[Libreoffice-commits] core.git: Branch 'libreoffice-5-2' - filter/source include/sal
Caolán McNamara
caolanm at redhat.com
Wed Feb 1 13:40:44 UTC 2017
filter/source/graphicfilter/ieps/ieps.cxx | 88 +++++++++++++++++-------------
include/sal/log-areas.dox | 1
2 files changed, 52 insertions(+), 37 deletions(-)
New commits:
commit 390c730b460054ec41e0ab1b807ea0c2bba4ecbd
Author: Caolán McNamara <caolanm at redhat.com>
Date: Thu Jan 26 16:01:57 2017 +0000
ofz: tidy up eps preview import
a) check that the remaining stream length is >= the 14 bytes that are
unconditionally skipped
b) make the initial security count the min of the arbitrary 100 and the
remaining stream len less that 14 bytes
c) tweak ImplGetNumber not to reduce nSecurityCount if its already 0
(cherry picked from commit 94ffb720b889c51665ebb789d84aee3b3bacb456)
ofz: check eps seeks are sane and succeeded
(cherry picked from commit f85fb724d52a0fff9c64365cd202ae8975492c05)
ofz: check if the stream is able to meet the eps len claim before reading
(cherry picked from commit e17a34e957c21a8cd2977b1b0e1c9a427c244aed)
ofz: check if the stream is able to meet the eps len claim before reading
(cherry picked from commit d1f31681623696e99b0bd9e98570cb1ebac518cc)
make this a little more readable
(cherry picked from commit cf06348d9d4be8b8460d202cebf0d995fd4f6abf)
move deref inside (laughable) nSecurityCount check
(cherry picked from commit 521723b1180a32c02a88ed47137d4242c06eaca7)
Change-Id: Ifffa6d02d492affd578fb48007704457ad635b39
0eb45e1c1ffd91682ed0ce6a6a74eab54666d715
65407bffb67449e203b8ead23554a4e88387d214
440c7f38d6588c570a411f2a97c0164e5d7d646f
83b6b0bd636b639ce0892f22f216410ce79dee03
df9a83ffa80137967d8c77d7a9b5133529fc2858
Reviewed-on: https://gerrit.libreoffice.org/33635
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos at collabora.co.uk>
diff --git a/filter/source/graphicfilter/ieps/ieps.cxx b/filter/source/graphicfilter/ieps/ieps.cxx
index ef132bb..a62c15a 100644
--- a/filter/source/graphicfilter/ieps/ieps.cxx
+++ b/filter/source/graphicfilter/ieps/ieps.cxx
@@ -69,17 +69,19 @@ static sal_uInt8* ImplSearchEntry( sal_uInt8* pSource, sal_uInt8 const * pDest,
// SecurityCount is the buffersize of the buffer in which we will parse for a number
-static long ImplGetNumber( sal_uInt8 **pBuf, sal_uInt32& nSecurityCount )
+static long ImplGetNumber(sal_uInt8* &rBuf, sal_uInt32& nSecurityCount)
{
bool bValid = true;
bool bNegative = false;
long nRetValue = 0;
- while ( ( --nSecurityCount ) && ( ( **pBuf == ' ' ) || ( **pBuf == 0x9 ) ) )
- (*pBuf)++;
- sal_uInt8 nByte = **pBuf;
- while ( nSecurityCount && ( nByte != ' ' ) && ( nByte != 0x9 ) && ( nByte != 0xd ) && ( nByte != 0xa ) )
+ while (nSecurityCount && (*rBuf == ' ' || *rBuf == 0x9))
{
- switch ( nByte )
+ ++rBuf;
+ --nSecurityCount;
+ }
+ while ( nSecurityCount && ( *rBuf != ' ' ) && ( *rBuf != 0x9 ) && ( *rBuf != 0xd ) && ( *rBuf != 0xa ) )
+ {
+ switch ( *rBuf )
{
case '.' :
// we'll only use the integer format
@@ -89,17 +91,17 @@ static long ImplGetNumber( sal_uInt8 **pBuf, sal_uInt32& nSecurityCount )
bNegative = true;
break;
default :
- if ( ( nByte < '0' ) || ( nByte > '9' ) )
+ if ( ( *rBuf < '0' ) || ( *rBuf > '9' ) )
nSecurityCount = 1; // error parsing the bounding box values
else if ( bValid )
{
nRetValue *= 10;
- nRetValue += nByte - '0';
+ nRetValue += *rBuf - '0';
}
break;
}
nSecurityCount--;
- nByte = *(++(*pBuf));
+ ++rBuf;
}
if ( bNegative )
nRetValue = -nRetValue;
@@ -399,6 +401,15 @@ static bool RenderAsBMP(const sal_uInt8* pBuf, sal_uInt32 nBytesRead, Graphic &r
return RenderAsBMPThroughConvert(pBuf, nBytesRead, rGraphic);
}
+namespace
+{
+ bool checkSeek(SvStream &rSt, sal_uInt32 nOffset)
+ {
+ const sal_uInt64 nMaxSeek(rSt.Tell() + rSt.remainingSize());
+ return (nOffset <= nMaxSeek && rSt.Seek(nOffset) == nOffset);
+ }
+}
+
// this method adds a replacement action containing the original wmf or tiff replacement,
// so the original eps can be written when storing to ODF.
void CreateMtfReplacementAction( GDIMetaFile& rMtf, SvStream& rStrm, sal_uInt32 nOrigPos, sal_uInt32 nPSSize,
@@ -416,19 +427,17 @@ void CreateMtfReplacementAction( GDIMetaFile& rMtf, SvStream& rStrm, sal_uInt32
aReplacement.WriteUInt32( nMagic ).WriteUInt32( nPPos ).WriteUInt32( nPSSize )
.WriteUInt32( nWPos ).WriteUInt32( nSizeWMF )
.WriteUInt32( nTPos ).WriteUInt32( nSizeTIFF );
- if ( nSizeWMF )
+ if (nSizeWMF && checkSeek(rStrm, nOrigPos + nPosWMF) && rStrm.remainingSize() >= nSizeWMF)
{
std::unique_ptr<sal_uInt8[]> pBuf(new sal_uInt8[ nSizeWMF ]);
- rStrm.Seek( nOrigPos + nPosWMF );
- rStrm.Read( pBuf.get(), nSizeWMF );
- aReplacement.Write( pBuf.get(), nSizeWMF );
+ rStrm.Read(pBuf.get(), nSizeWMF);
+ aReplacement.Write(pBuf.get(), nSizeWMF);
}
- if ( nSizeTIFF )
+ if (nSizeTIFF && checkSeek(rStrm, nOrigPos + nPosTIFF) && rStrm.remainingSize() >= nSizeTIFF)
{
std::unique_ptr<sal_uInt8[]> pBuf(new sal_uInt8[ nSizeTIFF ]);
- rStrm.Seek( nOrigPos + nPosTIFF );
- rStrm.Read( pBuf.get(), nSizeTIFF );
- aReplacement.Write( pBuf.get(), nSizeTIFF );
+ rStrm.Read(pBuf.get(), nSizeTIFF);
+ aReplacement.Write(pBuf.get(), nSizeTIFF);
}
rMtf.AddAction( static_cast<MetaAction*>( new MetaCommentAction( aComment, 0, static_cast<const sal_uInt8*>(aReplacement.GetData()), aReplacement.Tell() ) ) );
}
@@ -504,7 +513,7 @@ void MakePreview(sal_uInt8* pBuf, sal_uInt32 nBytesRead,
{
pDest += 16;
sal_uInt32 nCount = 4;
- long nNumber = ImplGetNumber( &pDest, nCount );
+ long nNumber = ImplGetNumber(pDest, nCount);
if ( nCount && ( (sal_uInt32)nNumber < 10 ) )
{
aString += " LanguageLevel:" + OUString::number( nNumber );
@@ -519,7 +528,6 @@ void MakePreview(sal_uInt8* pBuf, sal_uInt32 nBytesRead,
rGraphic = aMtf;
}
-
//================== GraphicImport - the exported function ================
@@ -532,7 +540,7 @@ ipsGraphicImport( SvStream & rStream, Graphic & rGraphic, FilterConfigItem* )
Graphic aGraphic;
bool bRetValue = false;
bool bHasPreview = false;
- sal_uInt32 nSignature, nPSStreamPos, nPSSize;
+ sal_uInt32 nSignature = 0, nPSStreamPos, nPSSize = 0;
sal_uInt32 nSizeWMF = 0;
sal_uInt32 nPosWMF = 0;
sal_uInt32 nSizeTIFF = 0;
@@ -549,10 +557,9 @@ ipsGraphicImport( SvStream & rStream, Graphic & rGraphic, FilterConfigItem* )
if ( nSizeWMF )
{
- if ( nPosWMF != 0 )
+ if (nPosWMF && checkSeek(rStream, nOrigPos + nPosWMF))
{
- rStream.Seek( nOrigPos + nPosWMF );
- if ( GraphicConverter::Import( rStream, aGraphic, ConvertDataFormat::WMF ) == ERRCODE_NONE )
+ if (GraphicConverter::Import(rStream, aGraphic, ConvertDataFormat::WMF) == ERRCODE_NONE)
bHasPreview = bRetValue = true;
}
}
@@ -562,9 +569,8 @@ ipsGraphicImport( SvStream & rStream, Graphic & rGraphic, FilterConfigItem* )
// else we have to get the tiff grafix
- if ( nPosTIFF && nSizeTIFF )
+ if (nPosTIFF && nSizeTIFF && checkSeek(rStream, nOrigPos + nPosTIFF))
{
- rStream.Seek( nOrigPos + nPosTIFF );
if ( GraphicConverter::Import( rStream, aGraphic, ConvertDataFormat::TIF ) == ERRCODE_NONE )
{
MakeAsMeta(aGraphic);
@@ -579,13 +585,20 @@ ipsGraphicImport( SvStream & rStream, Graphic & rGraphic, FilterConfigItem* )
nPSStreamPos = nOrigPos; // no preview available _>so we must get the size manually
nPSSize = rStream.Seek( STREAM_SEEK_TO_END ) - nOrigPos;
}
+
std::unique_ptr<sal_uInt8[]> pHeader( new sal_uInt8[ 22 ] );
rStream.Seek( nPSStreamPos );
- rStream.Read( pHeader.get(), 22 ); // check PostScript header
- if ( ImplSearchEntry( pHeader.get(), reinterpret_cast<sal_uInt8 const *>("%!PS-Adobe"), 10, 10 ) &&
- ImplSearchEntry( &pHeader[ 15 ], reinterpret_cast<sal_uInt8 const *>("EPS"), 3, 3 ) )
+ rStream.Read(pHeader.get(), 22); // check PostScript header
+ bool bOk = ImplSearchEntry(pHeader.get(), reinterpret_cast<sal_uInt8 const *>("%!PS-Adobe"), 10, 10) &&
+ ImplSearchEntry(&pHeader[ 15 ], reinterpret_cast<sal_uInt8 const *>("EPS"), 3, 3);
+ if (bOk)
+ {
+ rStream.Seek(nPSStreamPos);
+ bOk = rStream.remainingSize() >= nPSSize;
+ SAL_WARN_IF(!bOk, "filter.eps", "eps claims to be: " << nPSSize << " in size, but only " << rStream.remainingSize() << " remains");
+ }
+ if (bOk)
{
- rStream.Seek( nPSStreamPos );
std::unique_ptr<sal_uInt8[]> pBuf( new sal_uInt8[ nPSSize ] );
sal_uInt32 nBufStartPos = rStream.Tell();
@@ -601,10 +614,10 @@ ipsGraphicImport( SvStream & rStream, Graphic & rGraphic, FilterConfigItem* )
if ( pDest )
{
pDest += 15;
- long nWidth = ImplGetNumber( &pDest, nSecurityCount );
- long nHeight = ImplGetNumber( &pDest, nSecurityCount );
- long nBitDepth = ImplGetNumber( &pDest, nSecurityCount );
- long nScanLines = ImplGetNumber( &pDest, nSecurityCount );
+ long nWidth = ImplGetNumber(pDest, nSecurityCount);
+ long nHeight = ImplGetNumber(pDest, nSecurityCount);
+ long nBitDepth = ImplGetNumber(pDest, nSecurityCount);
+ long nScanLines = ImplGetNumber(pDest, nSecurityCount);
pDest = ImplSearchEntry( pDest, reinterpret_cast<sal_uInt8 const *>("%"), 16, 1 ); // go to the first Scanline
if ( nSecurityCount && pDest && nWidth && nHeight && ( ( nBitDepth == 1 ) || ( nBitDepth == 8 ) ) && nScanLines )
{
@@ -698,15 +711,16 @@ ipsGraphicImport( SvStream & rStream, Graphic & rGraphic, FilterConfigItem* )
}
sal_uInt8* pDest = ImplSearchEntry( pBuf.get(), reinterpret_cast<sal_uInt8 const *>("%%BoundingBox:"), nBytesRead, 14 );
- if ( pDest )
+ sal_uInt32 nRemainingBytes = pDest ? (nBytesRead - (pDest - pBuf.get())) : 0;
+ if (nRemainingBytes >= 14)
{
- nSecurityCount = 100;
+ pDest += 14;
+ nSecurityCount = std::min<sal_uInt32>(nRemainingBytes - 14, 100);
long nNumb[4];
nNumb[0] = nNumb[1] = nNumb[2] = nNumb[3] = 0;
- pDest += 14;
for ( int i = 0; ( i < 4 ) && nSecurityCount; i++ )
{
- nNumb[ i ] = ImplGetNumber( &pDest, nSecurityCount );
+ nNumb[ i ] = ImplGetNumber(pDest, nSecurityCount);
}
if ( nSecurityCount)
{
diff --git a/include/sal/log-areas.dox b/include/sal/log-areas.dox
index 06da4f8..ad22ad7 100644
--- a/include/sal/log-areas.dox
+++ b/include/sal/log-areas.dox
@@ -198,6 +198,7 @@ certain functionality.
@section Filter
@li @c filter.config
+ at li @c filter.eps
@li @c filter.ms - escher import/export
@li @c filter.odfflatxml
@li @c filter.os2met
More information about the Libreoffice-commits
mailing list