[Libreoffice-commits] core.git: Branch 'libreoffice-5-2' - sc/source
Michael Stahl
mstahl at redhat.com
Sun Jun 26 20:11:09 UTC 2016
sc/source/ui/unoobj/scdetect.cxx | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
New commits:
commit eb7364fffe39c1aecddcab6b9cf238475fa2013c
Author: Michael Stahl <mstahl at redhat.com>
Date: Fri Jun 24 18:24:24 2016 +0200
tdf#84834 sc: stricter type detection for dBASE files
The detection is rather sloppy, the bugdoc gets erroneously detected as
dBASE because it starts with '0', has a not-too-large header size at offset 4,
and a '\r' at a 32-byte alignment towards the start of the the not-too-large
header.
Add a plausibility check for the number of records in the file, which
helps for this bugdoc.
Change-Id: I466dfae18aa32fd62b79b9f524f22bea719721be
(cherry picked from commit 4e3ff19b33c84557fd20e68960499933b4e52638)
Reviewed-on: https://gerrit.libreoffice.org/26644
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
diff --git a/sc/source/ui/unoobj/scdetect.cxx b/sc/source/ui/unoobj/scdetect.cxx
index 3bd8ffc..bb2c407 100644
--- a/sc/source/ui/unoobj/scdetect.cxx
+++ b/sc/source/ui/unoobj/scdetect.cxx
@@ -219,14 +219,37 @@ static bool lcl_MayBeDBase( SvStream& rStream )
if ( nSize < nEmptyDbf )
return false;
+ // count of records at 4
+ rStream.Seek(4);
+ sal_uInt32 nRecords(0);
+ rStream.ReadUInt32(nRecords);
+
// length of header starts at 8
rStream.Seek(8);
sal_uInt16 nHeaderLen;
rStream.ReadUInt16( nHeaderLen );
+ // size of record at 10
+ sal_uInt16 nRecordSize(0);
+ rStream.ReadUInt16(nRecordSize);
+
if ( nHeaderLen < nEmptyDbf || nSize < nHeaderLen )
return false;
+ // see DTable.cxx ODbaseTable::readHeader()
+ if (0 == nRecordSize)
+ return false;
+
+ // see DTable.cxx ODbaseTable::construct() line 546
+ if (0 == nRecords)
+ {
+ nRecords = (nSize - nHeaderLen) / nRecordSize;
+ }
+
+ // tdf#84834 sanity check of size
+ if (0 == nRecords || nSize < nHeaderLen + nRecords * sal_uInt64(nRecordSize))
+ return false;
+
// Last byte of header must be 0x0d, this is how it's specified.
// #i9581#,#i26407# but some applications don't follow the specification
// and pad the header with one byte 0x00 to reach an
More information about the Libreoffice-commits
mailing list