[Libreoffice-commits] core.git: xmlsecurity/source
Libreoffice Gerrit user
logerrit at kemper.freedesktop.org
Wed Aug 1 13:02:41 UTC 2018
xmlsecurity/source/helper/xmlsignaturehelper.cxx | 5 +++++
1 file changed, 5 insertions(+)
New commits:
commit 9d9148ae8b78d4c6fbee397889897127ecf317b3
Author: Caolán McNamara <caolanm at redhat.com>
AuthorDate: Wed Aug 1 09:30:10 2018 +0100
Commit: Caolán McNamara <caolanm at redhat.com>
CommitDate: Wed Aug 1 15:02:15 2018 +0200
forcepoint#57 sanity check stream signature size
Change-Id: I5ae459e159a64f32c62278a87e37deb08ab9d6ac
Reviewed-on: https://gerrit.libreoffice.org/58389
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
index 1118bff743c7..d21a8a101862 100644
--- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
@@ -381,6 +381,11 @@ bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const uno::Reference<embe
sal_Int64 nSize = 0;
xPropertySet->getPropertyValue("Size") >>= nSize;
+ if (nSize < 0 || nSize > SAL_MAX_INT32)
+ {
+ SAL_WARN("xmlsecurity.helper", "bogus signature size: " << nSize);
+ continue;
+ }
uno::Sequence<sal_Int8> aData;
xInputStream->readBytes(aData, nSize);
mpXSecController->setSignatureBytes(aData);
More information about the Libreoffice-commits
mailing list