solenv/gdb/boost/util/printing.py | 2 - solenv/gdb/libreoffice/util/printing.py | 2 - vcl/source/gdi/svmconverter.cxx | 20 +++++++++++++ vcl/source/outdev/hatch.cxx | 7 ++++ xmlsecurity/source/component/documentdigitalsignatures.cxx | 13 +++++++- 5 files changed, 40 insertions(+), 4 deletions(-)
New commits: commit 02e0899b58f54f71f6b0c364f7ff30d1a5bd4a0f Author: Caolán McNamara <[email protected]> AuthorDate: Sun Mar 6 15:49:28 2022 +0000 Commit: Michael Stahl <[email protected]> CommitDate: Fri Mar 11 15:52:42 2022 +0100 ofz: Too many hatch points Change-Id: I08cb9d09a9bb48ab31763f50bc2fa23cf723330f Reviewed-on: https://gerrit.libreoffice.org/c/core/+/131014 Tested-by: Jenkins Reviewed-by: Michael Stahl <[email protected]> (cherry picked from commit bee0950a4c5bd996a8df0185b03c0f98e7a3de9c) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/131370 Tested-by: Michael Stahl <[email protected]> diff --git a/vcl/source/outdev/hatch.cxx b/vcl/source/outdev/hatch.cxx index 2059aa364824..f65b28ae5c24 100644 --- a/vcl/source/outdev/hatch.cxx +++ b/vcl/source/outdev/hatch.cxx @@ -373,7 +373,14 @@ void OutputDevice::DrawHatchLine( const tools::Line& rLine, const tools::PolyPol nAdd = 1; if( nAdd ) + { + if (nPCounter == HATCH_MAXPOINTS) + { + SAL_WARN("vcl.gdi", "too many hatch points"); + return; + } pPtBuffer[ nPCounter++ ] = Point( FRound( fX ), FRound( fY ) ); + } } aCurSegment.SetStart( aCurSegment.GetEnd() ); commit 205a73755b02ece750f85f95f7091d490facc3ee Author: Caolán McNamara <[email protected]> AuthorDate: Fri Mar 4 10:38:50 2022 +0000 Commit: Michael Stahl <[email protected]> CommitDate: Fri Mar 11 15:52:13 2022 +0100 clamp and add some logging like SvmReader LIBREOFFICE-OWMTGGWJ Change-Id: I8f744e1ab2684a0f0995abcc3e753a684a3b970a Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130982 Tested-by: Jenkins Reviewed-by: Michael Stahl <[email protected]> (cherry picked from commit 19add15932e579c931480eed42eeea52d0551897) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/131369 Tested-by: Michael Stahl <[email protected]> diff --git a/vcl/source/gdi/svmconverter.cxx b/vcl/source/gdi/svmconverter.cxx index a9773ffbd682..b1bd726969f5 100644 --- a/vcl/source/gdi/svmconverter.cxx +++ b/vcl/source/gdi/svmconverter.cxx @@ -504,6 +504,23 @@ namespace nFollowingActionCount = remainingActions; return std::min(remainingActions, nFollowingActionCount); } + + void ClampRange(const OUString& rStr, sal_Int32& rIndex, sal_Int32& rLength) + { + const sal_Int32 nStrLength = rStr.getLength(); + + if (rIndex < 0 || rIndex > nStrLength) + { + SAL_WARN("vcl.gdi", "inconsistent offset"); + rIndex = nStrLength; + } + + if (rLength < 0 || rLength > nStrLength - rIndex) + { + SAL_WARN("vcl.gdi", "inconsistent len"); + rLength = nStrLength - rIndex; + } + } } #define LF_FACESIZE 32 @@ -927,6 +944,7 @@ void SVMConverter::ImplConvertFromSVM1( SvStream& rIStm, GDIMetaFile& rMtf ) OUString aStr(OStringToOUString(aByteStr, eActualCharSet)); if ( nUnicodeCommentActionNumber == i ) ImplReadUnicodeComment( nUnicodeCommentStreamPos, rIStm, aStr ); + ClampRange(aStr, nIndex, nLen); rMtf.AddAction( new MetaTextAction( aPt, aStr, nIndex, nLen ) ); } @@ -1017,6 +1035,7 @@ void SVMConverter::ImplConvertFromSVM1( SvStream& rIStm, GDIMetaFile& rMtf ) } if ( nUnicodeCommentActionNumber == i ) ImplReadUnicodeComment( nUnicodeCommentStreamPos, rIStm, aStr ); + ClampRange(aStr, nIndex, nLen); rMtf.AddAction( new MetaTextArrayAction( aPt, aStr, pDXAry.get(), nIndex, nLen ) ); } @@ -1042,6 +1061,7 @@ void SVMConverter::ImplConvertFromSVM1( SvStream& rIStm, GDIMetaFile& rMtf ) OUString aStr(OStringToOUString(aByteStr, eActualCharSet)); if ( nUnicodeCommentActionNumber == i ) ImplReadUnicodeComment( nUnicodeCommentStreamPos, rIStm, aStr ); + ClampRange(aStr, nIndex, nLen); rMtf.AddAction( new MetaStretchTextAction( aPt, nWidth, aStr, nIndex, nLen ) ); } commit 2c8c221b88f2e2bb5b29a6c1bcce1ea75e98136a Author: Caolán McNamara <[email protected]> AuthorDate: Thu Mar 3 14:22:37 2022 +0000 Commit: Michael Stahl <[email protected]> CommitDate: Fri Mar 11 15:50:21 2022 +0100 compare authors using Thumbprint Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130929 Tested-by: Jenkins Reviewed-by: Miklos Vajna <[email protected]> (cherry picked from commit 65442205b5b274ad309308162f150f8d41648f72) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130866 Reviewed-by: Michael Stahl <[email protected]> (cherry picked from commit a7aaa78acea4c1d51283c2fce54ff9f5339026f8) Change-Id: I338f58eb07cbf0a3d13a7dafdaddac09252a8546 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/131368 Tested-by: Michael Stahl <[email protected]> Reviewed-by: Michael Stahl <[email protected]> diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index dc8d93ec8ec7..91103165ff83 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -616,8 +616,17 @@ sal_Bool DocumentDigitalSignatures::isAuthorTrusted( for ( ; pAuthors != pAuthorsEnd; ++pAuthors ) { SvtSecurityOptions::Certificate aAuthor = *pAuthors; - if (xmlsecurity::EqualDistinguishedNames(aAuthor[0], xAuthor->getIssuerName(), xmlsecurity::NOCOMPAT) - && (aAuthor[1] == sSerialNum)) + if (!xmlsecurity::EqualDistinguishedNames(aAuthor[0], xAuthor->getIssuerName(), xmlsecurity::NOCOMPAT)) + continue; + if (aAuthor[1] != sSerialNum) + continue; + + DocumentSignatureManager aSignatureManager(mxCtx, {}); + if (!aSignatureManager.init()) + return false; + uno::Reference<css::security::XCertificate> xCert = + aSignatureManager.getSecurityEnvironment()->createCertificateFromAscii(aAuthor[2]); + if (xCert->getSHA1Thumbprint() == xAuthor->getSHA1Thumbprint()) { bFound = true; break; commit 4ff8f5f02a830a7b8ace09864dd6b038bb3999f8 Author: Stephan Bergmann <[email protected]> AuthorDate: Thu Sep 24 09:53:24 2020 +0200 Commit: Michael Stahl <[email protected]> CommitDate: Thu Mar 10 17:37:37 2022 +0100 Fix Python deprecation warnings I noticed these "DeprecationWarning: Using or importing the ABCs from 'collections' instead of from 'collections.abc' is deprecated since Python 3.3, and in 3.9 it will stop working" now when running tests with CPPUNITTRACE='gdb --args' on Fedora 32. Change-Id: If263dacb9df5c1fffd2be2418e13e69b96070c77 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103294 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <[email protected]> (cherry picked from commit 4a899a5f8a72ea29a6919316afe3627de9f33e95) diff --git a/solenv/gdb/boost/util/printing.py b/solenv/gdb/boost/util/printing.py index 1d5d0bac9fc6..4088f3a3fa3b 100644 --- a/solenv/gdb/boost/util/printing.py +++ b/solenv/gdb/boost/util/printing.py @@ -19,7 +19,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. -from collections import Mapping +from collections.abc import Mapping import gdb import re import six diff --git a/solenv/gdb/libreoffice/util/printing.py b/solenv/gdb/libreoffice/util/printing.py index 9cbae3080a64..7ce29899355a 100644 --- a/solenv/gdb/libreoffice/util/printing.py +++ b/solenv/gdb/libreoffice/util/printing.py @@ -7,7 +7,7 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. # -from collections import Mapping +from collections.abc import Mapping import gdb import re import six
