1.0.2k-cve-2020-1971.patch.1 | 578 ++++++++++++++++++ external/poppler/StaticLibrary_poppler.mk | 22 external/poppler/poppler-config.patch.1 | 72 -- sw/source/core/doc/DocumentSettingManager.cxx | 1 6 files changed, 622 insertions(+), 56 deletions(-)
New commits: commit 6bcdb499c6d622b5cf7c167f065a8c7e1d74b003 Author: Michael Stahl <[email protected]> AuthorDate: Wed Jan 6 19:30:07 2021 +0100 Commit: Michael Stahl <[email protected]> CommitDate: Fri Jan 8 12:49:25 2021 +0100 poppler: upgrade to release 21.01.0 Fixes CVE-2020-27778, CVE-2020-35702 and changelogs mention lots of fuzzing fixes. Change-Id: Ib07bdee726905e74afc13a01bbbd53f218121744 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108912 Tested-by: Jenkins Reviewed-by: Michael Stahl <[email protected]> (cherry picked from commit 48e8b32a9b66722bbb28fc15840b3706a461aeb7) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108904 Tested-by: Michael Stahl <[email protected]> Reviewed-by: Thorsten Behrens <[email protected]> (cherry picked from commit fb185106492f5aabac6ab57ae90cd81d51480093) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108949 Tested-by: Thorsten Behrens <[email protected]> diff --git a/download.lst b/download.lst index 856885cde73f..6090492d12bd 100644 --- a/download.lst +++ b/download.lst @@ -208,8 +208,8 @@ export PIXMAN_SHA256SUM := 21b6b249b51c6800dc9553b65106e1e37d0e25df942c90531d4c3 export PIXMAN_TARBALL := e80ebae4da01e77f68744319f01d52a3-pixman-0.34.0.tar.gz export LIBPNG_SHA256SUM := 505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca export LIBPNG_TARBALL := libpng-1.6.37.tar.xz -export POPPLER_SHA256SUM := 234f8e573ea57fb6a008e7c1e56bfae1af5d1adf0e65f47555e1ae103874e4df -export POPPLER_TARBALL := poppler-0.82.0.tar.xz +export POPPLER_SHA256SUM := 016dde34e5f868ea98a32ca99b643325a9682281500942b7113f4ec88d20e2f3 +export POPPLER_TARBALL := poppler-21.01.0.tar.xz export POSTGRESQL_SHA256SUM := a754c02f7051c2f21e52f8669a421b50485afcde9a581674d6106326b189d126 export POSTGRESQL_TARBALL := postgresql-9.2.24.tar.bz2 export PYTHON_SHA256SUM := 06a0a9f1bf0d8cd1e4121194d666c4e28ddae4dd54346de6c343206599f02136 diff --git a/external/poppler/StaticLibrary_poppler.mk b/external/poppler/StaticLibrary_poppler.mk index 8bf9f528ee9e..3cc0a95e3617 100644 --- a/external/poppler/StaticLibrary_poppler.mk +++ b/external/poppler/StaticLibrary_poppler.mk @@ -35,6 +35,23 @@ endif $(eval $(call gb_StaticLibrary_set_generated_cxx_suffix,poppler,cc)) +$(eval $(call gb_StaticLibrary_add_generated_cobjects,poppler,\ + UnpackedTarball/poppler/poppler/CourierWidths.pregenerated \ + UnpackedTarball/poppler/poppler/CourierBoldWidths.pregenerated \ + UnpackedTarball/poppler/poppler/CourierBoldObliqueWidths.pregenerated \ + UnpackedTarball/poppler/poppler/CourierObliqueWidths.pregenerated \ + UnpackedTarball/poppler/poppler/HelveticaWidths.pregenerated \ + UnpackedTarball/poppler/poppler/HelveticaBoldWidths.pregenerated \ + UnpackedTarball/poppler/poppler/HelveticaBoldObliqueWidths.pregenerated \ + UnpackedTarball/poppler/poppler/HelveticaObliqueWidths.pregenerated \ + UnpackedTarball/poppler/poppler/SymbolWidths.pregenerated \ + UnpackedTarball/poppler/poppler/TimesBoldWidths.pregenerated \ + UnpackedTarball/poppler/poppler/TimesBoldItalicWidths.pregenerated \ + UnpackedTarball/poppler/poppler/TimesItalicWidths.pregenerated \ + UnpackedTarball/poppler/poppler/TimesRomanWidths.pregenerated \ + UnpackedTarball/poppler/poppler/ZapfDingbatsWidths.pregenerated \ +)) + $(eval $(call gb_StaticLibrary_add_generated_exception_objects,poppler,\ UnpackedTarball/poppler/goo/gfile \ UnpackedTarball/poppler/goo/GooTimer \ @@ -56,8 +73,7 @@ $(eval $(call gb_StaticLibrary_add_generated_exception_objects,poppler,\ UnpackedTarball/poppler/fofi/FoFiIdentifier \ UnpackedTarball/poppler/poppler/Annot \ UnpackedTarball/poppler/poppler/Array \ - UnpackedTarball/poppler/poppler/BuiltinFont \ - UnpackedTarball/poppler/poppler/BuiltinFontTables \ + UnpackedTarball/poppler/poppler/BBoxOutputDev \ UnpackedTarball/poppler/poppler/CachedFile \ UnpackedTarball/poppler/poppler/Catalog \ UnpackedTarball/poppler/poppler/CertificateInfo \ @@ -79,6 +95,7 @@ $(eval $(call gb_StaticLibrary_add_generated_exception_objects,poppler,\ UnpackedTarball/poppler/poppler/Hints \ UnpackedTarball/poppler/poppler/JArithmeticDecoder \ UnpackedTarball/poppler/poppler/JBIG2Stream \ + UnpackedTarball/poppler/poppler/JSInfo \ UnpackedTarball/poppler/poppler/Lexer \ UnpackedTarball/poppler/poppler/Link \ UnpackedTarball/poppler/poppler/Linearization \ @@ -93,6 +110,7 @@ $(eval $(call gb_StaticLibrary_add_generated_exception_objects,poppler,\ UnpackedTarball/poppler/poppler/PageTransition \ UnpackedTarball/poppler/poppler/Parser \ UnpackedTarball/poppler/poppler/PDFDoc \ + UnpackedTarball/poppler/poppler/PDFDocBuilder \ UnpackedTarball/poppler/poppler/PDFDocEncoding \ UnpackedTarball/poppler/poppler/PDFDocFactory \ UnpackedTarball/poppler/poppler/ProfileData \ diff --git a/external/poppler/poppler-config.patch.1 b/external/poppler/poppler-config.patch.1 index cb74cd66fb5e..b902402ea4e7 100644 --- a/external/poppler/poppler-config.patch.1 +++ b/external/poppler/poppler-config.patch.1 @@ -1,5 +1,7 @@ *three* poppler config headers +note: to get the 3rd one, use -DENABLE_CPP=on + mkdir build && cd build && cmake .. -DENABLE_DCTDECODER=libjpeg -DHAVE_CAIRO=off -DENABLE_LIBOPENJPEG=none -DENABLE_CMS=none -DENABLE_LIBCURL=off -DENABLE_ZLIB=off -DENABLE_ZLIB_UNCOMPRESS=off -DENABLE_NSS3=off -DENABLE_LIBPNG=off -DENABLE_LIBTIFF=off -DENABLE_SPLASH=off -DENABLE_UTILS=off -DENABLE_CPP=off -DENABLE_GLIB=off -DENABLE_GOBJECT_INTROSPECTION=off -DENABLE_GTK_DOC=off -DENABLE_QT5=off manually disabled these because cmake failed to do it: @@ -14,7 +16,7 @@ new file mode 100644 index 0fbd336a..451213f8 100644 --- /dev/null +++ b/config.h -@@ -0,0 +1,248 @@ +@@ -0,0 +1,221 @@ +/* config.h. Generated from config.h.cmake by cmake. */ + +/* Build against libcurl. */ @@ -120,21 +122,6 @@ index 0fbd336a..451213f8 100644 +#endif + +#if !defined(_WIN32) -+/* Define to 1 if you have the `rand_r' function. */ -+#define HAVE_RAND_R 1 -+#endif -+ -+#if defined(_WIN32) -+/* Define to 1 if you have the `strcpy_s' function. */ -+#define HAVE_STRCPY_S 1 -+#endif -+ -+#if defined(_WIN32) -+/* Define to 1 if you have the `strcat_s' function. */ -+#define HAVE_STRCAT_S 1 -+#endif -+ -+#if !defined(_WIN32) +/* Defines if strtok_r is available on your system */ +#define HAVE_STRTOK_R 1 +#endif @@ -147,9 +134,6 @@ index 0fbd336a..451213f8 100644 +#define HAVE_POPEN 1 +#endif + -+/* Use splash for rendering. */ -+/* #undef HAVE_SPLASH */ -+ +#if !defined(__APPLE__) && !defined(_WIN32) +/* Define to 1 if you have the <sys/dir.h> header file, and it defines `DIR'. + */ @@ -179,9 +163,6 @@ index 0fbd336a..451213f8 100644 +/* Define as const if the declaration of iconv() needs const. */ +#define ICONV_CONST + -+/* Enable multithreading support. */ -+#define MULTITHREADED 1 -+ +/* Generate OPI comments in PS output. */ +#define OPI_SUPPORT 1 + @@ -195,7 +176,7 @@ index 0fbd336a..451213f8 100644 +#define PACKAGE_NAME "poppler" + +/* Define to the full name and version of this package. */ -+#define PACKAGE_STRING "poppler 0.82.0" ++#define PACKAGE_STRING "poppler 21.01.0" + +/* Define to the one symbol short name of this package. */ +#define PACKAGE_TARNAME "poppler" @@ -204,7 +185,7 @@ index 0fbd336a..451213f8 100644 +#define PACKAGE_URL "" + +/* Define to the version of this package. */ -+#define PACKAGE_VERSION "0.82.0" ++#define PACKAGE_VERSION "21.01.0" + +/* Poppler data dir */ +#define POPPLER_DATADIR "/usr/local/share/poppler" @@ -212,23 +193,17 @@ index 0fbd336a..451213f8 100644 +/* Support for curl based doc builder is compiled in. */ +/* #undef POPPLER_HAS_CURL_SUPPORT */ + -+/* Include support for CMYK rasterization */ -+/* #undef SPLASH_CMYK */ -+ +/* Enable word list support. */ +#define TEXTOUT_WORD_LIST 1 + +/* Defines if use cms */ +/* #undef USE_CMS */ + -+/* Use fixed point arithmetic in the Splash backend */ -+/* #undef USE_FIXEDPOINT */ -+ +/* Use single precision arithmetic in the Splash backend */ +/* #undef USE_FLOAT */ + +/* Version number of package */ -+#define VERSION "0.82.0" ++#define VERSION "21.01.0" + +#if defined(__APPLE__) +#elif defined (_WIN32) @@ -268,7 +243,7 @@ new file mode 100644 index 0fbd336a..451213f8 100644 --- /dev/null +++ b/poppler/poppler-config.h -@@ -0,0 +1,173 @@ +@@ -0,0 +1,166 @@ +//================================================= -*- mode: c++ -*- ==== +// +// poppler-config.h @@ -288,6 +263,9 @@ index 0fbd336a..451213f8 100644 +// Copyright (C) 2014 Hib Eris <[email protected]> +// Copyright (C) 2016 Tor Lillqvist <[email protected]> +// Copyright (C) 2017 Adrian Johnson <[email protected]> ++// Copyright (C) 2018 Adam Reichold <[email protected]> ++// Copyright (C) 2018 Stefan BrĂ¼ns <[email protected]> ++// Copyright (C) 2020 Albert Astals Cid <[email protected]> +// +// To see a description of the changes please see the Changelog file that +// came with your tarball or type make ChangeLog if you are building from git @@ -304,17 +282,7 @@ index 0fbd336a..451213f8 100644 + +/* Defines the poppler version. */ +#ifndef POPPLER_VERSION -+#define POPPLER_VERSION "0.82.0" -+#endif -+ -+/* Enable multithreading support. */ -+#ifndef MULTITHREADED -+#define MULTITHREADED 1 -+#endif -+ -+/* Use fixedpoint. */ -+#ifndef USE_FIXEDPOINT -+/* #undef USE_FIXEDPOINT */ ++#define POPPLER_VERSION "21.01.0" +#endif + +/* Use single precision arithmetic in the Splash backend */ @@ -401,17 +369,17 @@ index 0fbd336a..451213f8 100644 +/* #undef USE_BOOST_HEADERS */ +#endif + -+// Also, there are preprocessor symbols in the header files -+// that are used but never defined when building poppler using configure -+// or cmake: DISABLE_OUTLINE, DEBUG_MEM, -+// ENABLE_PLUGINS, DEBUG_FORMS ++/* Is splash backend available */ ++#ifndef HAVE_SPLASH ++/* #undef HAVE_SPLASH */ ++#endif + +//------------------------------------------------------------------------ +// version +//------------------------------------------------------------------------ + +// copyright notice -+#define popplerCopyright "Copyright 2005-2018 The Poppler Developers - http://poppler.freedesktop.org"; ++#define popplerCopyright "Copyright 2005-2021 The Poppler Developers - http://poppler.freedesktop.org"; +#define xpdfCopyright "Copyright 1996-2011 Glyph & Cog, LLC" + +//------------------------------------------------------------------------ @@ -429,7 +397,7 @@ index 0fbd336a..451213f8 100644 +//------------------------------------------------------------------------ + +#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ > 4) -+#include <stdio.h> // __MINGW_PRINTF_FORMAT is defined in the mingw stdio.h ++#include <cstdio> // __MINGW_PRINTF_FORMAT is defined in the mingw stdio.h +#ifdef __MINGW_PRINTF_FORMAT +#define GCC_PRINTF_FORMAT(fmt_index, va_index) \ + __attribute__((__format__(__MINGW_PRINTF_FORMAT, fmt_index, va_index))) @@ -471,9 +439,9 @@ index 0fbd336a..451213f8 100644 + +#include "poppler-global.h" + -+#define POPPLER_VERSION "0.82.0" -+#define POPPLER_VERSION_MAJOR 0 -+#define POPPLER_VERSION_MINOR 82 ++#define POPPLER_VERSION "21.01.0" ++#define POPPLER_VERSION_MAJOR 21 ++#define POPPLER_VERSION_MINOR 1 +#define POPPLER_VERSION_MICRO 0 + +namespace poppler commit f9ffaff5e354ba5ac200fdce9b2e2a4bd3045890 Author: Michael Stahl <[email protected]> AuthorDate: Wed Jan 6 17:39:19 2021 +0100 Commit: Michael Stahl <[email protected]> CommitDate: Fri Jan 8 12:49:25 2021 +0100 openssl: add patch to fix CVE-2020-1971 Change-Id: Ia756f1fa642eeb6dcadc867cc9730732a73c11b4 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108884 Tested-by: Jenkins Reviewed-by: Thorsten Behrens <[email protected]> (cherry picked from commit b4c5bd9b330068e8c550e398cf761457ec9b6aa4) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108948 Tested-by: Thorsten Behrens <[email protected]> diff --git a/external/openssl/UnpackedTarball_openssl.mk b/external/openssl/UnpackedTarball_openssl.mk index 719b8b0e5842..ad600cce1412 100644 --- a/external/openssl/UnpackedTarball_openssl.mk +++ b/external/openssl/UnpackedTarball_openssl.mk @@ -21,6 +21,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,openssl,\ external/openssl/opensslosxppc.patch \ external/openssl/openssl-3650-masm.patch.1 \ external/openssl/openssl-fixbuild.patch.1 \ + external/openssl/openssl-1.0.2k-cve-2020-1971.patch.1 \ )) # vim: set noet sw=4 ts=4: diff --git a/external/openssl/openssl-1.0.2k-cve-2020-1971.patch.1 b/external/openssl/openssl-1.0.2k-cve-2020-1971.patch.1 new file mode 100644 index 000000000000..313f9cd870d7 --- /dev/null +++ b/external/openssl/openssl-1.0.2k-cve-2020-1971.patch.1 @@ -0,0 +1,578 @@ +diff -up openssl-1.0.2k/crypto/asn1/asn1_err.c.null-dereference openssl-1.0.2k/crypto/asn1/asn1_err.c +--- openssl-1.0.2k/crypto/asn1/asn1_err.c.null-dereference 2020-12-04 10:08:08.506247597 +0100 ++++ openssl-1.0.2k/crypto/asn1/asn1_err.c 2020-12-04 10:12:31.901956486 +0100 +@@ -1,6 +1,6 @@ + /* crypto/asn1/asn1_err.c */ + /* ==================================================================== +- * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved. ++ * Copyright (c) 1999-2020 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions +@@ -103,6 +103,7 @@ static ERR_STRING_DATA ASN1_str_functs[] + {ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"}, + {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW), "ASN1_ITEM_EX_COMBINE_NEW"}, + {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"}, ++ {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EX_I2D, 0), "ASN1_item_ex_i2d"}, + {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"}, + {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"}, + {ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"}, +@@ -202,6 +203,7 @@ static ERR_STRING_DATA ASN1_str_reasons[ + {ERR_REASON(ASN1_R_AUX_ERROR), "aux error"}, + {ERR_REASON(ASN1_R_BAD_CLASS), "bad class"}, + {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER), "bad object header"}, ++ {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_TEMPLATE), "bad template"}, + {ERR_REASON(ASN1_R_BAD_PASSWORD_READ), "bad password read"}, + {ERR_REASON(ASN1_R_BAD_TAG), "bad tag"}, + {ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH), +diff -up openssl-1.0.2k/crypto/asn1/asn1.h.null-dereference openssl-1.0.2k/crypto/asn1/asn1.h +--- openssl-1.0.2k/crypto/asn1/asn1.h.null-dereference 2020-12-04 11:00:06.896637900 +0100 ++++ openssl-1.0.2k/crypto/asn1/asn1.h 2020-12-04 11:04:47.079562987 +0100 +@@ -1202,6 +1202,7 @@ void ERR_load_ASN1_strings(void); + # define ASN1_F_ASN1_ITEM_DUP 191 + # define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW 121 + # define ASN1_F_ASN1_ITEM_EX_D2I 120 ++# define ASN1_F_ASN1_ITEM_EX_I2D 231 + # define ASN1_F_ASN1_ITEM_I2D_BIO 192 + # define ASN1_F_ASN1_ITEM_I2D_FP 193 + # define ASN1_F_ASN1_ITEM_PACK 198 +@@ -1298,6 +1299,7 @@ void ERR_load_ASN1_strings(void); + # define ASN1_R_AUX_ERROR 100 + # define ASN1_R_BAD_CLASS 101 + # define ASN1_R_BAD_OBJECT_HEADER 102 ++# define ASN1_R_BAD_TEMPLATE 230 + # define ASN1_R_BAD_PASSWORD_READ 103 + # define ASN1_R_BAD_TAG 104 + # define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214 +diff -up openssl-1.0.2k/crypto/asn1/tasn_dec.c.null-dereference openssl-1.0.2k/crypto/asn1/tasn_dec.c +--- openssl-1.0.2k/crypto/asn1/tasn_dec.c.null-dereference 2020-12-04 10:12:42.036057323 +0100 ++++ openssl-1.0.2k/crypto/asn1/tasn_dec.c 2020-12-04 10:17:45.685035333 +0100 +@@ -223,6 +223,15 @@ static int asn1_item_ex_d2i(ASN1_VALUE * + break; + + case ASN1_ITYPE_MSTRING: ++ /* ++ * It never makes sense for multi-strings to have implicit tagging, so ++ * if tag != -1, then this looks like an error in the template. ++ */ ++ if (tag != -1) { ++ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_BAD_TEMPLATE); ++ goto err; ++ } ++ + p = *in; + /* Just read in tag and class */ + ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, +@@ -240,6 +249,7 @@ static int asn1_item_ex_d2i(ASN1_VALUE * + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL); + goto err; + } ++ + /* Check tag matches bit map */ + if (!(ASN1_tag2bit(otag) & it->utype)) { + /* If OPTIONAL, assume this is OK */ +@@ -316,6 +326,15 @@ static int asn1_item_ex_d2i(ASN1_VALUE * + goto err; + + case ASN1_ITYPE_CHOICE: ++ /* ++ * It never makes sense for CHOICE types to have implicit tagging, so ++ * if tag != -1, then this looks like an error in the template. ++ */ ++ if (tag != -1) { ++ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_BAD_TEMPLATE); ++ goto err; ++ } ++ + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) + goto auxerr; + if (*pval) { +diff -up openssl-1.0.2k/crypto/asn1/tasn_enc.c.null-dereference openssl-1.0.2k/crypto/asn1/tasn_enc.c +--- openssl-1.0.2k/crypto/asn1/tasn_enc.c.null-dereference 2020-12-04 10:18:30.261472002 +0100 ++++ openssl-1.0.2k/crypto/asn1/tasn_enc.c 2020-12-04 10:21:14.310078987 +0100 +@@ -151,9 +151,25 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, + break; + + case ASN1_ITYPE_MSTRING: ++ /* ++ * It never makes sense for multi-strings to have implicit tagging, so ++ * if tag != -1, then this looks like an error in the template. ++ */ ++ if (tag != -1) { ++ ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE); ++ return -1; ++ } + return asn1_i2d_ex_primitive(pval, out, it, -1, aclass); + + case ASN1_ITYPE_CHOICE: ++ /* ++ * It never makes sense for CHOICE types to have implicit tagging, so ++ * if tag != -1, then this looks like an error in the template. ++ */ ++ if (tag != -1) { ++ ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE); ++ return -1; ++ } + if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) + return 0; + i = asn1_get_choice_selector(pval, it); +diff -up openssl-1.0.2k/crypto/x509v3/v3_genn.c.null-dereference openssl-1.0.2k/crypto/x509v3/v3_genn.c +--- openssl-1.0.2k/crypto/x509v3/v3_genn.c.null-dereference 2020-12-04 10:28:02.374237945 +0100 ++++ openssl-1.0.2k/crypto/x509v3/v3_genn.c 2020-12-04 10:36:51.156138263 +0100 +@@ -72,8 +72,9 @@ ASN1_SEQUENCE(OTHERNAME) = { + IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME) + + ASN1_SEQUENCE(EDIPARTYNAME) = { +- ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0), +- ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1) ++ /* DirectoryString is a CHOICE type so use explicit tagging */ ++ ASN1_EXP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0), ++ ASN1_EXP(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1) + } ASN1_SEQUENCE_END(EDIPARTYNAME) + + IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME) +@@ -107,6 +108,37 @@ GENERAL_NAME *GENERAL_NAME_dup(GENERAL_N + (char *)a); + } + ++static int edipartyname_cmp(const EDIPARTYNAME *a, const EDIPARTYNAME *b) ++{ ++ int res; ++ ++ if (a == NULL || b == NULL) { ++ /* ++ * Shouldn't be possible in a valid GENERAL_NAME, but we handle it ++ * anyway. OTHERNAME_cmp treats NULL != NULL so we do the same here ++ */ ++ return -1; ++ } ++ if (a->nameAssigner == NULL && b->nameAssigner != NULL) ++ return -1; ++ if (a->nameAssigner != NULL && b->nameAssigner == NULL) ++ return 1; ++ /* If we get here then both have nameAssigner set, or both unset */ ++ if (a->nameAssigner != NULL) { ++ res = ASN1_STRING_cmp(a->nameAssigner, b->nameAssigner); ++ if (res != 0) ++ return res; ++ } ++ /* ++ * partyName is required, so these should never be NULL. We treat it in ++ * the same way as the a == NULL || b == NULL case above ++ */ ++ if (a->partyName == NULL || b->partyName == NULL) ++ return -1; ++ ++ return ASN1_STRING_cmp(a->partyName, b->partyName); ++} ++ + /* Returns 0 if they are equal, != 0 otherwise. */ + int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) + { +@@ -116,8 +148,11 @@ int GENERAL_NAME_cmp(GENERAL_NAME *a, GE + return -1; + switch (a->type) { + case GEN_X400: ++ result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address); ++ break; ++ + case GEN_EDIPARTY: +- result = ASN1_TYPE_cmp(a->d.other, b->d.other); ++ result = edipartyname_cmp(a->d.ediPartyName, b->d.ediPartyName); + break; + + case GEN_OTHERNAME: +@@ -164,8 +199,11 @@ void GENERAL_NAME_set0_value(GENERAL_NAM + { + switch (type) { + case GEN_X400: ++ a->d.x400Address = value; ++ break; ++ + case GEN_EDIPARTY: +- a->d.other = value; ++ a->d.ediPartyName = value; + break; + + case GEN_OTHERNAME: +@@ -199,8 +237,10 @@ void *GENERAL_NAME_get0_value(GENERAL_NA + *ptype = a->type; + switch (a->type) { + case GEN_X400: ++ return a->d.x400Address; ++ + case GEN_EDIPARTY: +- return a->d.other; ++ return a->d.ediPartyName; + + case GEN_OTHERNAME: + return a->d.otherName; +diff -up openssl-1.0.2k/crypto/x509v3/v3nametest.c.null-dereference openssl-1.0.2k/crypto/x509v3/v3nametest.c +--- openssl-1.0.2k/crypto/x509v3/v3nametest.c.null-dereference 2020-12-04 10:28:02.374237945 +0100 ++++ openssl-1.0.2k/crypto/x509v3/v3nametest.c 2020-12-04 10:36:51.156138263 +0100 +@@ -321,6 +321,356 @@ static void run_cert(X509 *crt, const ch + } + } + ++struct gennamedata { ++ const unsigned char der[22]; ++ size_t derlen; ++} gennames[] = { ++ { ++ /* ++ * [0] { ++ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } ++ * [0] { ++ * SEQUENCE {} ++ * } ++ * } ++ */ ++ { ++ 0xa0, 0x13, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, ++ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x02, 0x30, 0x00 ++ }, ++ 21 ++ }, { ++ /* ++ * [0] { ++ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } ++ * [0] { ++ * [APPLICATION 0] {} ++ * } ++ * } ++ */ ++ { ++ 0xa0, 0x13, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, ++ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x02, 0x60, 0x00 ++ }, ++ 21 ++ }, { ++ /* ++ * [0] { ++ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } ++ * [0] { ++ * UTF8String { "a" } ++ * } ++ * } ++ */ ++ { ++ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, ++ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x0c, 0x01, 0x61 ++ }, ++ 22 ++ }, { ++ /* ++ * [0] { ++ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.2 } ++ * [0] { ++ * UTF8String { "a" } ++ * } ++ * } ++ */ ++ { ++ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, ++ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x02, 0xa0, 0x03, 0x0c, 0x01, 0x61 ++ }, ++ 22 ++ }, { ++ /* ++ * [0] { ++ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } ++ * [0] { ++ * UTF8String { "b" } ++ * } ++ * } ++ */ ++ { ++ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, ++ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x0c, 0x01, 0x62 ++ }, ++ 22 ++ }, { ++ /* ++ * [0] { ++ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } ++ * [0] { ++ * BOOLEAN { TRUE } ++ * } ++ * } ++ */ ++ { ++ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, ++ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x01, 0x01, 0xff ++ }, ++ 22 ++ }, { ++ /* ++ * [0] { ++ * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 } ++ * [0] { ++ * BOOLEAN { FALSE } ++ * } ++ * } ++ */ ++ { ++ 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, ++ 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x01, 0x01, 0x00 ++ }, ++ 22 ++ }, { ++ /* [1 PRIMITIVE] { "a" } */ ++ { ++ 0x81, 0x01, 0x61 ++ }, ++ 3 ++ }, { ++ /* [1 PRIMITIVE] { "b" } */ ++ { ++ 0x81, 0x01, 0x62 ++ }, ++ 3 ++ }, { ++ /* [2 PRIMITIVE] { "a" } */ ++ { ++ 0x82, 0x01, 0x61 ++ }, ++ 3 ++ }, { ++ /* [2 PRIMITIVE] { "b" } */ ++ { ++ 0x82, 0x01, 0x62 ++ }, ++ 3 ++ }, { ++ /* ++ * [4] { ++ * SEQUENCE { ++ * SET { ++ * SEQUENCE { ++ * # commonName ++ * OBJECT_IDENTIFIER { 2.5.4.3 } ++ * UTF8String { "a" } ++ * } ++ * } ++ * } ++ * } ++ */ ++ { ++ 0xa4, 0x0e, 0x30, 0x0c, 0x31, 0x0a, 0x30, 0x08, 0x06, 0x03, 0x55, ++ 0x04, 0x03, 0x0c, 0x01, 0x61 ++ }, ++ 16 ++ }, { ++ /* ++ * [4] { ++ * SEQUENCE { ++ * SET { ++ * SEQUENCE { ++ * # commonName ++ * OBJECT_IDENTIFIER { 2.5.4.3 } ++ * UTF8String { "b" } ++ * } ++ * } ++ * } ++ * } ++ */ ++ { ++ 0xa4, 0x0e, 0x30, 0x0c, 0x31, 0x0a, 0x30, 0x08, 0x06, 0x03, 0x55, ++ 0x04, 0x03, 0x0c, 0x01, 0x62 ++ }, ++ 16 ++ }, { ++ /* ++ * [5] { ++ * [1] { ++ * UTF8String { "a" } ++ * } ++ * } ++ */ ++ { ++ 0xa5, 0x05, 0xa1, 0x03, 0x0c, 0x01, 0x61 ++ }, ++ 7 ++ }, { ++ /* ++ * [5] { ++ * [1] { ++ * UTF8String { "b" } ++ * } ++ * } ++ */ ++ { ++ 0xa5, 0x05, 0xa1, 0x03, 0x0c, 0x01, 0x62 ++ }, ++ 7 ++ }, { ++ /* ++ * [5] { ++ * [0] { ++ * UTF8String {} ++ * } ++ * [1] { ++ * UTF8String { "a" } ++ * } ++ * } ++ */ ++ { ++ 0xa5, 0x09, 0xa0, 0x02, 0x0c, 0x00, 0xa1, 0x03, 0x0c, 0x01, 0x61 ++ }, ++ 11 ++ }, { ++ /* ++ * [5] { ++ * [0] { ++ * UTF8String { "a" } ++ * } ++ * [1] { ++ * UTF8String { "a" } ++ * } ++ * } ++ */ ++ { ++ 0xa5, 0x0a, 0xa0, 0x03, 0x0c, 0x01, 0x61, 0xa1, 0x03, 0x0c, 0x01, ++ 0x61 ++ }, ++ 12 ++ }, { ++ /* ++ * [5] { ++ * [0] { ++ * UTF8String { "b" } ++ * } ++ * [1] { ++ * UTF8String { "a" } ++ * } ++ * } ++ */ ++ { ++ 0xa5, 0x0a, 0xa0, 0x03, 0x0c, 0x01, 0x62, 0xa1, 0x03, 0x0c, 0x01, ++ 0x61 ++ }, ++ 12 ++ }, { ++ /* [6 PRIMITIVE] { "a" } */ ++ { ++ 0x86, 0x01, 0x61 ++ }, ++ 3 ++ }, { ++ /* [6 PRIMITIVE] { "b" } */ ++ { ++ 0x86, 0x01, 0x62 ++ }, ++ 3 ++ }, { ++ /* [7 PRIMITIVE] { `11111111` } */ ++ { ++ 0x87, 0x04, 0x11, 0x11, 0x11, 0x11 ++ }, ++ 6 ++ }, { ++ /* [7 PRIMITIVE] { `22222222`} */ ++ { ++ 0x87, 0x04, 0x22, 0x22, 0x22, 0x22 ++ }, ++ 6 ++ }, { ++ /* [7 PRIMITIVE] { `11111111111111111111111111111111` } */ ++ { ++ 0x87, 0x10, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, ++ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11 ++ }, ++ 18 ++ }, { ++ /* [7 PRIMITIVE] { `22222222222222222222222222222222` } */ ++ { ++ 0x87, 0x10, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, ++ 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22 ++ }, ++ 18 ++ }, { ++ /* [8 PRIMITIVE] { 1.2.840.113554.4.1.72585.2.1 } */ ++ { ++ 0x88, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, ++ 0xb7, 0x09, 0x02, 0x01 ++ }, ++ 15 ++ }, { ++ /* [8 PRIMITIVE] { 1.2.840.113554.4.1.72585.2.2 } */ ++ { ++ 0x88, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, ++ 0xb7, 0x09, 0x02, 0x02 ++ }, ++ 15 ++ } ++}; ++ ++#define OSSL_NELEM(x) (sizeof(x)/sizeof((x)[0])) ++ ++static int test_GENERAL_NAME_cmp(void) ++{ ++ size_t i, j; ++ GENERAL_NAME **namesa = OPENSSL_malloc(sizeof(*namesa) ++ * OSSL_NELEM(gennames)); ++ GENERAL_NAME **namesb = OPENSSL_malloc(sizeof(*namesb) ++ * OSSL_NELEM(gennames)); ++ int testresult = 0; ++ ++ if (namesa == NULL || namesb == NULL) ++ goto end; ++ ++ for (i = 0; i < OSSL_NELEM(gennames); i++) { ++ const unsigned char *derp = gennames[i].der; ++ ++ /* ++ * We create two versions of each GENERAL_NAME so that we ensure when ++ * we compare them they are always different pointers. ++ */ ++ namesa[i] = d2i_GENERAL_NAME(NULL, &derp, gennames[i].derlen); ++ derp = gennames[i].der; ++ namesb[i] = d2i_GENERAL_NAME(NULL, &derp, gennames[i].derlen); ++ if (namesa[i] == NULL || namesb[i] == NULL) ++ goto end; ++ } ++ ++ /* Every name should be equal to itself and not equal to any others. */ ++ for (i = 0; i < OSSL_NELEM(gennames); i++) { ++ for (j = 0; j < OSSL_NELEM(gennames); j++) { ++ if (i == j) { ++ if (GENERAL_NAME_cmp(namesa[i], namesb[j]) != 0) ++ goto end; ++ } else { ++ if (GENERAL_NAME_cmp(namesa[i], namesb[j]) == 0) ++ goto end; ++ } ++ } ++ } ++ testresult = 1; ++ ++ end: ++ for (i = 0; i < OSSL_NELEM(gennames); i++) { ++ if (namesa != NULL) ++ GENERAL_NAME_free(namesa[i]); ++ if (namesb != NULL) ++ GENERAL_NAME_free(namesb[i]); ++ } ++ OPENSSL_free(namesa); ++ OPENSSL_free(namesb); ++ ++ if (!testresult) ++ fprintf(stderr, "test of GENERAL_NAME_cmp failed\n"); ++ ++ return testresult; ++} ++ ++ ++ + int main(void) + { + const struct set_name_fn *pfn = name_fns; +@@ -342,5 +692,8 @@ int main(void) + } + ++pfn; + } ++ ++ errors += !test_GENERAL_NAME_cmp(); ++ + return errors > 0 ? 1 : 0; + } commit 17b7b46a4551a1bdd912d3ba8eec5e67da91dcf8 Author: Michael Stahl <[email protected]> AuthorDate: Fri Jan 8 12:48:35 2021 +0100 Commit: Michael Stahl <[email protected]> CommitDate: Fri Jan 8 12:49:25 2021 +0100 sw: add missing "break" Fixes failure of CppunitTest_uiwriter. Missing in cherry-pick of commit 9e7b5c74b484fcfd3317db56745b26b10897047d. Change-Id: I5dce3fc4c6aabcd2513368455fc84b733ac883a2 diff --git a/sw/source/core/doc/DocumentSettingManager.cxx b/sw/source/core/doc/DocumentSettingManager.cxx index 33887d039501..760b87e61e34 100644 --- a/sw/source/core/doc/DocumentSettingManager.cxx +++ b/sw/source/core/doc/DocumentSettingManager.cxx @@ -473,6 +473,7 @@ void sw::DocumentSettingManager::set(/*[in]*/ DocumentSettingId id, /*[in]*/ boo break; case DocumentSettingId::HEADER_SPACING_BELOW_LAST_PARA: mbHeaderSpacingBelowLastPara = value; + break; case DocumentSettingId::PROTECT_BOOKMARKS: mbProtectBookmarks = value; break; _______________________________________________ Libreoffice-commits mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
