[Libreoffice-commits] core.git: Branch 'aoo/trunk' - sfx2/source

[Herbert Dürr]

 sfx2/source/appl/impldde.cxx |    7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

New commits:
commit 6b64ada6e3a902ac4b44fe49476514d49138d4d4
Author: Herbert Dürr <hdu at apache.org>
Date:   Thu Jul 10 09:11:07 2014 +0000

    #i125226# disallow absolute and relative paths for DDE servers

diff --git a/sfx2/source/appl/impldde.cxx b/sfx2/source/appl/impldde.cxx
index 76981f9..3fbcaa7 100644
--- a/sfx2/source/appl/impldde.cxx
+++ b/sfx2/source/appl/impldde.cxx
@@ -260,19 +260,20 @@ sal_Bool SvDDEObject::Connect( SvBaseLink * pSvLink )
         // check the suitability of starting the DDE server
         const SvtSecurityOptions aSecOpts;
         bool bForbidden = (aSecOpts.GetMacroSecurityLevel() == eNEVER_EXECUTE);
-        bForbidden |= (bInWinExec != sal_False);
+        bForbidden |= (sServer.SearchChar( L":./%\\") != STRING_NOTFOUND);
         static const char* aBadServers[] = { "cmd", "rundll32" };
         for( int i = 0; i < sizeof(aBadServers)/sizeof(*aBadServers); ++i)
-            bForbidden |= (sServer.CompareIgnoreCaseToAscii( aBadServers[i]) == COMPARE_EQUAL );
+            bForbidden |= (sServer.CompareIgnoreCaseToAscii( aBadServers[i]) == COMPARE_EQUAL);
 
         // try to start the DDE server if it is not there already
+        bForbidden |= (bInWinExec != sal_False);
         if( !bForbidden )
         {
             ByteString aCmdLine( sServer, RTL_TEXTENCODING_ASCII_US );
             aCmdLine.Append( ".exe " );
             aCmdLine.Append( ByteString( sTopic, RTL_TEXTENCODING_ASCII_US ) );
 
-            if( WinExec( aCmdLine.GetBuffer(), SW_SHOWMINIMIZED ) < 32 )
+            if( WinExec( aCmdLine.GetBuffer(), SW_SHOWMINIMIZED ) < 32 ) // TODO: use CreateProcess() instead
                 nError = DDELINK_ERROR_APP;
             else
             {