[Libreoffice-commits] core.git: oox/source

Tor Lillqvist tml at iki.fi
Wed Aug 14 04:27:52 PDT 2013 

 oox/source/core/DocumentCrypt.cxx |   12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

New commits:
commit 6fdf1275986cf63440fb86224a4152c0d3251de3
Author: Tor Lillqvist <tml at iki.fi>
Date:   Wed Aug 14 14:22:49 2013 +0300

    WaE: array subscript is above array bounds
    
    Avoid a (presumably bogus) warning produced by gcc 4.7 and 4.8, at least those
    in the Android NDK, in an optimising compilation. As such the code probably
    was OK, even if a bit ugly and suboptimal, as it doesn't seem to be sure
    whether various buffer lengths should be hardcoded or can be variable, etc.
    
    Change-Id: I29790cb7a9cb65735e4ebb9a1a198f8575282ecf

diff --git a/oox/source/core/DocumentCrypt.cxx b/oox/source/core/DocumentCrypt.cxx
index 640e417..9ec9f8d 100644
--- a/oox/source/core/DocumentCrypt.cxx
+++ b/oox/source/core/DocumentCrypt.cxx
@@ -161,6 +161,9 @@ bool lclWriteEncryptionInfo( PackageEncryptionInfo& rEncrInfo, BinaryOutputStrea
 
 void lclDeriveKey( const sal_uInt8* pnHash, sal_uInt32 nHashLen, sal_uInt8* pnKeyDerived, sal_uInt32 nRequiredKeyLen )
 {
+    // De facto we are always called with nRequiredKeyLen == 16, at least currently
+    assert(nRequiredKeyLen == 16);
+
     sal_uInt8 pnBuffer[ 64 ];
     memset( pnBuffer, 0x36, sizeof( pnBuffer ) );
     for( sal_uInt32 i = 0; i < nHashLen; ++i )
@@ -182,11 +185,17 @@ void lclDeriveKey( const sal_uInt8* pnHash, sal_uInt32 nHashLen, sal_uInt8* pnKe
     rtl_digest_get( aDigest, pnX2, RTL_DIGEST_LENGTH_SHA1 );
     rtl_digest_destroy( aDigest );
 
+#if 0 // for now nRequiredKeyLen will always be 16 and thus less than
+      // RTL_DIGEST_LENGTH_SHA1==20, see assert above...
     if( nRequiredKeyLen > RTL_DIGEST_LENGTH_SHA1 )
     {
+        // This memcpy call generates a (bogus?) warning when
+        // compiling with gcc 4.7 and 4.8 and optimising: array
+        // subscript is above array bounds.
         memcpy( pnKeyDerived + RTL_DIGEST_LENGTH_SHA1, pnX2, nRequiredKeyLen - RTL_DIGEST_LENGTH_SHA1 );
         nRequiredKeyLen = RTL_DIGEST_LENGTH_SHA1;
     }
+#endif
     memcpy( pnKeyDerived, pnX1, nRequiredKeyLen );
 }
 
@@ -406,8 +415,9 @@ bool AesEncoder::encode()
 
     lclRandomGenerateValues( rEncrInfo.mnSaltSize, rEncrInfo.mpnSalt );
 
-    sal_Int32 keyLength = rEncrInfo.mnKeySize / 8;
+    const sal_Int32 keyLength = rEncrInfo.mnKeySize / 8;
     sal_uInt8 key[16];
+    assert(keyLength == 16);
     memset(key, 0, keyLength);
 
     lclGenerateEncryptionKey(rEncrInfo, maPassword, key, keyLength);

More information about the Libreoffice-commits mailing list