[Libreoffice-commits] .: Branch 'libreoffice-3-4' - xmlsecurity/source

Caolán McNamara caolan at kemper.freedesktop.org
Mon Feb 20 05:17:14 PST 2012


 xmlsecurity/source/helper/xsecverify.cxx |   86 ++++++++++++++++++++++++++-----
 1 file changed, 74 insertions(+), 12 deletions(-)

New commits:
commit 3c70c38272e6a5d042f558b69044d21adc9fe7d0
Author: Michael Stahl <mstahl at redhat.com>
Date:   Mon Feb 20 12:47:14 2012 +0000

    fdo#39657: fix crash when parsing XML signatures

diff --git a/xmlsecurity/source/helper/xsecverify.cxx b/xmlsecurity/source/helper/xsecverify.cxx
index 39c93cd..2debeab 100644
--- a/xmlsecurity/source/helper/xsecverify.cxx
+++ b/xmlsecurity/source/helper/xsecverify.cxx
@@ -123,7 +123,12 @@ void XSecController::addSignature()
 
 void XSecController::addReference( const rtl::OUString& ouUri)
 {
-    InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+    if (m_vInternalSignatureInformations.empty())
+    {
+        OSL_TRACE("XSecController::addReference: no signature");
+        return;
+    }
+    InternalSignatureInformation &isi = m_vInternalSignatureInformations.back();
     isi.addReference(TYPE_SAMEDOCUMENT_REFERENCE,ouUri, -1 );
 }
 
@@ -133,7 +138,12 @@ void XSecController::addStreamReference(
 {
         sal_Int32 type = (isBinary?TYPE_BINARYSTREAM_REFERENCE:TYPE_XMLSTREAM_REFERENCE);
 
-    InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+    if (m_vInternalSignatureInformations.empty())
+    {
+        OSL_TRACE("XSecController::addStreamReference: no signature");
+        return;
+    }
+    InternalSignatureInformation &isi = m_vInternalSignatureInformations.back();
 
     if ( isi.xReferenceResolvedListener.is() )
     {
@@ -156,7 +166,13 @@ void XSecController::addStreamReference(
 
 void XSecController::setReferenceCount() const
 {
-    const InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+    if (m_vInternalSignatureInformations.empty())
+    {
+        OSL_TRACE("XSecController::setReferenceCount: no signature");
+        return;
+    }
+    const InternalSignatureInformation &isi =
+        m_vInternalSignatureInformations.back();
     
     if ( isi.xReferenceResolvedListener.is() )
     {
@@ -184,51 +200,97 @@ void XSecController::setReferenceCount() const
 
 void XSecController::setX509IssuerName( rtl::OUString& ouX509IssuerName )
 {
-    InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+    if (m_vInternalSignatureInformations.empty())
+    {
+        OSL_TRACE("XSecController::setX509IssuerName: no signature");
+        return;
+    }
+    InternalSignatureInformation &isi = m_vInternalSignatureInformations.back();
     isi.signatureInfor.ouX509IssuerName = ouX509IssuerName;
 }
 
 void XSecController::setX509SerialNumber( rtl::OUString& ouX509SerialNumber )
 {
-    InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+    if (m_vInternalSignatureInformations.empty())
+    {
+        OSL_TRACE("XSecController::setX509SerialNumber: no signature");
+        return;
+    }
+    InternalSignatureInformation &isi = m_vInternalSignatureInformations.back();
     isi.signatureInfor.ouX509SerialNumber = ouX509SerialNumber;
 }
 
 void XSecController::setX509Certificate( rtl::OUString& ouX509Certificate )
 {
-    InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+    if (m_vInternalSignatureInformations.empty())
+    {
+        OSL_TRACE("XSecController::setX509Certificate: no signature");
+        return;
+    }
+    InternalSignatureInformation &isi = m_vInternalSignatureInformations.back();
     isi.signatureInfor.ouX509Certificate = ouX509Certificate;
 }
 
 void XSecController::setSignatureValue( rtl::OUString& ouSignatureValue )
 {
-    InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+    if (m_vInternalSignatureInformations.empty())
+    {
+        OSL_TRACE("XSecController::setSignatureValue: no signature");
+        return;
+    }
+    InternalSignatureInformation &isi = m_vInternalSignatureInformations.back();
     isi.signatureInfor.ouSignatureValue = ouSignatureValue;
 }
 
 void XSecController::setDigestValue( rtl::OUString& ouDigestValue )
 {
-    SignatureInformation &si = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1].signatureInfor;
-    SignatureReferenceInformation &reference = si.vSignatureReferenceInfors[si.vSignatureReferenceInfors.size()-1];
+    if (m_vInternalSignatureInformations.empty())
+    {
+        OSL_TRACE("XSecController::setDigestValue: no signature");
+        return;
+    }
+    InternalSignatureInformation &isi = m_vInternalSignatureInformations.back();
+    if (isi.signatureInfor.vSignatureReferenceInfors.empty())
+    {
+        OSL_TRACE("XSecController::setDigestValue: no signature reference");
+        return;
+    }
+    SignatureReferenceInformation &reference =
+        isi.signatureInfor.vSignatureReferenceInfors.back();
     reference.ouDigestValue = ouDigestValue;
 }
 
 void XSecController::setDate( rtl::OUString& ouDate )
 {
-    InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+    if (m_vInternalSignatureInformations.empty())
+    {
+        OSL_TRACE("XSecController::setDate: no signature");
+        return;
+    }
+    InternalSignatureInformation &isi = m_vInternalSignatureInformations.back();
     convertDateTime( isi.signatureInfor.stDateTime, ouDate );
     isi.signatureInfor.ouDateTime = ouDate;
 }
 
 void XSecController::setId( rtl::OUString& ouId )
 {
-    InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+    if (m_vInternalSignatureInformations.empty())
+    {
+        OSL_TRACE("XSecController::setId: no signature");
+        return;
+    }
+    InternalSignatureInformation &isi = m_vInternalSignatureInformations.back();
     isi.signatureInfor.ouSignatureId = ouId;
 }
 
 void XSecController::setPropertyId( rtl::OUString& ouPropertyId )
 {
-    InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1];
+    if (m_vInternalSignatureInformations.empty())
+    {
+        OSL_TRACE("XSecController::setPropertyId: no signature");
+        return;
+    }
+    InternalSignatureInformation &isi = m_vInternalSignatureInformations.back();
     isi.signatureInfor.ouPropertyId = ouPropertyId;
 }
 


More information about the Libreoffice-commits mailing list