[Libreoffice-commits] core.git: Branch 'distro/collabora/cp-4.1' - 10 commits - connectivity/qa connectivity/source curl/ExternalPackage_curl.mk icu/icu4c.10318.CVE-2013-2924_changeset_34076.patch icu/UnpackedTarball_icu.mk librelogo/source libvisio/0001-fdo-70480-do-not-crash-reading-malformed-zip.patch libvisio/UnpackedTarball_libvisio.mk sal/qa sal/rtl scp2/source sot/source vcl/generic vcl/inc vcl/Library_vcl.mk

Armin Le Grand alg at apache.org
Thu Oct 24 06:46:02 PDT 2013


 connectivity/qa/connectivity/commontools/FValue_test.cxx         |   24 +++
 connectivity/source/commontools/FValue.cxx                       |    9 +
 curl/ExternalPackage_curl.mk                                     |    6 
 icu/UnpackedTarball_icu.mk                                       |    1 
 icu/icu4c.10318.CVE-2013-2924_changeset_34076.patch              |   36 +++++
 librelogo/source/LibreLogo/LibreLogo.py                          |    3 
 libvisio/0001-fdo-70480-do-not-crash-reading-malformed-zip.patch |   26 ++++
 libvisio/UnpackedTarball_libvisio.mk                             |    6 
 sal/qa/rtl/math/test-rtl-math.cxx                                |    6 
 sal/rtl/math.cxx                                                 |    4 
 scp2/source/ooo/file_library_ooo.scp                             |    2 
 sot/source/sdstor/stgstrms.cxx                                   |   16 +-
 vcl/Library_vcl.mk                                               |    6 
 vcl/generic/fontmanager/fontconfig.cxx                           |   47 +++++++
 vcl/generic/glyphs/gcach_layout.cxx                              |   61 ++++++----
 vcl/inc/generic/glyphcache.hxx                                   |    5 
 16 files changed, 223 insertions(+), 35 deletions(-)

New commits:
commit 9df3ede147501d91c863c2a604d11fffcf99cb2c
Author: Armin Le Grand <alg at apache.org>
Date:   Wed Oct 16 16:47:38 2013 +0100

    i123485 secured file import scanning existing pages
    
    (cherry picked from commit 04b38114b0ca4be9895d8f9fa842b6cb390c8036
     and adapted to the rewritten scanBuildPageChainCache)
    
    Reviewed-on: https://gerrit.libreoffice.org/6272
    Reviewed-by: Michael Meeks <michael.meeks at collabora.com>
    Tested-by: Michael Meeks <michael.meeks at collabora.com>
    (cherry picked from commit dfa1afd0e8b7ae9c706c4a3171a04752e24230b0)
    
    Conflicts:
    	sot/source/sdstor/stgstrms.cxx
    
    Change-Id: Ib90d0563be5aeb69aa14c28b3304e42f3cc46162
    Reviewed-on: https://gerrit.libreoffice.org/6314
    Reviewed-by: Miklos Vajna <vmiklos at collabora.co.uk>
    Tested-by: Miklos Vajna <vmiklos at collabora.co.uk>

diff --git a/sot/source/sdstor/stgstrms.cxx b/sot/source/sdstor/stgstrms.cxx
index 1561204..1c9af60 100644
--- a/sot/source/sdstor/stgstrms.cxx
+++ b/sot/source/sdstor/stgstrms.cxx
@@ -23,6 +23,7 @@
 #include <sal/log.hxx>
 #include <osl/file.hxx>
 #include <tools/tempfile.hxx>
+#include <set>
 
 #include "sot/stg.hxx"
 #include "stgelem.hxx"
@@ -339,16 +340,23 @@ void StgStrm::scanBuildPageChainCache(sal_Int32 *pOptionalCalcSize)
 
     bool bError = false;
     sal_Int32 nBgn = nStart;
-    sal_Int32 nOldBgn = -1;
     sal_Int32 nOptSize = 0;
-    while( nBgn >= 0 && nBgn != nOldBgn )
+
+    // Track already scanned PageNumbers here and use them to
+    // see if an  already counted page is re-visited
+    std::set< sal_Int32 > nUsedPageNumbers;
+
+    while( nBgn >= 0 && !bError )
     {
         if( nBgn >= 0 )
             m_aPagesCache.push_back(nBgn);
-        nOldBgn = nBgn;
         nBgn = pFat->GetNextPage( nBgn );
-        if( nBgn == nOldBgn )
+
+        if( nUsedPageNumbers.find(nBgn) != nUsedPageNumbers.end() )
             bError = true;
+        else
+            nUsedPageNumbers.insert(nBgn);
+
         nOptSize += nPageSize;
     }
     if (bError)
commit 25b55d380a315b972e93ba1d7e6b8b0fc1625b57
Author: Michael Stahl <mstahl at redhat.com>
Date:   Wed Oct 23 22:20:25 2013 +0200

    curl: libcurl.so.4 goes into instset, not libcurl.so!
    
    Currently we ship a libucpftp1.so with NEEDED libcurl.so.4 but that file
    is not actually in the instset, just a libcurl.so with SONAME
    libcurl.so.4.
    
    (regression in LO 4.0.0)
    
    Change-Id: I3a194c83c408587dd83ed4c690aa381664040c6f
    (cherry picked from commit 30e1d4c0a9202d5c8057efdb0bfda11f46a25251)
    Reviewed-on: https://gerrit.libreoffice.org/6411
    Reviewed-by: Miklos Vajna <vmiklos at collabora.co.uk>
    Tested-by: Miklos Vajna <vmiklos at collabora.co.uk>

diff --git a/curl/ExternalPackage_curl.mk b/curl/ExternalPackage_curl.mk
index 5f55260..e9cb7a1 100644
--- a/curl/ExternalPackage_curl.mk
+++ b/curl/ExternalPackage_curl.mk
@@ -24,10 +24,8 @@ $(eval $(call gb_ExternalPackage_add_file,curl,lib/libcurl.so,lib/.libs/libcurl.
 else ifeq ($(OS),AIX)
 $(eval $(call gb_ExternalPackage_add_library_for_install,curl,lib/libcurl.so,lib/.libs/libcurl.so.4))
 else
-# TODO: Do we really want the unversioned library in the installation?
-# And if that's true, why do we need to deliver the versioned one at all?
-$(eval $(call gb_ExternalPackage_add_library_for_install,curl,lib/libcurl.so,lib/.libs/libcurl.so.4.2.0))
-$(eval $(call gb_ExternalPackage_add_file,curl,lib/libcurl.so.4,lib/.libs/libcurl.so.4.2.0))
+$(eval $(call gb_ExternalPackage_add_file,curl,lib/libcurl.so,lib/.libs/libcurl.so.4.2.0))
+$(eval $(call gb_ExternalPackage_add_library_for_install,curl,lib/libcurl.so.4,lib/.libs/libcurl.so.4.2.0))
 endif
 
 else ifeq ($(OS)$(COM),WNTGCC)
diff --git a/scp2/source/ooo/file_library_ooo.scp b/scp2/source/ooo/file_library_ooo.scp
index 36ec8d4..f353d45 100644
--- a/scp2/source/ooo/file_library_ooo.scp
+++ b/scp2/source/ooo/file_library_ooo.scp
@@ -150,7 +150,7 @@ File gid_File_Lib_Curl
     #ifdef MACOSX
        Name = STRING(CONCAT2(libcurl.4,UNXSUFFIX));
     #else
-       Name = STRING(CONCAT2(libcurl,UNXSUFFIX));
+       Name = STRING(CONCAT3(libcurl,UNXSUFFIX,.4));
     #endif
   #else
    #ifdef _gcc3
commit f8d77a37f687c6042c5d180d6393cb6475332626
Author: László Németh <nemeth at numbertext.org>
Date:   Thu Oct 24 08:46:46 2013 +0200

    librelogo: fix blinking LABEL
    
    Change-Id: I807dda255b741996480116fab22377b39bf963b4
    (cherry picked from commit 022c955f138e350d9a431489380c054d9766a4d0)
    Reviewed-on: https://gerrit.libreoffice.org/6413
    Reviewed-by: Miklos Vajna <vmiklos at collabora.co.uk>
    Tested-by: Miklos Vajna <vmiklos at collabora.co.uk>

diff --git a/librelogo/source/LibreLogo/LibreLogo.py b/librelogo/source/LibreLogo/LibreLogo.py
index 84be810..216bb0f 100644
--- a/librelogo/source/LibreLogo/LibreLogo.py
+++ b/librelogo/source/LibreLogo/LibreLogo.py
@@ -1027,6 +1027,7 @@ def label(st):
     # get text size 
     shape = _.doc.createInstance( "com.sun.star.drawing.TextShape")
     shape.TextAutoGrowWidth = True
+    shape.Visible = False
     actual = __getshape__(__ACTUAL__)
     _.drawpage.add(shape)
     text(shape, st[2])
commit e5346845b12774e53d0bc6d4300a849cf6088bc7
Author: Caolán McNamara <caolanm at redhat.com>
Date:   Tue Jun 4 15:48:23 2013 +0100

    fdo#70741 fdo#66042 rhbz#968892: force render full grapheme with fallback font
    
    Related: rhbz#968892 discard impossible languages for oriya script fallback
    Related: rhbz#968892 discard impossible languages for glyph fallback
    Resolves: fdo#66042 get the bounds of the current grapheme
    (also includes Change-Id: I14f1bab09eb0be9c2c896a1dde45913b99aab6df)
    (also includes Change-Id: I5b1808d74f0a1dd0d8b6ea22136e574c0a6e8e2a)
    (also includes Change-Id: I5bb98c61d047e69d74666261b2c489d80f344502)
    
    Change-Id: I46d8cacba2b8ca0f24e1c4ba836839387d74e1a4
    Reviewed-on: https://gerrit.libreoffice.org/6398
    Reviewed-by: Caolán McNamara <caolanm at redhat.com>
    Tested-by: Caolán McNamara <caolanm at redhat.com>
    Reviewed-by: Björn Michaelsen <bjoern.michaelsen at canonical.com>

diff --git a/vcl/generic/fontmanager/fontconfig.cxx b/vcl/generic/fontmanager/fontconfig.cxx
index fb3bae2..20e7768 100644
--- a/vcl/generic/fontmanager/fontconfig.cxx
+++ b/vcl/generic/fontmanager/fontconfig.cxx
@@ -854,6 +854,49 @@ namespace
 #endif
     }
 
+    //returns true if the given code-point couldn't possibly be in rLangTag.
+    bool isImpossibleCodePointForLang(const LanguageTag &rLangTag, sal_uInt32 currentChar)
+    {
+        //a non-default script is set, lets believe it
+        if (rLangTag.hasScript())
+            return false;
+
+        int32_t script = u_getIntPropertyValue(currentChar, UCHAR_SCRIPT);
+        UScriptCode eScript = static_cast<UScriptCode>(script);
+        bool bIsImpossible = false;
+        OUString sLang = rLangTag.getLanguage();
+        switch (eScript)
+        {
+            //http://en.wiktionary.org/wiki/Category:Oriya_script_languages
+            case USCRIPT_ORIYA:
+                bIsImpossible =
+                    sLang != "or" &&
+                    sLang != "kxv";
+                break;
+            //http://en.wiktionary.org/wiki/Category:Telugu_script_languages
+            case USCRIPT_TELUGU:
+                bIsImpossible =
+                    sLang != "te" &&
+                    sLang != "gon" &&
+                    sLang != "kfc";
+                break;
+            //http://en.wiktionary.org/wiki/Category:Bengali_script_languages
+            case USCRIPT_BENGALI:
+                bIsImpossible =
+                    sLang != "bn" &&
+                    sLang != "as" &&
+                    sLang != "bpy" &&
+                    sLang != "ctg" &&
+                    sLang != "sa";
+                break;
+            default:
+                break;
+        }
+        SAL_WARN_IF(bIsImpossible, "vcl", "Throwing away user set language of "
+            << sLang << " for finding a font for glyph fallback and autodetecting instead");
+        return bIsImpossible;
+    }
+
     LanguageTag getExemplerLangTagForCodePoint(sal_uInt32 currentChar)
     {
         int32_t script = u_getIntPropertyValue(currentChar, UCHAR_SCRIPT);
@@ -961,6 +1004,10 @@ bool PrintFontManager::Substitute( FontSelectPattern &rPattern, OUString& rMissi
             // also handle unicode surrogates
             const sal_uInt32 nCode = rMissingCodes.iterateCodePoints( &nStrIndex );
             FcCharSetAddChar( unicodes, nCode );
+            //if the codepoint is impossible for this lang tag, then clear it
+            //and autodetect something useful
+            if (!aLangAttrib.isEmpty() && isImpossibleCodePointForLang(aLangTag, nCode))
+                aLangAttrib = OString();
             //#i105784#/rhbz#527719  improve selection of fallback font
             if (aLangAttrib.isEmpty())
             {
diff --git a/vcl/generic/glyphs/gcach_layout.cxx b/vcl/generic/glyphs/gcach_layout.cxx
index 833cf4f..848f4cb 100644
--- a/vcl/generic/glyphs/gcach_layout.cxx
+++ b/vcl/generic/glyphs/gcach_layout.cxx
@@ -41,6 +41,10 @@
 #include <unicode/uscript.h>
 #include <unicode/ubidi.h>
 
+#include <com/sun/star/lang/XMultiServiceFactory.hpp>
+#include <com/sun/star/i18n/CharacterIteratorMode.hpp>
+#include <comphelper/processfactory.hxx>
+
 // =======================================================================
 // layout implementation for ServerFont
 // =======================================================================
@@ -90,23 +94,42 @@ void ServerFontLayout::AdjustLayout( ImplLayoutArgs& rArgs )
     }
 }
 
-// =======================================================================
-
-static bool lcl_CharIsJoiner(sal_Unicode cChar)
+void ServerFontLayout::setNeedFallback(ImplLayoutArgs& rArgs, sal_Int32 nCharPos,
+    bool bRightToLeft)
 {
-    return ((cChar == 0x200C) || (cChar == 0x200D));
-}
+    if (nCharPos < 0)
+        return;
 
-static bool needPreviousCode(sal_Unicode cChar)
-{
-    return lcl_CharIsJoiner(cChar) || U16_IS_LEAD(cChar);
-}
+    using namespace ::com::sun::star;
 
-static bool needNextCode(sal_Unicode cChar)
-{
-    return lcl_CharIsJoiner(cChar) || U16_IS_TRAIL(cChar);
+    if (!mxBreak.is())
+    {
+        uno::Reference< lang::XMultiServiceFactory > xFactory =
+            comphelper::getProcessServiceFactory();
+        mxBreak = uno::Reference< i18n::XBreakIterator >(xFactory->createInstance(
+            "com.sun.star.i18n.BreakIterator"), uno::UNO_QUERY);
+    }
+
+    LanguageTag aLangTag(rArgs.meLanguage);
+    lang::Locale aLocale(aLangTag.getLocale());
+
+    //if position nCharPos is missing in the font, grab the entire grapheme and
+    //mark all glyphs as missing so the whole thing is rendered with the same
+    //font
+    OUString aRun(rArgs.mpStr);
+    sal_Int32 nDone;
+    sal_Int32 nGraphemeStartPos =
+        mxBreak->previousCharacters(aRun, nCharPos+1, aLocale,
+            i18n::CharacterIteratorMode::SKIPCELL, 1, nDone);
+    sal_Int32 nGraphemeEndPos =
+        mxBreak->nextCharacters(aRun, nCharPos, aLocale,
+            i18n::CharacterIteratorMode::SKIPCELL, 1, nDone);
+
+    rArgs.NeedFallback(nGraphemeStartPos, nGraphemeEndPos, bRightToLeft);
 }
 
+// =======================================================================
+
 std::ostream &operator <<(std::ostream& s, ServerFont* pFont)
 {
 #ifndef SAL_LOG_INFO
@@ -427,9 +450,7 @@ bool HbLayoutEngine::layout(ServerFontLayout& rLayout, ImplLayoutArgs& rArgs)
             // if needed request glyph fallback by updating LayoutArgs
             if (!nGlyphIndex)
             {
-                if (nCharPos >= 0)
-                    rArgs.NeedFallback(nCharPos, bRightToLeft);
-
+                rLayout.setNeedFallback(rArgs, nCharPos, bRightToLeft);
                 if (SAL_LAYOUT_FOR_FALLBACK & rArgs.mnFlags)
                     continue;
             }
@@ -1032,15 +1053,7 @@ bool IcuLayoutEngine::layout(ServerFontLayout& rLayout, ImplLayoutArgs& rArgs)
             // if needed request glyph fallback by updating LayoutArgs
             if( !nGlyphIndex )
             {
-                if( nCharPos >= 0 )
-                {
-                    rArgs.NeedFallback( nCharPos, bRightToLeft );
-                    if ( (nCharPos > 0) && needPreviousCode(rArgs.mpStr[nCharPos-1]) )
-                        rArgs.NeedFallback( nCharPos-1, bRightToLeft );
-                    else if ( (nCharPos + 1 < nEndRunPos) && needNextCode(rArgs.mpStr[nCharPos+1]) )
-                        rArgs.NeedFallback( nCharPos+1, bRightToLeft );
-                }
-
+                rLayout.setNeedFallback(rArgs, nCharPos, bRightToLeft);
                 if( SAL_LAYOUT_FOR_FALLBACK & rArgs.mnFlags )
                     continue;
             }
diff --git a/vcl/inc/generic/glyphcache.hxx b/vcl/inc/generic/glyphcache.hxx
index a7363f9..d6cdee1 100644
--- a/vcl/inc/generic/glyphcache.hxx
+++ b/vcl/inc/generic/glyphcache.hxx
@@ -37,6 +37,7 @@ class ImplFontOptions;
 #include <boost/unordered_map.hpp>
 #include <boost/unordered_set.hpp>
 #include <boost/shared_ptr.hpp>
+#include <com/sun/star/i18n/XBreakIterator.hpp>
 
 namespace basegfx { class B2DPolyPolygon; }
 
@@ -311,6 +312,7 @@ class VCL_DLLPUBLIC ServerFontLayout : public GenericSalLayout
 {
 private:
     ServerFont&     mrServerFont;
+    com::sun::star::uno::Reference<com::sun::star::i18n::XBreakIterator> mxBreak;
 
     // enforce proper copy semantic
     SAL_DLLPRIVATE  ServerFontLayout( const ServerFontLayout& );
@@ -323,6 +325,9 @@ public:
     virtual bool    LayoutText( ImplLayoutArgs& );
     virtual void    AdjustLayout( ImplLayoutArgs& );
     virtual void    DrawText( SalGraphics& ) const;
+    void            setNeedFallback(ImplLayoutArgs& rArgs, sal_Int32 nIndex,
+                        bool bRightToLeft);
+
     ServerFont&     GetServerFont() const   { return mrServerFont; }
 };
 
commit 298dd93c266ca1ab48704c10961069b8a6852c1e
Author: László Németh <nemeth at numbertext.org>
Date:   Tue Oct 22 17:34:23 2013 +0200

    librelogo: fix black (not refreshed) invisible filling color
    
    Change-Id: Iabfd91f7c72f3dc30f9f1cebe3dfb45a7d1f6763
    Reviewed-on: https://gerrit.libreoffice.org/6381
    Reviewed-by: Miklos Vajna <vmiklos at collabora.co.uk>
    Tested-by: Miklos Vajna <vmiklos at collabora.co.uk>

diff --git a/librelogo/source/LibreLogo/LibreLogo.py b/librelogo/source/LibreLogo/LibreLogo.py
index f0b78bf..84be810 100644
--- a/librelogo/source/LibreLogo/LibreLogo.py
+++ b/librelogo/source/LibreLogo/LibreLogo.py
@@ -48,7 +48,7 @@ __COLORS__ = ['BLACK', 0x000000], ['SILVER', 0xc0c0c0], ['GRAY', 0x808080], \
     ['AQUA', 0x00ffff], ['PINK', 0xffc0cb], ['TOMATO', 0xff6347], \
     ['ORANGE', 0xffa500], ['GOLD', 0xffd700], ['VIOLET', 0x9400d3], \
     ['SKYBLUE', 0x87ceeb], ['CHOCOLATE', 0xd2691e], ['BROWN', 0xa52a2a], \
-    ['INVISIBLE', 0xff000000]
+    ['INVISIBLE', 0xffffffff]
 __STRCONST__ = [i[0] for i in __COLORS__] + ['NONE', 'BEVEL', 'MITER', 'ROUNDED', 'SOLID', 'DASH', 'DOTTED', 'BOLD', 'ITALIC', 'UPRIGHT', 'NORMAL', "HOUR", "PT", "INCH", "MM", "CM"]
 __SLEEP_SLICE_IN_MILLISECONDS__ = 500
 __PT_TO_TWIP__ = 20
commit 14611a19e9107cc295e8624dc44b8fcb140c0cb9
Author: Lionel Elie Mamane <lionel at mamane.lu>
Date:   Mon Oct 14 17:59:10 2013 +0200

    fdo#68657 bool->string conversion to 1/0, not "true"/"false
    
    This matches what OO.org / older versions of LibreOffice did, and which was inadvertently changed in 2bd856e6
    
    Change-Id: I1d45ea975a096c599a996caafc41e4aa06d35fcd
    Reviewed-on: https://gerrit.libreoffice.org/6274
    Reviewed-by: David Ostrovsky <David.Ostrovsky at gmx.de>
    Reviewed-by: Caolán McNamara <caolanm at redhat.com>
    Tested-by: Caolán McNamara <caolanm at redhat.com>

diff --git a/connectivity/qa/connectivity/commontools/FValue_test.cxx b/connectivity/qa/connectivity/commontools/FValue_test.cxx
index b460f64..73b8af5 100644
--- a/connectivity/qa/connectivity/commontools/FValue_test.cxx
+++ b/connectivity/qa/connectivity/commontools/FValue_test.cxx
@@ -46,6 +46,8 @@ public:
     void test_float();
     void test_double();
 
+    void test_getString();
+
     CPPUNIT_TEST_SUITE(FValueTest);
 
     CPPUNIT_TEST(test_Bool);
@@ -65,6 +67,7 @@ public:
     CPPUNIT_TEST(test_float);
     CPPUNIT_TEST(test_double);
 
+    CPPUNIT_TEST(test_getString);
     CPPUNIT_TEST_SUITE_END();
 };
 
@@ -283,6 +286,27 @@ void FValueTest::test_double()
     CPPUNIT_ASSERT_MESSAGE("double conversion from Any didn't work", src_double == trg_double);
 }
 
+void FValueTest::test_getString()
+{
+    bool src_bool_1 = true;
+    ORowSetValue v_1(src_bool_1);
+    OUString trg_bool_1 = v_1.getString();
+
+    std::cerr << "src_bool_1" << src_bool_1 << std::endl;
+    std::cerr << "trg_bool_1: " << trg_bool_1 << std::endl;
+
+    CPPUNIT_ASSERT_MESSAGE("bool to string conversion to ORowSetValue didn't work", trg_bool_1 == "1");
+
+    bool src_bool_0 = false;
+    ORowSetValue v_0(src_bool_0);
+    OUString trg_bool_0 = v_0.getString();
+
+    std::cerr << "src_bool_0" << src_bool_0 << std::endl;
+    std::cerr << "trg_bool_0: " << trg_bool_0 << std::endl;
+
+    CPPUNIT_ASSERT_MESSAGE("bool to string conversion to ORowSetValue didn't work", trg_bool_0 == "0");
+}
+
 CPPUNIT_TEST_SUITE_REGISTRATION(FValueTest);
 
 }}
diff --git a/connectivity/source/commontools/FValue.cxx b/connectivity/source/commontools/FValue.cxx
index 770b34e..0dd208c 100644
--- a/connectivity/source/commontools/FValue.cxx
+++ b/connectivity/source/commontools/FValue.cxx
@@ -27,6 +27,8 @@
 #include <com/sun/star/io/XInputStream.hpp>
 #include <rtl/ustrbuf.hxx>
 #include <rtl/logfile.hxx>
+#include <boost/type_traits.hpp>
+#include <boost/static_assert.hpp>
 
 using namespace ::dbtools;
 using namespace ::com::sun::star::sdbc;
@@ -1007,7 +1009,12 @@ OUString ORowSetValue::getString( ) const
                 break;
             case DataType::BIT:
             case DataType::BOOLEAN:
-                aRet = OUString::boolean(static_cast<bool>(*this));
+                // This would be the natural choice,
+                // but historically it was converted to "0" or "1".
+                // For backwards compatibility, continue doing that.
+                // aRet = OUString::boolean(static_cast<bool>(*this));
+                BOOST_STATIC_ASSERT((boost::is_same< sal_Bool, sal_uInt8 >::value));
+                aRet = OUString::number(static_cast<sal_Bool>(*this));
                 break;
             case DataType::TINYINT:
             case DataType::SMALLINT:
commit 80fff5bd1335494479ff7223cd99db7f6df769ab
Author: David Tardon <dtardon at redhat.com>
Date:   Fri Oct 18 10:52:04 2013 +0200

    fdo#70480 do not crash reading malformed zip
    
    Change-Id: Ibbdf7ce4979f8452c4a662cc9ae3f598cce23126
    (cherry picked from commit f2422ab90d92104915b93e96f647a89bbf55ad30)
    Signed-off-by: David Tardon <dtardon at redhat.com>
    Reviewed-on: https://gerrit.libreoffice.org/6313
    Reviewed-by: Caolán McNamara <caolanm at redhat.com>
    Tested-by: Caolán McNamara <caolanm at redhat.com>

diff --git a/libvisio/0001-fdo-70480-do-not-crash-reading-malformed-zip.patch b/libvisio/0001-fdo-70480-do-not-crash-reading-malformed-zip.patch
new file mode 100644
index 0000000..6c7135f
--- /dev/null
+++ b/libvisio/0001-fdo-70480-do-not-crash-reading-malformed-zip.patch
@@ -0,0 +1,26 @@
+From 410f564d9a728b983cf11ba9b3eadfc7d59c187c Mon Sep 17 00:00:00 2001
+From: David Tardon <dtardon at redhat.com>
+Date: Thu, 17 Oct 2013 10:35:34 +0200
+Subject: [PATCH] fdo#70480 do not crash reading malformed zip
+
+Change-Id: Ia37e8be5172a49669cb9f7271c5401ca88f39072
+---
+ src/lib/VSDZipStream.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/lib/VSDZipStream.cpp b/src/lib/VSDZipStream.cpp
+index 3b3e08a..1c12d56 100644
+--- a/src/lib/VSDZipStream.cpp
++++ b/src/lib/VSDZipStream.cpp
+@@ -203,6 +203,8 @@ bool libvisio::VSDZipStreamImpl::isZipStream()
+     return false;
+   if (!readCentralDirectory(end))
+     return false;
++  if (m_cdir.empty())
++    return false;
+   CentralDirectoryEntry entry = m_cdir.begin()->second;
+   m_input->seek(entry.offset, WPX_SEEK_SET);
+   LocalFileHeader header;
+-- 
+1.8.3.1
+
diff --git a/libvisio/UnpackedTarball_libvisio.mk b/libvisio/UnpackedTarball_libvisio.mk
index e4c0561..c2a2000 100644
--- a/libvisio/UnpackedTarball_libvisio.mk
+++ b/libvisio/UnpackedTarball_libvisio.mk
@@ -11,4 +11,10 @@ $(eval $(call gb_UnpackedTarball_UnpackedTarball,libvisio))
 
 $(eval $(call gb_UnpackedTarball_set_tarball,libvisio,$(VISIO_TARBALL)))
 
+$(eval $(call gb_UnpackedTarball_set_patchlevel,libvisio,1))
+
+$(eval $(call gb_UnpackedTarball_add_patches,libvisio,\
+	libvisio/0001-fdo-70480-do-not-crash-reading-malformed-zip.patch \
+))
+
 # vim: set noet sw=4 ts=4:
commit a11ae6ddf00773c6dc75e622e9df90e551d16072
Author: Tor Lillqvist <tml at collabora.com>
Date:   Tue Oct 15 18:53:34 2013 +0300

    Fix build against the 10.8 SDK
    
    Change-Id: I74adcca901e9a7c31d02779b1ee853731a55ea43
    Reviewed-on: https://gerrit.libreoffice.org/6253
    Reviewed-by: David Tardon <dtardon at redhat.com>
    Tested-by: David Tardon <dtardon at redhat.com>

diff --git a/vcl/Library_vcl.mk b/vcl/Library_vcl.mk
index 4e3df9b..ad59af9 100644
--- a/vcl/Library_vcl.mk
+++ b/vcl/Library_vcl.mk
@@ -370,6 +370,11 @@ $(eval $(call gb_Library_add_exception_objects,vcl,\
     $(vcl_coretext_code) \
 ))
 
+ifeq ($(MACOSX_SDK_VERSION),1080)
+$(eval $(call gb_Library_use_system_darwin_frameworks,vcl,\
+	ApplicationServices \
+))
+else
 ifeq ($(MACOSX_SDK_VERSION),1070)
 $(eval $(call gb_Library_use_system_darwin_frameworks,vcl,\
 	ApplicationServices \
@@ -385,6 +390,7 @@ $(eval $(call gb_Library_use_system_darwin_frameworks,vcl,\
 ))
 endif
 endif
+endif
 
 else # ATSUI
 
commit 825ddd5e46d4d2a2990a175694335feb60c4bdc6
Author: Stephan Bergmann <sbergman at redhat.com>
Date:   Thu Oct 17 18:01:47 2013 +0200

    fdo#70319 "exponent followed by at least on digit" also for special case 0.0
    
    Change-Id: I07e7917417b8a22cf6d64f2b7a447f9084b9fa2d
    (cherry picked from commit 7bbd58eafc3146abcefc73d2d1ca6869bb47ef5a)
    Reviewed-on: https://gerrit.libreoffice.org/6294
    Reviewed-by: Eike Rathke <erack at redhat.com>
    Tested-by: Eike Rathke <erack at redhat.com>

diff --git a/sal/qa/rtl/math/test-rtl-math.cxx b/sal/qa/rtl/math/test-rtl-math.cxx
index 3ebdb15..c0ccaaa 100644
--- a/sal/qa/rtl/math/test-rtl-math.cxx
+++ b/sal/qa/rtl/math/test-rtl-math.cxx
@@ -81,6 +81,12 @@ public:
         CPPUNIT_ASSERT_EQUAL(rtl_math_ConversionStatus_Ok, status);
         CPPUNIT_ASSERT_EQUAL(sal_Int32(RTL_CONSTASCII_LENGTH("1")), end);
         CPPUNIT_ASSERT_EQUAL(1.0, res);
+        res = rtl::math::stringToDouble(
+            rtl::OUString("0e"),
+            sal_Unicode('.'), sal_Unicode(','), &status, &end);
+        CPPUNIT_ASSERT_EQUAL(rtl_math_ConversionStatus_Ok, status);
+        CPPUNIT_ASSERT_EQUAL(sal_Int32(RTL_CONSTASCII_LENGTH("1")), end);
+        CPPUNIT_ASSERT_EQUAL(0.0, res);
     }
 
     CPPUNIT_TEST_SUITE(Test);
diff --git a/sal/rtl/math.cxx b/sal/rtl/math.cxx
index f66039a..3bca171 100644
--- a/sal/rtl/math.cxx
+++ b/sal/rtl/math.cxx
@@ -819,6 +819,10 @@ inline double stringToDouble(CharT const * pBegin, CharT const * pEnd,
                 // offset
                 while (p != pEnd && rtl::isAsciiDigit(*p))
                     ++p;
+                if (p == pFirstExpDigit)
+                {   // no digits in exponent, reset end of scan
+                    p = pExponent;
+                }
             }
             else
             {
commit 2cf9ab98ffe1ff06522c16d9bceb7fba22ce7c34
Author: Eike Rathke <erack at redhat.com>
Date:   Wed Oct 16 16:10:46 2013 +0200

    Resolves: rhbz#1015594 CVE-2013-2924 use-after-free
    
    Added icu.10318.CVE-2013-2924_changeset_34076.patch from
    https://ssl.icu-project.org/trac/changeset/34076 assigned to
    https://ssl.icu-project.org/trac/ticket/10318
    
    Change-Id: I93a33e59aec9b79fb8d4b1517cd0990c79ee65fb
    (cherry picked from commit 7693a4b9fbb60105d8438465db51c7afef4c3eb1)
    Reviewed-on: https://gerrit.libreoffice.org/6268
    Reviewed-by: Caolán McNamara <caolanm at redhat.com>
    Tested-by: Caolán McNamara <caolanm at redhat.com>

diff --git a/icu/UnpackedTarball_icu.mk b/icu/UnpackedTarball_icu.mk
index 3e084a9..cb01378 100644
--- a/icu/UnpackedTarball_icu.mk
+++ b/icu/UnpackedTarball_icu.mk
@@ -18,6 +18,7 @@ $(eval $(call gb_UnpackedTarball_set_pre_action,icu,\
 ))
 
 $(eval $(call gb_UnpackedTarball_add_patches,icu,\
+	icu/icu4c.10318.CVE-2013-2924_changeset_34076.patch \
 	icu/icu4c.10129.wintz.patch \
 	icu/icu4c.9948.mlym-crash.patch \
 	icu/icu4c-build.patch \
diff --git a/icu/icu4c.10318.CVE-2013-2924_changeset_34076.patch b/icu/icu4c.10318.CVE-2013-2924_changeset_34076.patch
new file mode 100644
index 0000000..90f50ab
--- /dev/null
+++ b/icu/icu4c.10318.CVE-2013-2924_changeset_34076.patch
@@ -0,0 +1,36 @@
+Index: /icu/trunk/source/i18n/csrucode.cpp
+===================================================================
+--- a/orig.icu/source/i18n/csrucode.cpp	(revision 34075)
++++ b/icu/source/i18n/csrucode.cpp	(revision 34076)
+@@ -1,5 +1,5 @@
+ /*
+  **********************************************************************
+- *   Copyright (C) 2005-2012, International Business Machines
++ *   Copyright (C) 2005-2013, International Business Machines
+  *   Corporation and others.  All Rights Reserved.
+  **********************************************************************
+@@ -34,6 +34,7 @@
+     const uint8_t *input = textIn->fRawInput;
+     int32_t confidence = 0;
++    int32_t length = textIn->fRawLength;
+ 
+-    if (input[0] == 0xFE && input[1] == 0xFF) {
++    if (length >=2 && input[0] == 0xFE && input[1] == 0xFF) {
+         confidence = 100;
+     }
+@@ -58,6 +59,7 @@
+     const uint8_t *input = textIn->fRawInput;
+     int32_t confidence = 0;
++    int32_t length = textIn->fRawLength;
+ 
+-    if (input[0] == 0xFF && input[1] == 0xFE && (input[2] != 0x00 || input[3] != 0x00)) {
++    if (length >= 4 && input[0] == 0xFF && input[1] == 0xFE && (input[2] != 0x00 || input[3] != 0x00)) {
+         confidence = 100;
+     }
+@@ -82,5 +84,5 @@
+     int32_t confidence = 0;
+ 
+-    if (getChar(input, 0) == 0x0000FEFFUL) {
++    if (limit > 0 && getChar(input, 0) == 0x0000FEFFUL) {
+         hasBOM = TRUE;
+     }


More information about the Libreoffice-commits mailing list