[Libreoffice-commits] core.git: Branch 'feature/cib_contract891' - 12 commits - embeddedobj/source filter/source hwpfilter/source include/filter include/svx lotuswordpro/source sc/source sd/source svx/source sw/inc sw/source tools/inc tools/source writerfilter/source
Caolán McNamara
caolanm at redhat.com
Mon May 28 02:37:05 UTC 2018
embeddedobj/source/commonembedding/visobj.cxx | 6
filter/source/msfilter/svdfppt.cxx | 4
hwpfilter/source/drawdef.h | 18 -
hwpfilter/source/drawing.h | 281 +++++++++++++++----------
hwpfilter/source/hbox.h | 4
hwpfilter/source/hinfo.cxx | 119 +++++++---
hwpfilter/source/hiodev.cxx | 117 ++++++----
hwpfilter/source/hiodev.h | 24 +-
hwpfilter/source/hpara.cxx | 33 ++
hwpfilter/source/htags.h | 2
hwpfilter/source/hwpfile.cxx | 96 +++++---
hwpfilter/source/hwpfile.h | 10
hwpfilter/source/hwplib.h | 11
hwpfilter/source/hwpread.cxx | 77 +++---
include/filter/msfilter/svdfppt.hxx | 12 -
include/svx/svdoole2.hxx | 17 +
lotuswordpro/source/filter/lwpidxmgr.cxx | 7
lotuswordpro/source/filter/lwpobjstrm.cxx | 2
lotuswordpro/source/filter/lwpsilverbullet.cxx | 5
lotuswordpro/source/filter/lwptabrack.cxx | 5
lotuswordpro/source/filter/lwptoc.cxx | 13 -
sc/source/core/tool/interpr7.cxx | 9
sc/source/ui/docshell/docsh.cxx | 3
sc/source/ui/docshell/docsh4.cxx | 7
sd/source/core/drawdoc.cxx | 6
sd/source/ui/docshell/docshel4.cxx | 5
svx/source/svdraw/svdoole2.cxx | 20 -
svx/source/unodraw/unoshap4.cxx | 4
sw/inc/IDocumentLinksAdministration.hxx | 2
sw/inc/doc.hxx | 2
sw/source/core/doc/docnew.cxx | 100 ++++----
sw/source/filter/basflt/shellio.cxx | 3
sw/source/filter/ww8/ww8par2.cxx | 29 +-
sw/source/filter/ww8/ww8scan.cxx | 22 +
sw/source/filter/ww8/ww8scan.hxx | 4
sw/source/filter/xml/xmltexti.cxx | 11
sw/source/ui/app/docsh.cxx | 2
tools/inc/poly.h | 2
tools/source/generic/poly.cxx | 13 -
writerfilter/source/rtftok/rtfdocumentimpl.cxx | 9
40 files changed, 697 insertions(+), 419 deletions(-)
New commits:
commit ceedd394172ce172d14d3d8647cbb50eaecb75de
Author: Caolán McNamara <caolanm at redhat.com>
Date: Tue May 1 12:57:02 2018 +0100
set Referer on link mediadescriptor
to allow determining if the source document is from a trusted/untrusted
location
Reviewed-on: https://gerrit.libreoffice.org/53693
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: Stephan Bergmann <sbergman at redhat.com>
(cherry picked from commit cd25a97bbadc0a5c1fd6b0e8603c8b6ebd051926)
Reviewed-on: https://gerrit.libreoffice.org/53803
Reviewed-by: Miklos Vajna <vmiklos at collabora.co.uk>
Reviewed-by: Mike Kaganski <mike.kaganski at collabora.com>
Tested-by: Mike Kaganski <mike.kaganski at collabora.com>
(cherry picked from commit 2d87c267267530077a94c894bc619831b01d1c04)
Conflicts:
sw/source/filter/xml/xmltexti.cxx
(cherry picked from commit d7b0063c32502f01fcec72492d131760f4fda990)
Conflicts:
sw/source/filter/xml/xmltexti.cxx
Change-Id: I780568652d2ef0cc8543c27ba26289277b5d9d0c
diff --git a/sw/source/filter/xml/xmltexti.cxx b/sw/source/filter/xml/xmltexti.cxx
index fb968ac74155..1f17c22737c8 100644
--- a/sw/source/filter/xml/xmltexti.cxx
+++ b/sw/source/filter/xml/xmltexti.cxx
@@ -572,16 +572,21 @@ uno::Reference< XPropertySet > SwXMLTextImportHelper::createAndInsertOOoLink(
uno::Sequence< beans::PropertyValue > aMediaDescriptor( 1 );
aMediaDescriptor[0].Name = "URL";
aMediaDescriptor[0].Value <<= OUString( aURLObj.GetMainURL( INetURLObject::NO_DECODE ) );
- if ( pDoc && pDoc->GetDocShell() && pDoc->GetDocShell()->GetMedium() )
+
+ if (SfxMedium* pMedium = pDoc && pDoc->GetDocShell() ? pDoc->GetDocShell()->GetMedium() : nullptr)
{
- uno::Reference< task::XInteractionHandler > xInteraction =
- pDoc->GetDocShell()->GetMedium()->GetInteractionHandler();
+ uno::Reference< task::XInteractionHandler > xInteraction = pMedium->GetInteractionHandler();
if ( xInteraction.is() )
{
aMediaDescriptor.realloc( 2 );
aMediaDescriptor[1].Name = "InteractionHandler";
aMediaDescriptor[1].Value <<= xInteraction;
}
+
+ const sal_Int32 nLen = aMediaDescriptor.getLength() + 1;
+ aMediaDescriptor.realloc(nLen);
+ aMediaDescriptor[nLen - 1].Name = "Referer";
+ aMediaDescriptor[nLen - 1].Value <<= pMedium->GetName();
}
uno::Reference < embed::XEmbeddedObject > xObj(
commit 40560e91fbdd7983266cd0a2fc31185202fb2db0
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Jan 10 14:27:35 2018 +0000
limit WEBSERVICE to http[s] protocols
and like excel...
'For protocols that aren’t supported, such as ftp:// or file://, WEBSERVICE
returns the #VALUE! error value.'
Change-Id: I0e9c6fd3426fad56a199eafac48de9b0f23914b3
Reviewed-on: https://gerrit.libreoffice.org/47776
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: Markus Mohrhard <markus.mohrhard at googlemail.com>
(cherry picked from commit ba5b15af67d143aa3a394e7efe52577d199cdac7)
diff --git a/sc/source/core/tool/interpr7.cxx b/sc/source/core/tool/interpr7.cxx
index aa07090cdd41..6c93134c086e 100644
--- a/sc/source/core/tool/interpr7.cxx
+++ b/sc/source/core/tool/interpr7.cxx
@@ -11,6 +11,7 @@
#include <rtl/strbuf.hxx>
#include <formula/errorcodes.hxx>
#include <svtools/miscopt.hxx>
+#include <tools/urlobj.hxx>
#include <com/sun/star/ucb/XSimpleFileAccess3.hpp>
#include <com/sun/star/ucb/SimpleFileAccess.hpp>
@@ -164,6 +165,14 @@ void ScInterpreter::ScWebservice()
return;
}
+ INetURLObject aObj(aURI, INET_PROT_FILE);
+ INetProtocol eProtocol = aObj.GetProtocol();
+ if (eProtocol != INET_PROT_HTTP && eProtocol != INET_PROT_HTTPS)
+ {
+ PushError( errNoValue );
+ return;
+ }
+
uno::Reference< ucb::XSimpleFileAccess3 > xFileAccess( ucb::SimpleFileAccess::create( comphelper::getProcessComponentContext() ), uno::UNO_QUERY );
if(!xFileAccess.is())
{
commit a2164fc2eb4f67b5ed62a593706ee68adabc07f1
Author: Caolán McNamara <caolanm at redhat.com>
Date: Sun May 27 23:52:15 2018 +0200
add ww6 test dir and fix a crash
Change-Id: Id08176640672095c03e0b124cd65a9dce26ac2db
diff --git a/sw/source/filter/ww8/ww8par2.cxx b/sw/source/filter/ww8/ww8par2.cxx
index fcb5b504e459..1871ecd0cfdf 100644
--- a/sw/source/filter/ww8/ww8par2.cxx
+++ b/sw/source/filter/ww8/ww8par2.cxx
@@ -4272,6 +4272,14 @@ void WW8RStyle::ImportOldFormatStyles()
std::vector< std::vector<sal_uInt8> > aConvertedChpx;
while (nByteCount < cbChpx)
{
+ if (stcp == aCHPXOffsets.size())
+ {
+ //more data than style slots, skip remainder
+ rSt.SeekRel(cbChpx-nByteCount);
+ nByteCount += cbChpx-nByteCount;
+ break;
+ }
+
sal_uInt8 cb;
rSt >> cb;
nByteCount++;
@@ -4294,12 +4302,7 @@ void WW8RStyle::ImportOldFormatStyles()
else
aConvertedChpx.push_back( std::vector<sal_uInt8>() );
- stcp++;
- if (stcp == nStyles)
- {
- rSt.SeekRel(cbChpx-nByteCount);
- nByteCount += cbChpx-nByteCount;
- }
+ ++stcp;
}
std::vector<pxoffset> aPAPXOffsets(stcp);
@@ -4309,6 +4312,12 @@ void WW8RStyle::ImportOldFormatStyles()
stcp=0;
while (nByteCount < cbPapx)
{
+ if (stcp == aPAPXOffsets.size())
+ {
+ rSt.SeekRel(cbPapx-nByteCount);
+ nByteCount += cbPapx-nByteCount;
+ }
+
sal_uInt8 cb;
rSt >> cb;
nByteCount++;
@@ -4330,13 +4339,7 @@ void WW8RStyle::ImportOldFormatStyles()
nByteCount += nRemainder;
}
- stcp++;
-
- if (stcp == nStyles)
- {
- rSt.SeekRel(cbPapx-nByteCount);
- nByteCount += cbPapx-nByteCount;
- }
+ ++stcp;
}
sal_uInt16 iMac;
commit 1697c7ab95581c67435a11798451fa63d6002938
Author: Caolán McNamara <caolanm at redhat.com>
Date: Sun May 27 23:51:33 2018 +0200
fix crash on loading certain ppts
Change-Id: I544a67e3706c7d12414cc075118ef2f0f5ddd0f6
diff --git a/filter/source/msfilter/svdfppt.cxx b/filter/source/msfilter/svdfppt.cxx
index 750316a9c0dd..3e14d77d258a 100644
--- a/filter/source/msfilter/svdfppt.cxx
+++ b/filter/source/msfilter/svdfppt.cxx
@@ -4049,13 +4049,13 @@ PPTStyleSheet::PPTStyleSheet( const DffRecordHeader& rSlideHd, SvStream& rIn, Sd
rIn >> aTxMasterStyleHd;
if ( aTxMasterStyleHd.nRecType == PPT_PST_TxMasterStyleAtom )
{
- sal_uInt16 nLevelAnz;
+ sal_uInt16 nLevelAnz(0);
rIn >> nLevelAnz;
sal_uInt16 nLev = 0;
sal_Bool bFirst = sal_True;
bFoundTxMasterStyleAtom04 = sal_True;
- while ( rIn.GetError() == 0 && rIn.Tell() < aTxMasterStyleHd.GetRecEndFilePos() && nLev < nLevelAnz )
+ while ( rIn.GetError() == 0 && rIn.Tell() < aTxMasterStyleHd.GetRecEndFilePos() && nLev < nLevelAnz && nLev < nMaxPPTLevels)
{
if ( nLev )
{
diff --git a/include/filter/msfilter/svdfppt.hxx b/include/filter/msfilter/svdfppt.hxx
index a298da929f12..d00a4f7fc89c 100644
--- a/include/filter/msfilter/svdfppt.hxx
+++ b/include/filter/msfilter/svdfppt.hxx
@@ -165,6 +165,8 @@ const sal_uInt32 PPTInventor = sal_uInt32('P') * 0x00000001
+ sal_uInt32('T') * 0x00010000
+ sal_uInt32('0') * 0x01000000;
+const int nMaxPPTLevels = 5;
+
// Object-Ids fuer StarDraw UserData
#define PPT_OBJECTINFO_ID (1)
@@ -696,7 +698,7 @@ struct PPTExtParaLevel
struct PPTExtParaSheet
{
- PPTExtParaLevel aExtParaLevel[ 5 ];
+ PPTExtParaLevel aExtParaLevel[nMaxPPTLevels];
};
struct PPTBuGraEntry
@@ -743,7 +745,7 @@ struct PPTCharLevel
struct PPTCharSheet
{
- PPTCharLevel maCharLevel[ 5 ];
+ PPTCharLevel maCharLevel[nMaxPPTLevels];
explicit PPTCharSheet( sal_uInt32 nInstance );
PPTCharSheet( const PPTCharSheet& rCharSheet );
@@ -776,7 +778,7 @@ struct PPTParaSheet
{
public:
- PPTParaLevel maParaLevel[ 5 ];
+ PPTParaLevel maParaLevel[nMaxPPTLevels];
explicit PPTParaSheet( sal_uInt32 nInstance );
PPTParaSheet( const PPTParaSheet& rParaSheet );
@@ -959,8 +961,8 @@ struct PPTRuler
sal_Int32 nFlags;
sal_uInt16 nDefaultTab;
- sal_uInt16 nTextOfs[ 5 ];
- sal_uInt16 nBulletOfs[ 5 ];
+ sal_uInt16 nTextOfs[nMaxPPTLevels];
+ sal_uInt16 nBulletOfs[nMaxPPTLevels];
PPTTabEntry* pTab;
sal_uInt16 nTabCount;
commit 24d92c8657503f9ca949c4012ad0b8909e9e3e88
Author: Caolán McNamara <caolanm at redhat.com>
Date: Sun May 27 23:45:25 2018 +0200
rtf: m_aStates can be empty in the inner condition
Change-Id: Id262a3019a693f236630b798579f360c9462d12e
diff --git a/writerfilter/source/rtftok/rtfdocumentimpl.cxx b/writerfilter/source/rtftok/rtfdocumentimpl.cxx
index f9ec8fbbd80e..c1733c57d515 100644
--- a/writerfilter/source/rtftok/rtfdocumentimpl.cxx
+++ b/writerfilter/source/rtftok/rtfdocumentimpl.cxx
@@ -439,8 +439,13 @@ void RTFDocumentImpl::setNeedSect(bool bNeedSect)
writerfilter::Reference<Properties>::Pointer_t RTFDocumentImpl::getProperties(RTFSprms& rAttributes, RTFSprms& rSprms)
{
- int nStyle = m_aStates.top().nCurrentStyleIndex;
- RTFReferenceTable::Entries_t::iterator it = m_aStyleTableEntries.find(nStyle);
+ RTFReferenceTable::Entries_t::iterator it = m_aStyleTableEntries.end();
+ if (!m_aStates.empty())
+ {
+ int nStyle = m_aStates.top().nCurrentStyleIndex;
+ it = m_aStyleTableEntries.find(nStyle);
+ }
+
if (it != m_aStyleTableEntries.end())
{
RTFReferenceProperties& rProps = *(RTFReferenceProperties*)it->second.get();
commit 4a666eae740a888e9fecf5dd6ec370fb044bc377
Author: Caolán McNamara <caolanm at redhat.com>
Date: Sun May 27 23:39:50 2018 +0200
ofz#372 check if ImplSplit succeeded
(cherry picked from commit 62a97e6a561ce65e88d4c537a1b82c336f012722)
(cherry picked from commit 6431e2bff67e81b4aff4e3b52e67903e1cd566f3)
Reviewed-on: https://gerrit.libreoffice.org/32640
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: Markus Mohrhard <markus.mohrhard at googlemail.com>
Change-Id: I1e34295fe3ee5f77e787f583616d52fa92a0eca4
diff --git a/tools/inc/poly.h b/tools/inc/poly.h
index 93f1096dfc95..8e59aa11aa6d 100644
--- a/tools/inc/poly.h
+++ b/tools/inc/poly.h
@@ -42,7 +42,7 @@ public:
void ImplSetSize( sal_uInt16 nSize, bool bResize = true );
void ImplCreateFlagArray();
- void ImplSplit( sal_uInt16 nPos, sal_uInt16 nSpace, ImplPolygon* pInitPoly = NULL );
+ bool ImplSplit( sal_uInt16 nPos, sal_uInt16 nSpace, ImplPolygon* pInitPoly = NULL );
};
#define MAX_POLYGONS ((sal_uInt16)0x3FF0)
diff --git a/tools/source/generic/poly.cxx b/tools/source/generic/poly.cxx
index 1caec3787062..9a1474125fb9 100644
--- a/tools/source/generic/poly.cxx
+++ b/tools/source/generic/poly.cxx
@@ -207,13 +207,16 @@ void ImplPolygon::ImplSetSize( sal_uInt16 nNewSize, bool bResize )
mnPoints = nNewSize;
}
-void ImplPolygon::ImplSplit( sal_uInt16 nPos, sal_uInt16 nSpace, ImplPolygon* pInitPoly )
+bool ImplPolygon::ImplSplit( sal_uInt16 nPos, sal_uInt16 nSpace, ImplPolygon* pInitPoly )
{
const sal_uIntPtr nSpaceSize = nSpace * sizeof( Point );
//Can't fit this in :-(, throw ?
if (mnPoints + nSpace > USHRT_MAX)
- return;
+ {
+ SAL_WARN("tools", "Polygon needs " << mnPoints + nSpace << " points, but only " << USHRT_MAX << " possible");
+ return false;
+ }
const sal_uInt16 nNewSize = mnPoints + nSpace;
@@ -268,6 +271,8 @@ void ImplPolygon::ImplSplit( sal_uInt16 nPos, sal_uInt16 nSpace, ImplPolygon* pI
mpPointAry = pNewAry;
mnPoints = nNewSize;
}
+
+ return true;
}
void ImplPolygon::ImplCreateFlagArray()
@@ -1467,8 +1472,8 @@ void Polygon::Insert( sal_uInt16 nPos, const Point& rPt, PolyFlags eFlags )
if( nPos >= mpImplPolygon->mnPoints )
nPos = mpImplPolygon->mnPoints;
- mpImplPolygon->ImplSplit( nPos, 1 );
- mpImplPolygon->mpPointAry[ nPos ] = rPt;
+ if (mpImplPolygon->ImplSplit( nPos, 1 ))
+ mpImplPolygon->mpPointAry[ nPos ] = rPt;
if( POLY_NORMAL != eFlags )
{
commit f53358310a4e69e38f6c2c805cdc3887afbb3749
Author: Caolán McNamara <caolanm at redhat.com>
Date: Sun May 27 23:23:41 2018 +0200
disable generation of ole previews in ODF format until after load
so the user update links dialog can control their generation
SdrEmbedObjectLink becomes exposed to calc so it can
detect if the link dialog needs to be used to update
ole links.
Reviewed-on: https://gerrit.libreoffice.org/28879
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
(cherry picked from commit 74844277cc2194c9e43f5bd7a6f78a9603da32f3)
detangle gadzillion checks into something readable
no logic change intended
(cherry picked from commit fad9786b06d188ba6e354620f57176f3d94a6637)
Unmodified default SdrOle2Obj size is 101x101
svx/source/unodraw/unoshape.cxx
sets a css::awt::Size maSize to 100, 100
svx/source/unodraw/unopage.cxx
increases that by 1, 1
awt::Size aSize = xShape->getSize();
aSize.Width += 1;
aSize.Height += 1;
to call SdrObjFactory::MakeNewObject with 101, 101
so default size is 101x101 (getWidth() vs GetWidth() confusion ?)
Reviewed-on: https://gerrit.libreoffice.org/28895
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
(cherry picked from commit 7f0a219c9ad38ae33b51ff69d545f69659691c1e)
Reviewed-on: https://gerrit.libreoffice.org/28926
Reviewed-by: Michael Stahl <mstahl at redhat.com>
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: Eike Rathke <erack at redhat.com>
Tested-by: Eike Rathke <erack at redhat.com>
Change-Id: Id1dd7ea17342140eab9307d546528747e3a98090
b6af93afc1f80b7fc36239c96d5e0a71fcbcb789
4d4375dff64d7b8e236d1a24322e749e04ee530f
diff --git a/embeddedobj/source/commonembedding/visobj.cxx b/embeddedobj/source/commonembedding/visobj.cxx
index c913a857b164..3137dbd84eb8 100644
--- a/embeddedobj/source/commonembedding/visobj.cxx
+++ b/embeddedobj/source/commonembedding/visobj.cxx
@@ -174,7 +174,11 @@ embed::VisualRepresentation SAL_CALL OCommonEmbeddedObject::getPreferredVisualRe
sal_Bool bBackToLoaded = sal_False;
if ( m_nObjectState == embed::EmbedStates::LOADED )
{
- changeState( embed::EmbedStates::RUNNING );
+ awt::Size aOrigSize = getVisualAreaSize(nAspect);
+ changeState(embed::EmbedStates::RUNNING);
+ awt::Size aNewSize = getVisualAreaSize(nAspect);
+ if (aOrigSize.Width != aNewSize.Width || aOrigSize.Height != aNewSize.Height)
+ setVisualAreaSize(nAspect, aOrigSize);
// the links should be switched back to loaded state for now to avoid locking problems
bBackToLoaded = m_bIsLink;
diff --git a/include/svx/svdoole2.hxx b/include/svx/svdoole2.hxx
index c2cad4ba3ed8..af577cd72c4a 100644
--- a/include/svx/svdoole2.hxx
+++ b/include/svx/svdoole2.hxx
@@ -30,6 +30,8 @@
#include <vcl/gdimtf.hxx>
#include <sot/storage.hxx>
#include <svx/svxdllapi.h>
+#include <sfx2/lnkbase.hxx>
+#include <sfx2/linkmgr.hxx>
//************************************************************
// SdrOle2Obj
@@ -193,6 +195,21 @@ public:
virtual SdrObject* DoConvertToPolyObj(sal_Bool bBezier, bool bAddText) const;
};
+class SVX_DLLPUBLIC SdrEmbedObjectLink : public sfx2::SvBaseLink
+{
+ SdrOle2Obj* pObj;
+
+public:
+ explicit SdrEmbedObjectLink(SdrOle2Obj* pObj);
+ virtual ~SdrEmbedObjectLink();
+
+ virtual void Closed() override;
+ virtual ::sfx2::SvBaseLink::UpdateResult DataChanged(
+ const OUString& rMimeType, const css::uno::Any & rValue ) override;
+
+ bool Connect() { return GetRealObject() != nullptr; }
+};
+
#endif // INCLUDED_SVX_SVDOOLE2_HXX
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/sc/source/ui/docshell/docsh.cxx b/sc/source/ui/docshell/docsh.cxx
index 6c03ec14319f..28d61a97954c 100644
--- a/sc/source/ui/docshell/docsh.cxx
+++ b/sc/source/ui/docshell/docsh.cxx
@@ -576,6 +576,9 @@ sal_Bool ScDocShell::Load( SfxMedium& rMedium )
sal_Bool bRet = SfxObjectShell::Load( rMedium );
if( bRet )
{
+ comphelper::EmbeddedObjectContainer& rEmbeddedObjectContainer = getEmbeddedObjectContainer();
+ rEmbeddedObjectContainer.setUserAllowsLinkUpdate(false);
+
if (GetMedium())
{
SFX_ITEMSET_ARG( rMedium.GetItemSet(), pUpdateDocItem, SfxUInt16Item, SID_UPDATEDOCMODE, false);
diff --git a/sc/source/ui/docshell/docsh4.cxx b/sc/source/ui/docshell/docsh4.cxx
index 806549a4ea78..cf6a40533487 100644
--- a/sc/source/ui/docshell/docsh4.cxx
+++ b/sc/source/ui/docshell/docsh4.cxx
@@ -29,6 +29,7 @@ using namespace ::com::sun::star;
#include "scitems.hxx"
#include <sfx2/fcontnr.hxx>
+#include <sfx2/linkmgr.hxx>
#include <sfx2/objface.hxx>
#include <sfx2/docfile.hxx>
#include <svtools/ehdl.hxx>
@@ -42,6 +43,7 @@ using namespace ::com::sun::star;
#include <svx/drawitem.hxx>
#include <svx/fmshell.hxx>
#include <svtools/xwindowitem.hxx>
+#include <svx/svdoole2.hxx>
#include <sfx2/passwd.hxx>
#include <sfx2/filedlghelper.hxx>
#include <sfx2/dispatch.hxx>
@@ -415,6 +417,8 @@ void ScDocShell::Execute( SfxRequest& rReq )
case SID_UPDATETABLINKS:
{
ScDocument* pDoc = GetDocument();
+ comphelper::EmbeddedObjectContainer& rEmbeddedObjectContainer = getEmbeddedObjectContainer();
+ rEmbeddedObjectContainer.setUserAllowsLinkUpdate(true);
ScLkUpdMode nSet=pDoc->GetLinkMode();
@@ -463,7 +467,10 @@ void ScDocShell::Execute( SfxRequest& rReq )
rReq.Done();
}
else
+ {
+ rEmbeddedObjectContainer.setUserAllowsLinkUpdate(false);
rReq.Ignore();
+ }
}
break;
diff --git a/sd/source/core/drawdoc.cxx b/sd/source/core/drawdoc.cxx
index 5716b43cb276..a89721393425 100644
--- a/sd/source/core/drawdoc.cxx
+++ b/sd/source/core/drawdoc.cxx
@@ -685,6 +685,12 @@ void SdDrawDocument::UpdateAllLinks()
{
pDocLockedInsertingLinks = this; // lock inserting links. only links in this document should by resolved
+ if (mpDocSh)
+ {
+ comphelper::EmbeddedObjectContainer& rEmbeddedObjectContainer = mpDocSh->getEmbeddedObjectContainer();
+ rEmbeddedObjectContainer.setUserAllowsLinkUpdate(true);
+ }
+
pLinkManager->UpdateAllLinks(); // query box: update all links?
if( pDocLockedInsertingLinks == this )
diff --git a/sd/source/ui/docshell/docshel4.cxx b/sd/source/ui/docshell/docshel4.cxx
index 90128697ad0f..401025f47d81 100644
--- a/sd/source/ui/docshell/docshel4.cxx
+++ b/sd/source/ui/docshell/docshel4.cxx
@@ -288,8 +288,11 @@ sal_Bool DrawDocShell::Load( SfxMedium& rMedium )
}
bRet = SfxObjectShell::Load( rMedium );
- if( bRet )
+ if(bRet)
{
+ comphelper::EmbeddedObjectContainer& rEmbeddedObjectContainer = getEmbeddedObjectContainer();
+ rEmbeddedObjectContainer.setUserAllowsLinkUpdate(false);
+
bRet = SdXMLFilter( rMedium, *this, sal_True, SDXMLMODE_Normal, SotStorage::GetVersion( rMedium.GetStorage() ) ).Import( nError );
}
diff --git a/svx/source/svdraw/svdoole2.cxx b/svx/source/svdraw/svdoole2.cxx
index f1f27a833371..00304f5ccd45 100644
--- a/svx/source/svdraw/svdoole2.cxx
+++ b/svx/source/svdraw/svdoole2.cxx
@@ -57,7 +57,6 @@
#include <comphelper/classids.hxx>
#include <sot/formats.hxx>
-#include <sfx2/linkmgr.hxx>
#include <svtools/transfer.hxx>
#include <cppuhelper/implbase5.hxx>
@@ -592,25 +591,6 @@ void SdrLightEmbeddedClient_Impl::setWindow(const uno::Reference< awt::XWindow >
m_xWindow = _xWindow;
}
-////////////////////////////////////////////////////////////////////////////////////////////////////
-
-class SdrEmbedObjectLink : public sfx2::SvBaseLink
-{
- SdrOle2Obj* pObj;
-
-public:
- SdrEmbedObjectLink(SdrOle2Obj* pObj);
- virtual ~SdrEmbedObjectLink();
-
- virtual void Closed();
- virtual ::sfx2::SvBaseLink::UpdateResult DataChanged(
- const OUString& rMimeType, const ::com::sun::star::uno::Any & rValue );
-
- bool Connect() { return GetRealObject() != NULL; }
-};
-
-// -----------------------------------------------------------------------------
-
SdrEmbedObjectLink::SdrEmbedObjectLink(SdrOle2Obj* pObject):
::sfx2::SvBaseLink( ::sfx2::LINKUPDATE_ONCALL, SOT_FORMATSTR_ID_SVXB ),
pObj(pObject)
diff --git a/svx/source/unodraw/unoshap4.cxx b/svx/source/unodraw/unoshap4.cxx
index e932821b60d0..4411118a2907 100644
--- a/svx/source/unodraw/unoshap4.cxx
+++ b/svx/source/unodraw/unoshap4.cxx
@@ -415,7 +415,7 @@ sal_Bool SvxOle2Shape::createObject( const SvGlobalName &aClassName )
if( xObj.is() )
{
Rectangle aRect = pOle2Obj->GetLogicRect();
- if ( aRect.GetWidth() == 100 && aRect.GetHeight() == 100 )
+ if ( aRect.GetWidth() == 101 && aRect.GetHeight() == 101 )
{
// TODO/LATER: is it possible that this method is used to create an iconified object?
// default size
@@ -479,7 +479,7 @@ sal_Bool SvxOle2Shape::createLink( const OUString& aLinkURL )
if( xObj.is() )
{
Rectangle aRect = pOle2Obj->GetLogicRect();
- if ( aRect.GetWidth() == 100 && aRect.GetHeight() == 100 )
+ if ( aRect.GetWidth() == 101 && aRect.GetHeight() == 101 )
{
// default size
try
diff --git a/sw/inc/IDocumentLinksAdministration.hxx b/sw/inc/IDocumentLinksAdministration.hxx
index a0b3ee6851d0..94c6c1fe6a67 100644
--- a/sw/inc/IDocumentLinksAdministration.hxx
+++ b/sw/inc/IDocumentLinksAdministration.hxx
@@ -43,7 +43,7 @@ namespace sfx2 { class SvLinkSource; class LinkManager; }
/** #i42634# Moved common code of SwReader::Read() and
SwDocShell::UpdateLinks() to new SwDoc::UpdateLinks():
*/
- virtual void UpdateLinks(bool bUI) = 0;
+ virtual void UpdateLinks() = 0;
/** SS fuers Linken von Dokumentteilen / ?? for linking of parts of documents.
*/
diff --git a/sw/inc/doc.hxx b/sw/inc/doc.hxx
index b872119c6634..38e0e1096839 100644
--- a/sw/inc/doc.hxx
+++ b/sw/inc/doc.hxx
@@ -796,7 +796,7 @@ public:
virtual void SetVisibleLinks(bool bFlag);
virtual sfx2::LinkManager& GetLinkManager();
virtual const sfx2::LinkManager& GetLinkManager() const;
- virtual void UpdateLinks(bool bUI);
+ virtual void UpdateLinks();
virtual bool GetData(const OUString& rItem, const OUString& rMimeType, ::com::sun::star::uno::Any& rValue) const;
virtual bool SetData(const OUString& rItem, const OUString& rMimeType, const ::com::sun::star::uno::Any& rValue);
virtual ::sfx2::SvLinkSource* CreateLinkSource(const OUString& rItem);
diff --git a/sw/source/core/doc/docnew.cxx b/sw/source/core/doc/docnew.cxx
index e2f6d775ed2a..b513aaf6d4cf 100644
--- a/sw/source/core/doc/docnew.cxx
+++ b/sw/source/core/doc/docnew.cxx
@@ -958,55 +958,59 @@ IGrammarContact* getGrammarContact( const SwTxtNode& rTxtNode )
// #i42634# Moved common code of SwReader::Read() and SwDocShell::UpdateLinks()
// to new SwDoc::UpdateLinks():
-void SwDoc::UpdateLinks( bool bUI )
+void SwDoc::UpdateLinks( )
{
- SfxObjectCreateMode eMode;
- sal_uInt16 nLinkMode = getLinkUpdateMode( true );
- if ( GetDocShell()) {
- sal_uInt16 nUpdateDocMode = GetDocShell()->GetUpdateDocMode();
- if( (nLinkMode != NEVER || document::UpdateDocMode::FULL_UPDATE == nUpdateDocMode) &&
- !GetLinkManager().GetLinks().empty() &&
- SFX_CREATE_MODE_INTERNAL !=
- ( eMode = GetDocShell()->GetCreateMode()) &&
- SFX_CREATE_MODE_ORGANIZER != eMode &&
- SFX_CREATE_MODE_PREVIEW != eMode &&
- !GetDocShell()->IsPreview() )
- {
- SwViewShell* pVSh = 0;
- bool bAskUpdate = nLinkMode == MANUAL;
- bool bUpdate = true;
- switch(nUpdateDocMode)
- {
- case document::UpdateDocMode::NO_UPDATE: bUpdate = false;break;
- case document::UpdateDocMode::QUIET_UPDATE:bAskUpdate = false; break;
- case document::UpdateDocMode::FULL_UPDATE: bAskUpdate = true; break;
- }
- if (nLinkMode == AUTOMATIC && !bAskUpdate)
- {
- SfxMedium * medium = GetDocShell()->GetMedium();
- if (!SvtSecurityOptions().isTrustedLocationUriForUpdatingLinks(
- medium == nullptr ? OUString() : medium->GetName()))
- {
- bAskUpdate = true;
- }
- }
- if( bUpdate && (bUI || !bAskUpdate) )
- {
- SfxMedium* pMedium = GetDocShell()->GetMedium();
- SfxFrame* pFrm = pMedium ? pMedium->GetLoadTargetFrame() : 0;
- Window* pDlgParent = pFrm ? &pFrm->GetWindow() : 0;
- if( GetCurrentViewShell() && !GetEditShell( &pVSh ) && !pVSh )
- {
- SwViewShell aVSh( *this, 0, 0 );
-
- SET_CURR_SHELL( &aVSh );
- GetLinkManager().UpdateAllLinks( bAskUpdate , true, false, pDlgParent );
- }
- else
- GetLinkManager().UpdateAllLinks( bAskUpdate, true, false, pDlgParent );
- }
- }
- }
+ if (!GetDocShell())
+ return;
+ SfxObjectCreateMode eMode = GetDocShell()->GetCreateMode();
+ if (eMode == SfxObjectCreateMode::SFX_CREATE_MODE_INTERNAL)
+ return;
+ if (eMode == SfxObjectCreateMode::SFX_CREATE_MODE_ORGANIZER)
+ return;
+ if (eMode == SfxObjectCreateMode::SFX_CREATE_MODE_PREVIEW)
+ return;
+ if (GetDocShell()->IsPreview())
+ return;
+ if (GetLinkManager().GetLinks().empty())
+ return;
+ sal_uInt16 nLinkMode = getLinkUpdateMode(true);
+ sal_uInt16 nUpdateDocMode = GetDocShell()->GetUpdateDocMode();
+ if (nLinkMode == NEVER && nUpdateDocMode != document::UpdateDocMode::FULL_UPDATE)
+ return;
+
+ bool bAskUpdate = nLinkMode == MANUAL;
+ bool bUpdate = true;
+ switch(nUpdateDocMode)
+ {
+ case document::UpdateDocMode::NO_UPDATE: bUpdate = false;break;
+ case document::UpdateDocMode::QUIET_UPDATE:bAskUpdate = false; break;
+ case document::UpdateDocMode::FULL_UPDATE: bAskUpdate = true; break;
+ }
+ if (nLinkMode == AUTOMATIC && !bAskUpdate)
+ {
+ SfxMedium * medium = GetDocShell()->GetMedium();
+ if (!SvtSecurityOptions().isTrustedLocationUriForUpdatingLinks(
+ medium == nullptr ? OUString() : medium->GetName()))
+ {
+ bAskUpdate = true;
+ }
+ }
+ comphelper::EmbeddedObjectContainer& rEmbeddedObjectContainer = GetDocShell()->getEmbeddedObjectContainer();
+ if (bUpdate)
+ {
+ rEmbeddedObjectContainer.setUserAllowsLinkUpdate(true);
+
+ SfxMedium* pMedium = GetDocShell()->GetMedium();
+ SfxFrame* pFrame = pMedium ? pMedium->GetLoadTargetFrame() : nullptr;
+
+ Window* pDlgParent = pFrame ? &pFrame->GetWindow() : nullptr;
+
+ GetLinkManager().UpdateAllLinks( bAskUpdate, true, false, pDlgParent );
+ }
+ else
+ {
+ rEmbeddedObjectContainer.setUserAllowsLinkUpdate(false);
+ }
}
::sfx2::IXmlIdRegistry&
diff --git a/sw/source/filter/basflt/shellio.cxx b/sw/source/filter/basflt/shellio.cxx
index 622b4b753d24..d6f223ec2d14 100644
--- a/sw/source/filter/basflt/shellio.cxx
+++ b/sw/source/filter/basflt/shellio.cxx
@@ -368,7 +368,8 @@ sal_uLong SwReader::Read( const Reader& rOptions )
// #i42634# Moved common code of SwReader::Read() and
// SwDocShell::UpdateLinks() to new SwDoc::UpdateLinks():
// ATM still with Update
- pDoc->UpdateLinks( true );
+ //pDoc->getIDocumentLinksAdministration().UpdateLinks();
+ pDoc->UpdateLinks();
// not insert: set the redline mode read from settings.xml
eOld = static_cast<RedlineMode_t>(
diff --git a/sw/source/ui/app/docsh.cxx b/sw/source/ui/app/docsh.cxx
index 72564f3a285c..bbba369391fa 100644
--- a/sw/source/ui/app/docsh.cxx
+++ b/sw/source/ui/app/docsh.cxx
@@ -1173,7 +1173,7 @@ void SwDocShell::CalcLayoutForOLEObjects()
// read by the binary filter:
void SwDocShell::UpdateLinks()
{
- GetDoc()->UpdateLinks(true);
+ GetDoc()->UpdateLinks();
// #i50703# Update footnote numbers
SwTxtFtn::SetUniqueSeqRefNo( *GetDoc() );
SwNodeIndex aTmp( GetDoc()->GetNodes() );
commit 700e1f25241deee2dd4db04628a9b50a34b1bf44
Author: Caolán McNamara <caolanm at redhat.com>
Date: Sun May 27 17:04:50 2018 +0200
[PATCH] guard against corrupt m_nNumTabs
Includes:
- guard against corrupt LwpTocSuperLayout
- guard against corrupt SilverBullet
- guard against corrupt ObjIndexData
Change-Id: I41b8514a127d463ac951e5855f09416fa0456b1b
diff --git a/lotuswordpro/source/filter/lwpidxmgr.cxx b/lotuswordpro/source/filter/lwpidxmgr.cxx
index ccd2c388a612..4a23c2980458 100644
--- a/lotuswordpro/source/filter/lwpidxmgr.cxx
+++ b/lotuswordpro/source/filter/lwpidxmgr.cxx
@@ -155,7 +155,10 @@ void LwpIndexManager::ReadRootData(LwpObjectStream* pObjStrm)
sal_uInt16 KeyCount = pObjStrm->QuickReaduInt16();
m_nLeafCount = KeyCount ? KeyCount + 1 : 0;
- if(KeyCount)
+ if (m_nLeafCount > SAL_N_ELEMENTS(m_ChildIndex))
+ throw std::range_error("corrupt RootData");
+
+ if (KeyCount)
{
//read object keys
LwpKey* akey = new LwpKey();
@@ -215,7 +218,7 @@ void LwpIndexManager::ReadObjIndexData(LwpObjectStream* pObjStrm)
vObjIndexs[k]->offset = pObjStrm->QuickReaduInt32();
for (k = 0; k < LeafCount; k++)
- m_TempVec[k] = pObjStrm->QuickReaduInt32();
+ m_TempVec.at(k) = pObjStrm->QuickReaduInt32();
}
for( sal_uInt16 j=0; j<LeafCount; j++ )
diff --git a/lotuswordpro/source/filter/lwpobjstrm.cxx b/lotuswordpro/source/filter/lwpobjstrm.cxx
index b9dc3926eaad..0de01a5c647b 100644
--- a/lotuswordpro/source/filter/lwpobjstrm.cxx
+++ b/lotuswordpro/source/filter/lwpobjstrm.cxx
@@ -170,7 +170,7 @@ sal_uInt16 LwpObjectStream::QuickRead(void* buf, sal_uInt16 len)
memset(buf, 0, len);
if( len > m_nBufSize - m_nReadPos )
{
- assert(false);
+ SAL_WARN("lwp", "read request longer than buffer");
len = m_nBufSize - m_nReadPos;
}
if( m_pContentBuf && len)
diff --git a/lotuswordpro/source/filter/lwpsilverbullet.cxx b/lotuswordpro/source/filter/lwpsilverbullet.cxx
index d03216a7b0b0..24dd079f791a 100644
--- a/lotuswordpro/source/filter/lwpsilverbullet.cxx
+++ b/lotuswordpro/source/filter/lwpsilverbullet.cxx
@@ -93,7 +93,10 @@ void LwpSilverBullet::Read()
sal_uInt16 nNumPos = m_pObjStrm->QuickReaduInt16();
- for (sal_uInt8 nC = 0; nC < nNumPos; nC++)
+ if (nNumPos > SAL_N_ELEMENTS(m_pResetPositionFlags))
+ throw std::range_error("corrupt SilverBullet");
+
+ for (sal_uInt16 nC = 0; nC < nNumPos; nC++)
m_pResetPositionFlags[nC] = m_pObjStrm->QuickReaduInt8();
m_nUseCount = m_pObjStrm->QuickReaduInt32();
diff --git a/lotuswordpro/source/filter/lwptabrack.cxx b/lotuswordpro/source/filter/lwptabrack.cxx
index 32f229949e56..87a91d233047 100644
--- a/lotuswordpro/source/filter/lwptabrack.cxx
+++ b/lotuswordpro/source/filter/lwptabrack.cxx
@@ -87,11 +87,12 @@ LwpTabRack::LwpTabRack(LwpObjectHeader objHdr, LwpSvStream* pStrm):LwpObject(obj
void LwpTabRack::Read()
{
-// LwpObjectID m_NextID;
m_NextID.ReadIndexed(m_pObjStrm);
m_nNumTabs = m_pObjStrm->QuickReaduInt16();
- for( int i=0; i<m_nNumTabs; i++ )
+ if (m_nNumTabs > MaxTabs)
+ throw std::range_error("corrupt LwpTabRack");
+ for (int i=0; i<m_nNumTabs; ++i)
{
m_aTabs[i].Read(m_pObjStrm);
m_pObjStrm->SkipExtra();
diff --git a/lotuswordpro/source/filter/lwptoc.cxx b/lotuswordpro/source/filter/lwptoc.cxx
index 8e802a6463e2..74f0e10f6caf 100644
--- a/lotuswordpro/source/filter/lwptoc.cxx
+++ b/lotuswordpro/source/filter/lwptoc.cxx
@@ -101,17 +101,22 @@ void LwpTocSuperLayout::Read()
m_SearchItems.Read(m_pObjStrm);
- sal_uInt16 i;
sal_uInt16 count = m_pObjStrm->QuickReaduInt16();
- for (i = 0; (i < MAX_LEVELS) && (count > 0); i++, count--)
+ if (count > MAX_LEVELS)
+ throw std::range_error("corrupt LwpTocSuperLayout");
+ for (sal_uInt16 i = 0; i < count; ++i)
m_DestName[i].Read(m_pObjStrm);
count = m_pObjStrm->QuickReaduInt16();
- for (i = 0; (i < MAX_LEVELS) && (count > 0); i++, count--)
+ if (count > MAX_LEVELS)
+ throw std::range_error("corrupt LwpTocSuperLayout");
+ for (sal_uInt16 i = 0; i < count; ++i)
m_DestPGName[i].Read(m_pObjStrm);
count = m_pObjStrm->QuickReaduInt16();
- for (i = 0; i < count; i++)
+ if (count > MAX_LEVELS)
+ throw std::range_error("corrupt LwpTocSuperLayout");
+ for (sal_uInt16 i = 0; i < count; ++i)
m_nFlags[i] = m_pObjStrm->QuickReaduInt32();
m_pObjStrm->SkipExtra();
commit 35b742fc4fd381e860b1a739d1feb34117e93da4
Author: Caolán McNamara <caolanm at redhat.com>
Date: Sun May 27 16:53:45 2018 +0200
ww8: make sure we don't wrap around
(cherry picked from commit 755b9320c81948358a1d4104c8875594b5700d39)
Reviewed-on: https://gerrit.libreoffice.org/16982
Reviewed-by: David Tardon <dtardon at redhat.com>
Reviewed-by: Michael Meeks <michael.meeks at collabora.com>
Tested-by: Michael Meeks <michael.meeks at collabora.com>
Reviewed-by: Björn Michaelsen <bjoern.michaelsen at canonical.com>
Change-Id: I667bb264f92024b72f230c2ddbba3887471345f2
diff --git a/sw/source/filter/ww8/ww8scan.cxx b/sw/source/filter/ww8/ww8scan.cxx
index 240c653fe471..9566f8b29219 100644
--- a/sw/source/filter/ww8/ww8scan.cxx
+++ b/sw/source/filter/ww8/ww8scan.cxx
@@ -1519,7 +1519,11 @@ WW8PLCFpcd* WW8ScannerBase::OpenPieceTable( SvStream* pStr, const WW8Fib* pWwF )
if( 2 == clxt ) // PLCFfpcd ?
break; // PLCFfpcd gefunden
if( 1 == clxt ) // clxtGrpprl ?
+ {
+ if (nGrpprl == SHRT_MAX)
+ return NULL;
nGrpprl++;
+ }
sal_uInt16 nLen(0);
*pStr >> nLen;
nLeft -= 2 + nLen;
commit e31cef5e1534ea9a79e2468ea94cb4ffd31aef7f
Author: Caolán McNamara <caolanm at redhat.com>
Date: Sun May 27 16:44:08 2018 +0200
convert pStatus to vector and use at to check offsets
(cherry picked from commit ea70088895ed45dc60abf18319acc1b4fa3018dd)
Change-Id: I5186f6a65bb9d5ed8a0d1ab1d71f7e2c13865411
Reviewed-on: https://gerrit.libreoffice.org/17695
Reviewed-by: David Tardon <dtardon at redhat.com>
Tested-by: David Tardon <dtardon at redhat.com>
diff --git a/sw/source/filter/ww8/ww8scan.cxx b/sw/source/filter/ww8/ww8scan.cxx
index 372e7b1db396..240c653fe471 100644
--- a/sw/source/filter/ww8/ww8scan.cxx
+++ b/sw/source/filter/ww8/ww8scan.cxx
@@ -3910,7 +3910,7 @@ void WW8ReadSTTBF(bool bVer8, SvStream& rStrm, sal_uInt32 nStart, sal_Int32 nLen
}
WW8PLCFx_Book::WW8PLCFx_Book(SvStream* pTblSt, const WW8Fib& rFib)
- : WW8PLCFx(rFib.GetFIBVersion(), false), pStatus(0), nIsEnd(0), nBookmarkId(1)
+ : WW8PLCFx(rFib.GetFIBVersion(), false), nIsEnd(0), nBookmarkId(1)
{
if( !rFib.fcPlcfbkf || !rFib.lcbPlcfbkf || !rFib.fcPlcfbkl ||
!rFib.lcbPlcfbkl || !rFib.fcSttbfbkmk || !rFib.lcbSttbfbkmk )
@@ -3935,14 +3935,12 @@ WW8PLCFx_Book::WW8PLCFx_Book(SvStream* pTblSt, const WW8Fib& rFib)
nIMax = pBook[0]->GetIMax();
if( pBook[1]->GetIMax() < nIMax )
nIMax = pBook[1]->GetIMax();
- pStatus = new eBookStatus[ nIMax ];
- memset( pStatus, 0, nIMax * sizeof( eBookStatus ) );
+ aStatus.resize(nIMax);
}
}
WW8PLCFx_Book::~WW8PLCFx_Book()
{
- delete[] pStatus;
delete pBook[1];
delete pBook[0];
}
@@ -4060,18 +4058,20 @@ long WW8PLCFx_Book::GetLen() const
return nNum;
}
-void WW8PLCFx_Book::SetStatus(sal_uInt16 nIndex, eBookStatus eStat )
+void WW8PLCFx_Book::SetStatus(sal_uInt16 nIndex, eBookStatus eStat)
{
- OSL_ENSURE(nIndex < nIMax, "set status of non existing bookmark!");
- pStatus[nIndex] = (eBookStatus)( pStatus[nIndex] | eStat );
+ SAL_WARN_IF(nIndex >= nIMax, "sw.ww8",
+ "bookmark index " << nIndex << " invalid");
+ eBookStatus eStatus = aStatus.at(nIndex);
+ aStatus[nIndex] = static_cast<eBookStatus>(eStatus | eStat);
}
eBookStatus WW8PLCFx_Book::GetStatus() const
{
- if( !pStatus )
+ if (aStatus.empty())
return BOOK_NORMAL;
long nEndIdx = GetHandle();
- return ( nEndIdx < nIMax ) ? pStatus[nEndIdx] : BOOK_NORMAL;
+ return ( nEndIdx < nIMax ) ? aStatus[nEndIdx] : BOOK_NORMAL;
}
long WW8PLCFx_Book::GetHandle() const
diff --git a/sw/source/filter/ww8/ww8scan.hxx b/sw/source/filter/ww8/ww8scan.hxx
index e20af3ee703a..54dd9a525f48 100644
--- a/sw/source/filter/ww8/ww8scan.hxx
+++ b/sw/source/filter/ww8/ww8scan.hxx
@@ -717,8 +717,8 @@ class WW8PLCFx_Book : public WW8PLCFx
{
private:
WW8PLCFspecial* pBook[2]; // Start and End Position
- ::std::vector<OUString> aBookNames; // Name
- eBookStatus* pStatus;
+ std::vector<OUString> aBookNames; // Name
+ std::vector<eBookStatus> aStatus;
long nIMax; // Number of Booknotes
sal_uInt16 nIsEnd;
sal_Int32 nBookmarkId; // counter incremented by GetUniqueBookmarkName.
commit d65ea2e662ffb7b6d171627f3c613b9018fab461
Author: Caolán McNamara <caolanm at redhat.com>
Date: Sun May 27 16:32:23 2018 +0200
check if reads were successful
Reviewed-on: https://gerrit.libreoffice.org/14631
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
(cherry picked from commit f974db5d89eacf0c23e303c22c62972014e9db16)
Conflicts:
hwpfilter/source/hiodev.cxx
hwpfilter/source/hiodev.h
hwpfilter/source/hwpfile.cxx
Change-Id: I69ab0ca9c017c9a1c10d18fd850f32a92c641d12
Reviewed-on: https://gerrit.libreoffice.org/14654
Tested-by: Michael Stahl <mstahl at redhat.com>
Reviewed-by: Michael Stahl <mstahl at redhat.com>
diff --git a/hwpfilter/source/drawdef.h b/hwpfilter/source/drawdef.h
index c5861e74862a..769f265aa655 100644
--- a/hwpfilter/source/drawdef.h
+++ b/hwpfilter/source/drawdef.h
@@ -77,11 +77,11 @@ struct BAREHWPDOProperty
int line_pstyle;
int line_hstyle;
int line_tstyle;
- DWORD line_color;
+ unsigned int line_color;
hunit line_width;
- DWORD fill_color;
+ unsigned int fill_color;
uint pattern_type;
- DWORD pattern_color;
+ unsigned int pattern_color;
hunit hmargin;
hunit vmargin;
uint flag;
@@ -127,14 +127,14 @@ struct RotationProperty
*/
struct HWPDOProperty
{
- int line_pstyle; /* ¼± Áß°£ ¸ð¾ç */
- int line_hstyle; /* ³¡ È»ìÇ¥ ¸ð¾ç */
- int line_tstyle; /* ½ÃÀÛ ¸ð¾ç */
- DWORD line_color;
+ int line_pstyle;
+ int line_hstyle;
+ int line_tstyle;
+ unsigned int line_color;
hunit line_width;
- DWORD fill_color;
+ unsigned int fill_color;
uint pattern_type;
- DWORD pattern_color;
+ unsigned int pattern_color;
hunit hmargin;
hunit vmargin;
uint flag;
diff --git a/hwpfilter/source/drawing.h b/hwpfilter/source/drawing.h
index dfc31bf57237..9dab191e7610 100644
--- a/hwpfilter/source/drawing.h
+++ b/hwpfilter/source/drawing.h
@@ -126,7 +126,6 @@ inline bool HAS_PAT(HWPDrawingObject * hdo)
HAVE_GRADATION(hdo) || HAVE_BITMAP_PATTERN(hdo);
}
-
static void SetHdoParallRgn(HWPDrawingObject * hdo, int width, int height)
{
hdo->property.parall.pt[0].x = 0;
@@ -137,37 +136,37 @@ static void SetHdoParallRgn(HWPDrawingObject * hdo, int width, int height)
hdo->property.parall.pt[2].y = height;
}
-
static bool SkipPrivateBlock(int type)
{
int n;
if (type == OBJRET_FILE_NO_PRIVATE_BLOCK)
{
- n = hmem->read4b();
+ if (!hmem->read4b(n))
+ return false;
if (hmem->state() || hmem->skipBlock(n) != n)
return false;
}
- n = hmem->read4b();
+ if (!hmem->read4b(n))
+ return false;
if (hmem->state())
return false;
return hmem->skipBlock(n) == n;
}
-
static int SizeExpected;
static int SizeRead;
static int ReadSizeField(int size)
{
SizeExpected = size;
- SizeRead = hmem->read4b();
+ if (!hmem->read4b(SizeRead))
+ return -1;
if (hmem->state())
return -1;
return SizeRead;
}
-
static bool SkipUnusedField(void)
{
return (SizeExpected < SizeRead) ?
@@ -181,62 +180,93 @@ static bool SkipUnusedField(void)
#define HDOFILE_HAS_NEXT 0x01
#define HDOFILE_HAS_CHILD 0x02
-static bool LoadCommonHeader(HWPDrawingObject * hdo, WORD * link_info)
+static bool LoadCommonHeader(HWPDrawingObject * hdo, unsigned short * link_info)
{
uint size, common_size;
- if( !hmem )
- return FALSE;
- size = hmem->read4b();
+ if (!hmem)
+ return false;
+ if (!hmem->read4b(size))
+ return false;
if (hmem->state())
- {
- return FALSE;
- }
+ return false;
if (size < HDOFILE_COMMON_SIZE)
- {
- return FALSE;
- }
+ return false;
common_size = HDOFILE_COMMON_SIZE;
- hdo->type = hmem->read2b();
- *link_info = sal::static_int_cast<WORD>(hmem->read2b());
- hdo->offset.x = hmem->read4b();
- hdo->offset.y = hmem->read4b();
- hdo->extent.w = hmem->read4b();
- hdo->extent.h = hmem->read4b();
- hdo->offset2.x = hmem->read4b();
- hdo->offset2.y = hmem->read4b();
+ unsigned short tmp16;
+ if (!hmem->read2b(tmp16))
+ return false;
+ hdo->type = tmp16;
+ if (!hmem->read2b(tmp16))
+ return false;
+ *link_info = tmp16;
+ if (!hmem->read4b(hdo->offset.x))
+ return false;
+ if (!hmem->read4b(hdo->offset.y))
+ return false;
+ if (!hmem->read4b(hdo->extent.w))
+ return false;
+ if (!hmem->read4b(hdo->extent.h))
+ return false;
+ if (!hmem->read4b(hdo->offset2.x))
+ return false;
+ if (!hmem->read4b(hdo->offset2.y))
+ return false;
if (hmem->state())
- return FALSE;
+ return false;
- hdo->vrect.x = hmem->read4b();
- hdo->vrect.y = hmem->read4b();
- hdo->vrect.w = hmem->read4b();
- hdo->vrect.h = hmem->read4b();
+ if (!hmem->read4b(hdo->vrect.x))
+ return false;
+ if (!hmem->read4b(hdo->vrect.y))
+ return false;
+ if (!hmem->read4b(hdo->vrect.w))
+ return false;
+ if (!hmem->read4b(hdo->vrect.h))
+ return false;
// read bare property 44 bytes
- hdo->property.line_pstyle = hmem->read4b();
- hdo->property.line_hstyle = hmem->read4b();
- hdo->property.line_tstyle = hmem->read4b();
- hdo->property.line_color = hmem->read4b();
- hdo->property.line_width = (hunit) hmem->read4b();
- hdo->property.fill_color = hmem->read4b();
- hdo->property.pattern_type = hmem->read4b();
- hdo->property.pattern_color = hmem->read4b();
- hdo->property.hmargin = (hunit) hmem->read4b();
- hdo->property.vmargin = (hunit) hmem->read4b();
- hdo->property.flag = hmem->read4b();
-// read ratation property 32 bytes
+ if (!hmem->read4b(hdo->property.line_pstyle))
+ return false;
+ if (!hmem->read4b(hdo->property.line_hstyle))
+ return false;
+ if (!hmem->read4b(hdo->property.line_tstyle))
+ return false;
+ if (!hmem->read4b(hdo->property.line_color))
+ return false;
+ unsigned int tmp32;
+ if (!hmem->read4b(tmp32))
+ return false;
+ hdo->property.line_width = static_cast<hunit>(tmp32);
+ if (!hmem->read4b(hdo->property.fill_color))
+ return false;
+ if (!hmem->read4b(hdo->property.pattern_type))
+ return false;
+ if (!hmem->read4b(hdo->property.pattern_color))
+ return false;
+ if (!hmem->read4b(tmp32))
+ return false;
+ hdo->property.hmargin = static_cast<hunit>(tmp32);
+ if (!hmem->read4b(tmp32))
+ return false;
+ hdo->property.vmargin = static_cast<hunit>(tmp32);
+ if (!hmem->read4b(hdo->property.flag))
+ return false;
+// read rotation property 32 bytes
if ((size >= common_size + 32)
&& (hdo->property.flag & HWPDO_FLAG_ROTATION))
{
- hdo->property.rot_originx = hmem->read4b();
- hdo->property.rot_originy = hmem->read4b();
- for (int ii = 0; ii < 3; ii++)
+ if (!hmem->read4b(hdo->property.rot_originx))
+ return false;
+ if (!hmem->read4b(hdo->property.rot_originy))
+ return false;
+ for (int ii = 0; ii < 3; ++ii)
{
- hdo->property.parall.pt[ii].x = hmem->read4b();
- hdo->property.parall.pt[ii].y = hmem->read4b();
+ if (!hmem->read4b(hdo->property.parall.pt[ii].x))
+ return false;
+ if (!hmem->read4b(hdo->property.parall.pt[ii].y))
+ return false;
}
common_size += 32;
}
@@ -247,13 +277,20 @@ static bool LoadCommonHeader(HWPDrawingObject * hdo, WORD * link_info)
if ((size >= common_size + 28) &&
(hdo->property.flag & HWPDO_FLAG_GRADATION))
{
- hdo->property.fromcolor = hmem->read4b();
- hdo->property.tocolor = hmem->read4b();
- hdo->property.gstyle = hmem->read4b();
- hdo->property.angle = hmem->read4b();
- hdo->property.center_x = hmem->read4b();
- hdo->property.center_y = hmem->read4b();
- hdo->property.nstep = hmem->read4b();
+ if (!hmem->read4b(hdo->property.fromcolor))
+ return false;
+ if (!hmem->read4b(hdo->property.tocolor))
+ return false;
+ if (!hmem->read4b(hdo->property.gstyle))
+ return false;
+ if (!hmem->read4b(hdo->property.angle))
+ return false;
+ if (!hmem->read4b(hdo->property.center_x))
+ return false;
+ if (!hmem->read4b(hdo->property.center_y))
+ return false;
+ if (!hmem->read4b(hdo->property.nstep))
+ return false;
common_size += 28;
}
@@ -261,54 +298,67 @@ static bool LoadCommonHeader(HWPDrawingObject * hdo, WORD * link_info)
if ((size >= common_size + 278) && \
(hdo->property.flag & HWPDO_FLAG_BITMAP))
{
- hdo->property.offset1.x = hmem->read4b();
- hdo->property.offset1.y = hmem->read4b();
- hdo->property.offset2.x = hmem->read4b();
- hdo->property.offset2.y = hmem->read4b();
+ if (!hmem->read4b(hdo->property.offset1.x))
+ return false;
+ if (!hmem->read4b(hdo->property.offset1.y))
+ return false;
+ if (!hmem->read4b(hdo->property.offset2.x))
+ return false;
+ if (!hmem->read4b(hdo->property.offset2.y))
+ return false;
if (!hmem->readBlock(hdo->property.szPatternFile, 261))
- return FALSE;
- hdo->property.pictype = sal::static_int_cast<char>(hmem->read1b());
+ return false;
+ if (!hmem->read1b(hdo->property.pictype))
+ return false;
common_size += 278;
}
if( ( size >= common_size + 3 ) && ( hdo->property.flag & HWPDO_FLAG_WATERMARK ) )
//if( ( size >= common_size ) && ( hdo->property.flag >> 20 & 0x01 ) )
{
- if( size - common_size >= 5 )
- hmem->skipBlock( 2 );
- hdo->property.luminance = hmem->read1b();
- hdo->property.contrast = hmem->read1b();
- hdo->property.greyscale = hmem->read1b();
- common_size += 5;
- }
- else{
- hdo->property.luminance = 0;
- hdo->property.contrast = 0;
- hdo->property.greyscale = 0;
+ if (size - common_size >= 5)
+ hmem->skipBlock(2);
+ unsigned char tmp8;
+ if (!hmem->read1b(tmp8))
+ return false;
+ hdo->property.luminance = tmp8;
+ if (!hmem->read1b(tmp8))
+ return false;
+ hdo->property.contrast = tmp8;
+ if (!hmem->read1b(tmp8))
+ return false;
+ hdo->property.greyscale = tmp8;
+
+ common_size += 5;
+ }
+ else
+ {
+ hdo->property.luminance = 0;
+ hdo->property.contrast = 0;
+ hdo->property.greyscale = 0;
}
- hdo->property.pPara = 0L;
+ hdo->property.pPara = 0L;
- if( ( size > common_size ) && (hdo->property.flag & HWPDO_FLAG_AS_TEXTBOX) )
- {
- hmem->skipBlock(8);
- hdo->property.pPara = LoadParaList();
- if( hdo->property.pPara )
- return TRUE;
- else
- return FALSE;
+ if( ( size > common_size ) && (hdo->property.flag & HWPDO_FLAG_AS_TEXTBOX) )
+ {
+ hmem->skipBlock(8);
+ hdo->property.pPara = LoadParaList();
+ if( hdo->property.pPara )
+ return true;
+ else
+ return false;
}
- if( size <= common_size )
- return TRUE;
+ if (size <= common_size)
+ return true;
return hmem->skipBlock(size - common_size ) != 0;
}
-
static HWPDrawingObject *LoadDrawingObject(void)
{
HWPDrawingObject *hdo, *head, *prev;
int res;
- WORD link_info;
+ unsigned short link_info;
head = prev = NULL;
do
@@ -367,6 +417,11 @@ static HWPDrawingObject *LoadDrawingObject(void)
if (hdo != NULL)
{
+ if (hdo->type < 0 || hdo->type >= HWPDO_NITEMS)
+ {
+ hdo->type = HWPDO_RECT;
+ }
+
HWPDOFunc(hdo, OBJFUNC_FREE, NULL, 0);
delete hdo;
}
@@ -382,17 +437,25 @@ static HWPDrawingObject *LoadDrawingObject(void)
static bool LoadDrawingObjectBlock(Picture * pic)
{
- int size = hmem->read4b();
+ int size;
+ if (!hmem->read4b(size))
+ return false;
if (hmem->state() || size < HDOFILE_HEADER_SIZE)
return false;
- pic->picinfo.picdraw.zorder = hmem->read4b();
- pic->picinfo.picdraw.mbrcnt = hmem->read4b();
- pic->picinfo.picdraw.vrect.x = hmem->read4b();
- pic->picinfo.picdraw.vrect.y = hmem->read4b();
- pic->picinfo.picdraw.vrect.w = hmem->read4b();
- pic->picinfo.picdraw.vrect.h = hmem->read4b();
+ if (!hmem->read4b(pic->picinfo.picdraw.zorder))
+ return false;
+ if (!hmem->read4b(pic->picinfo.picdraw.mbrcnt))
+ return false;
+ if (!hmem->read4b(pic->picinfo.picdraw.vrect.x))
+ return false;
+ if (!hmem->read4b(pic->picinfo.picdraw.vrect.y))
+ return false;
+ if (!hmem->read4b(pic->picinfo.picdraw.vrect.w))
+ return false;
+ if (!hmem->read4b(pic->picinfo.picdraw.vrect.h))
+ return false;
if (size > HDOFILE_HEADER_SIZE &&
!hmem->skipBlock(size - HDOFILE_HEADER_SIZE))
@@ -404,9 +467,7 @@ static bool LoadDrawingObjectBlock(Picture * pic)
return true;
}
-
// object manipulation function
-
static int
HWPDODefaultFunc(int , HWPDrawingObject * , int cmd, void *, int)
{
@@ -415,7 +476,6 @@ HWPDODefaultFunc(int , HWPDrawingObject * , int cmd, void *, int)
return true;
}
-
static int
HWPDOLineFunc(int type, HWPDrawingObject * hdo, int cmd, void *argp, int argv)
{
@@ -425,7 +485,8 @@ HWPDOLineFunc(int type, HWPDrawingObject * hdo, int cmd, void *argp, int argv)
case OBJFUNC_LOAD:
if (ReadSizeField(4) < 4)
return OBJRET_FILE_ERROR;
- hdo->u.line_arc.flip = hmem->read4b();
+ if (!hmem->read4b(hdo->u.line_arc.flip))
+ return OBJRET_FILE_ERROR;
if (hmem->state())
return OBJRET_FILE_ERROR;
if (!SkipUnusedField())
@@ -468,11 +529,14 @@ int cmd, void *argp, int argv)
case OBJFUNC_LOAD:
if (ReadSizeField(16) < 16)
return OBJRET_FILE_ERROR;
- hdo->u.arc.radial[0].x = hmem->read4b();
- hdo->u.arc.radial[0].y = hmem->read4b();
- hdo->u.arc.radial[1].x = hmem->read4b();
- hdo->u.arc.radial[1].y = hmem->read4b();
-
+ if (!hmem->read4b(hdo->u.arc.radial[0].x))
+ return OBJRET_FILE_ERROR;
+ if (!hmem->read4b(hdo->u.arc.radial[0].y))
+ return OBJRET_FILE_ERROR;
+ if (!hmem->read4b(hdo->u.arc.radial[1].x))
+ return OBJRET_FILE_ERROR;
+ if (!hmem->read4b(hdo->u.arc.radial[1].y))
+ return OBJRET_FILE_ERROR;
if (ReadSizeField(0) < 0)
return OBJRET_FILE_ERROR;
break;
@@ -493,7 +557,8 @@ HWPDOArcFunc(int type, HWPDrawingObject * hdo, int cmd, void *argp, int argv)
case OBJFUNC_LOAD:
if (ReadSizeField(4) < 4)
return OBJRET_FILE_ERROR;
- hdo->u.line_arc.flip = hmem->read4b();
+ if (!hmem->read4b(hdo->u.line_arc.flip))
+ return OBJRET_FILE_ERROR;
if (hmem->state())
return OBJRET_FILE_ERROR;
if (!SkipUnusedField())
@@ -534,7 +599,8 @@ int cmd, void *argp, int argv)
hdo->u.freeform.pt = 0;
if (ReadSizeField(4) < 4)
return OBJRET_FILE_ERROR;
- hdo->u.freeform.npt = hmem->read4b();
+ if (!hmem->read4b(hdo->u.freeform.npt))
+ return OBJRET_FILE_ERROR;
if (hmem->state())
return OBJRET_FILE_ERROR;
if (!SkipUnusedField())
@@ -553,11 +619,16 @@ int cmd, void *argp, int argv)
hdo->u.freeform.npt = 0;
return OBJRET_FILE_ERROR;
}
- for (int ii = 0; ii < hdo->u.freeform.npt; ii++)
+ for (int ii = 0; ii < hdo->u.freeform.npt; ++ii)
{
- hdo->u.freeform.pt[ii].x = hmem->read4b();
- hdo->u.freeform.pt[ii].y = hmem->read4b();
+ bool bFailure = false;
+ if (!hmem->read4b(hdo->u.freeform.pt[ii].x))
+ bFailure = true;
+ if (!hmem->read4b(hdo->u.freeform.pt[ii].y))
+ bFailure = true;
if (hmem->state())
+ bFailure = true;
+ if (bFailure)
{
delete[]hdo->u.freeform.pt;
hdo->u.freeform.npt = 0;
diff --git a/hwpfilter/source/hbox.h b/hwpfilter/source/hbox.h
index 88d789825269..fe6ec9ad07b3 100644
--- a/hwpfilter/source/hbox.h
+++ b/hwpfilter/source/hbox.h
@@ -71,7 +71,7 @@ struct HBox
*/
struct SkipData: public HBox
{
- ulong data_block_len;
+ uint data_block_len;
hchar dummy;
char *data_block;
@@ -618,7 +618,7 @@ struct Picture: public FBox
* follow_block_size is the size information of the Drawing object of hwp.
* It's value is greater than 0 if the pictype is PICTYPE_DRAW.
*/
- ulong follow_block_size; /* Ãß°¡Á¤º¸ ±æÀÌ. */
+ uint follow_block_size;
short dummy1; // to not change structure size */
short dummy2; // to not change structure size */
uchar reserved1;
diff --git a/hwpfilter/source/hinfo.cxx b/hwpfilter/source/hinfo.cxx
index 7f261f053456..6ff59543d493 100644
--- a/hwpfilter/source/hinfo.cxx
+++ b/hwpfilter/source/hinfo.cxx
@@ -63,21 +63,39 @@ bool HWPInfo::Read(HWPFile & hwpf)
hwpf.Read2b(&cur_row, 1); /* ¹®´Ü Ä */
hwpf.Read1b(&paper.paper_kind, 1); /* ¿ëÁö Á¾·ù */
- hwpf.Read1b(&paper.paper_direction, 1); /* ¿ëÁö ¹æÇâ */
-
-// paper geometry information
- paper.paper_height = (short) hwpf.Read2b(); /* ¿ëÁö ±æÀÌ */
- paper.paper_width = (short) hwpf.Read2b(); /* ¿ëÁö ³Êºñ */
- paper.top_margin = (short) hwpf.Read2b(); /* À§ÂÊ ¿©¹é */
- paper.bottom_margin = (short) hwpf.Read2b(); /* ¾Æ·¡ÂÊ ¿©¹é */
- paper.left_margin = (short) hwpf.Read2b(); /* ¿ÞÂÊ ¿©¹é */
- paper.right_margin = (short) hwpf.Read2b(); /* ¿À¸¥ÂÊ ¿©¹é */
- paper.header_length = (short) hwpf.Read2b(); /* ¸Ó¸®¸» ±æÀÌ */
- paper.footer_length = (short) hwpf.Read2b(); /* ²¿¸®¸» ±æÀÌ */
- paper.gutter_length = (short) hwpf.Read2b(); /* Á¦º»¿©¹é */
- hwpf.Read2b(&readonly, 1); /* ¿¹¾à */
- hwpf.Read1b(reserved1, 4); /* ¿¹¾à */
- hwpf.Read1b(&chain_info.chain_page_no, 1); /* ÂÊ ¹øÈ£ ¿¬°á 1-¿¬°á, 0-»õ·Î½ÃÀÛ (¿¬°áÀμ⿡¼ »ç¿ë) */
+ hwpf.Read1b(&paper.paper_direction, 1);
+
+ unsigned short tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ paper.paper_height = tmp16; /* 용지 길이 */
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ paper.paper_width = tmp16; /* 용지 너비 */
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ paper.top_margin = tmp16; /* 위쪽 여백 */
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ paper.bottom_margin = tmp16; /* 아래쪽 여백 */
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ paper.left_margin = tmp16; /* 왼쪽 여백 */
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ paper.right_margin = tmp16; /* 오른쪽 여백 */
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ paper.header_length = tmp16; /* 머리말 길이 */
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ paper.footer_length = tmp16; /* 꼬리말 길이 */
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ paper.gutter_length = tmp16; /* 제본여백 */
+ hwpf.Read2b(&readonly, 1);
+ hwpf.Read1b(reserved1, 4);
+ hwpf.Read1b(&chain_info.chain_page_no, 1);
hwpf.Read1b(&chain_info.chain_footnote_no, 1);/* °¢ÁÖ¹øÈ£ ¿¬°á 1-¿¬°á 0-»õ·Î½ÃÀÛ */
/* ¿¬°áÀμâÇÒ ÆÄÀÏÀÇ À̸§ */
hwpf.Read1b(chain_info.chain_filename, CHAIN_MAX_PATH);
@@ -88,16 +106,27 @@ bool HWPInfo::Read(HWPFile & hwpf)
hwpf.Read2b(&beginpagenum,1); /* ÆäÀÌÁö½ÃÀÛ¹øÈ£ */
// footnote
- hwpf.Read2b(&beginfnnum,1); /* °¢ÁÖ ½ÃÀÛ¹øÈ£ */
- hwpf.Read2b(&countfn,1); /* °¢ÁÖ °¹¼ö */
- splinetext = (short) hwpf.Read2b();
- splinefn = (short) hwpf.Read2b();
- spfnfn = (short) hwpf.Read2b();
+ hwpf.Read2b(&beginfnnum,1);
+ hwpf.Read2b(&countfn,1);
+
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ splinetext = tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ splinefn = tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ spfnfn = tmp16;
hwpf.Read1b(&fnchar, 1);
hwpf.Read1b(&fnlinetype, 1);
// border layout
for (int ii = 0; ii < 4; ++ii)
- bordermargin[ii] = (short) hwpf.Read2b();
+ {
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ bordermargin[ii] = tmp16;
+ }
hwpf.Read2b(&borderline, 1);
hwpf.Read1b(&empty_line_hide, 1);
@@ -152,12 +181,23 @@ bool HWPSummary::Read(HWPFile & hwpf)
bool ParaShape::Read(HWPFile & hwpf)
{
- pagebreak = 0;
- left_margin = (short) hwpf.Read2b();
- right_margin = (short) hwpf.Read2b();
- indent = (short) hwpf.Read2b();
- lspacing = (short) hwpf.Read2b();
- pspacing_next = (short) hwpf.Read2b();
+ pagebreak = 0;
+ unsigned short tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ left_margin = tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ right_margin = tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ indent = tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ lspacing = tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ pspacing_next = tmp16;
hwpf.Read1b(&condense, 1);
hwpf.Read1b(&arrange_type, 1);
@@ -165,17 +205,27 @@ bool ParaShape::Read(HWPFile & hwpf)
{
hwpf.Read1b(&tabs[ii].type, 1);
hwpf.Read1b(&tabs[ii].dot_continue, 1);
- tabs[ii].position = (short) hwpf.Read2b();
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ tabs[ii].position = tmp16;
}
hwpf.Read1b(&coldef.ncols, 1);
hwpf.Read1b(&coldef.separator, 1);
- coldef.spacing = (short) hwpf.Read2b();
- coldef.columnlen = (short) hwpf.Read2b();
- coldef.columnlen0 = (short) hwpf.Read2b();
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ coldef.spacing = tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ coldef.columnlen = tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ coldef.columnlen0 = tmp16;
hwpf.Read1b(&shade, 1);
hwpf.Read1b(&outline, 1);
hwpf.Read1b(&outline_continue, 1);
- pspacing_prev = (short) hwpf.Read2b();
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ pspacing_prev = tmp16;
hwpf.Read1b(reserved, 2);
return (!hwpf.State());
@@ -184,7 +234,10 @@ bool ParaShape::Read(HWPFile & hwpf)
bool CharShape::Read(HWPFile & hwpf)
{
- size = (short) hwpf.Read2b();
+ unsigned short tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ size = tmp16;
hwpf.Read1b(font, NLanguage);
hwpf.Read1b(ratio, NLanguage);
hwpf.Read1b(space, NLanguage);
diff --git a/hwpfilter/source/hiodev.cxx b/hwpfilter/source/hiodev.cxx
index 5de1b5c7e890..af51a9b6b269 100644
--- a/hwpfilter/source/hiodev.cxx
+++ b/hwpfilter/source/hiodev.cxx
@@ -64,14 +64,14 @@ int HIODev::read1b(void *ptr, int nmemb)
return -1;
for (ii = 0; ii < nmemb; ii++)
{
- p[ii] = sal::static_int_cast<uchar>(read1b());
+ if (!read1b(p[ii]))
+ break;
if (state())
break;
}
return ii;
}
-
int HIODev::read2b(void *ptr, int nmemb)
{
ushort *p = (ushort *) ptr;
@@ -81,24 +81,25 @@ int HIODev::read2b(void *ptr, int nmemb)
return -1;
for (ii = 0; ii < nmemb; ii++)
{
- p[ii] = sal::static_int_cast<uchar>(read2b());
+ if (!read2b(p[ii]))
+ break;
if (state())
break;
}
return ii;
}
-
int HIODev::read4b(void *ptr, int nmemb)
{
- ulong *p = (ulong *) ptr;
+ uint *p = (uint *) ptr;
int ii;
if (state())
return -1;
for (ii = 0; ii < nmemb; ii++)
{
- p[ii] = read4b();
+ if (!read4b(p[ii]))
+ break;
if (state())
break;
}
@@ -179,39 +180,57 @@ bool HStreamIODev::setCompressed(bool flag)
#define GZREAD(ptr,len) (_gzfp?gz_read(_gzfp,ptr,len):0)
-int HStreamIODev::read1b()
+bool HStreamIODev::read1b(unsigned char &out)
{
int res = (compressed) ? GZREAD(rBuf, 1) : _stream.readBytes(rBuf, 1);
- if (res <= 0)
- return -1;
- else
- return (unsigned char) rBuf[0];
+ if (res < 1)
+ return false;
+
+ out = (unsigned char)rBuf[0];
+ return true;
}
+bool HStreamIODev::read1b(char &out)
+{
+ unsigned char tmp8;
+ if (!read1b(tmp8))
+ return false;
+ out = tmp8;
+ return true;
+}
-int HStreamIODev::read2b()
+bool HStreamIODev::read2b(unsigned short &out)
{
int res = (compressed) ? GZREAD(rBuf, 2) : _stream.readBytes(rBuf, 2);
- if (res <= 0)
- return -1;
- else
- return ((unsigned char) rBuf[1] << 8 | (unsigned char) rBuf[0]);
-}
+ if (res < 2)
+ return false;
+ out = ((unsigned char) rBuf[1] << 8 | (unsigned char) rBuf[0]);
+ return true;
+}
-long HStreamIODev::read4b()
+bool HStreamIODev::read4b(unsigned int &out)
{
int res = (compressed) ? GZREAD(rBuf, 4) : _stream.readBytes(rBuf, 4);
- if (res <= 0)
- return -1;
- else
- return ((unsigned char) rBuf[3] << 24 | (unsigned char) rBuf[2] << 16 |
- (unsigned char) rBuf[1] << 8 | (unsigned char) rBuf[0]);
+ if (res < 4)
+ return false;
+
+ out = ((unsigned char) rBuf[3] << 24 | (unsigned char) rBuf[2] << 16 |
+ (unsigned char) rBuf[1] << 8 | (unsigned char) rBuf[0]);
+ return true;
}
+bool HStreamIODev::read4b(int &out)
+{
+ unsigned int tmp32;
+ if (!read4b(tmp32))
+ return false;
+ out = tmp32;
+ return true;
+}
int HStreamIODev::readBlock(void *ptr, int size)
{
@@ -223,7 +242,6 @@ int HStreamIODev::readBlock(void *ptr, int size)
return count;
}
-
int HStreamIODev::skipBlock(int size)
{
if (compressed){
@@ -298,36 +316,56 @@ bool HMemIODev::setCompressed(bool )
return false;
}
-
-int HMemIODev::read1b()
+bool HMemIODev::read1b(unsigned char &out)
{
if (pos <= length)
- return ptr[pos++];
- else
- return 0;
+ {
+ out = ptr[pos++];
+ return true;
+ }
+ return false;
}
+bool HMemIODev::read1b(char &out)
+{
+ unsigned char tmp8;
+ if (!read1b(tmp8))
+ return false;
+ out = tmp8;
+ return true;
+}
-int HMemIODev::read2b()
+bool HMemIODev::read2b(unsigned short &out)
{
pos += 2;
if (pos <= length)
- return ptr[pos - 1] << 8 | ptr[pos - 2];
- else
- return 0;
+ {
+ out = ptr[pos - 1] << 8 | ptr[pos - 2];
+ return true;
+ }
+ return false;
}
-
-long HMemIODev::read4b()
+bool HMemIODev::read4b(unsigned int &out)
{
pos += 4;
if (pos <= length)
- return DWORD(ptr[pos - 1] << 24 | ptr[pos - 2] << 16 |
- ptr[pos - 3] << 8 | ptr[pos - 4]);
- else
- return 0;
+ {
+ out = static_cast<unsigned int>(ptr[pos - 1] << 24 | ptr[pos - 2] << 16 |
+ ptr[pos - 3] << 8 | ptr[pos - 4]);
+ return true;
+ }
+ return false;
}
+bool HMemIODev::read4b(int &out)
+{
+ unsigned int tmp32;
+ if (!read4b(tmp32))
+ return false;
+ out = tmp32;
+ return true;
+}
int HMemIODev::readBlock(void *p, int size)
{
@@ -338,7 +376,6 @@ int HMemIODev::readBlock(void *p, int size)
return size;
}
-
int HMemIODev::skipBlock(int size)
{
if (length < pos + size)
diff --git a/hwpfilter/source/hiodev.h b/hwpfilter/source/hiodev.h
index ac0ded73bde7..2e170b7b92a2 100644
--- a/hwpfilter/source/hiodev.h
+++ b/hwpfilter/source/hiodev.h
@@ -46,9 +46,11 @@ class DLLEXPORT HIODev
/* gzip routine wrapper */
virtual bool setCompressed( bool ) = 0;
- virtual int read1b() = 0;
- virtual int read2b() = 0;
- virtual long read4b() = 0;
+ virtual bool read1b(unsigned char &out) = 0;
+ virtual bool read1b(char &out) = 0;
+ virtual bool read2b(unsigned short &out) = 0;
+ virtual bool read4b(unsigned int &out) = 0;
+ virtual bool read4b(int &out) = 0;
virtual int readBlock( void *ptr, int size ) = 0;
virtual int skipBlock( int size ) = 0;
@@ -98,17 +100,19 @@ class HStreamIODev : public HIODev
* Read one byte from stream
*/
using HIODev::read1b;
- virtual int read1b();
+ virtual bool read1b(unsigned char &out);
+ virtual bool read1b(char &out);
/**
* Read 2 bytes from stream
*/
using HIODev::read2b;
- virtual int read2b();
+ virtual bool read2b(unsigned short &out);
/**
* Read 4 bytes from stream
*/
using HIODev::read4b;
- virtual long read4b();
+ virtual bool read4b(unsigned int &out);
+ virtual bool read4b(int &out);
/**
* Read some bytes from stream to given pointer as amount of size
*/
@@ -144,11 +148,13 @@ class HMemIODev : public HIODev
/* gzip routine wrapper */
virtual bool setCompressed( bool );
using HIODev::read1b;
- virtual int read1b();
+ virtual bool read1b(unsigned char &out);
+ virtual bool read1b(char &out);
using HIODev::read2b;
- virtual int read2b();
+ virtual bool read2b(unsigned short &out);
using HIODev::read4b;
- virtual long read4b();
+ virtual bool read4b(unsigned int &out);
+ virtual bool read4b(int &out);
virtual int readBlock( void *ptr, int size );
virtual int skipBlock( int size );
protected:
diff --git a/hwpfilter/source/hpara.cxx b/hwpfilter/source/hpara.cxx
index f1b374e1c8d2..8ee70f1d2282 100644
--- a/hwpfilter/source/hpara.cxx
+++ b/hwpfilter/source/hpara.cxx
@@ -31,14 +31,28 @@
bool LineInfo::Read(HWPFile & hwpf, HWPPara *pPara)
{
- pos = sal::static_int_cast<unsigned short>(hwpf.Read2b());
- space_width = (short) hwpf.Read2b();
- height = (short) hwpf.Read2b();
+ if (!hwpf.Read2b(pos))
+ return false;
+ unsigned short tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ space_width = tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ height = tmp16;
// internal information
- pgy = (short) hwpf.Read2b();
- sx = (short) hwpf.Read2b();
- psx = (short) hwpf.Read2b();
- pex = (short) hwpf.Read2b();
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ pgy = tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ sx = tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ psx = tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ pex = tmp16;
height_sp = 0;
if( pex >> 15 & 0x01 )
@@ -204,7 +218,10 @@ ParaShape *HWPPara::GetParaShape(void)
HBox *HWPPara::readHBox(HWPFile & hwpf)
{
- hchar hh = sal::static_int_cast<hchar>(hwpf.Read2b());
+ hchar hh;
+ if (!hwpf.Read2b(hh))
+ return 0;
+
HBox *hbox = 0;
if (hwpf.State() != HWP_NoError)
diff --git a/hwpfilter/source/htags.h b/hwpfilter/source/htags.h
index 591b2e1b9f3a..85f8323636c9 100644
--- a/hwpfilter/source/htags.h
+++ b/hwpfilter/source/htags.h
@@ -54,7 +54,7 @@ struct HyperText
struct OlePicture
{
int size;
- ulong signature;
+ uint signature;
#ifdef WIN32
IStorage *pis;
#else
diff --git a/hwpfilter/source/hwpfile.cxx b/hwpfilter/source/hwpfile.cxx
index 6f4cd6cfc44c..0aafaeaae25a 100644
--- a/hwpfilter/source/hwpfile.cxx
+++ b/hwpfilter/source/hwpfile.cxx
@@ -132,44 +132,55 @@ int HWPFile::Open(HStream & stream)
return HWP_NoError;
}
-
int HWPFile::State(void) const
{
return error_code;
}
-
int HWPFile::SetState(int errcode)
{
error_code = errcode;
return error_code;
}
-
-int HWPFile::Read1b(void)
+bool HWPFile::Read1b(unsigned char &out)
{
- return hiodev ? hiodev->read1b() : -1;
+ return hiodev ? hiodev->read1b(out) : false;
}
-
-int HWPFile::Read2b(void)
+bool HWPFile::Read1b(char &out)
{
- return hiodev ? hiodev->read2b() : -1;
+ unsigned char tmp8;
+ if (!Read1b(tmp8))
+ return false;
+ out = tmp8;
+ return true;
}
+bool HWPFile::Read2b(unsigned short &out)
+{
+ return hiodev ? hiodev->read2b(out) : false;
+}
-long HWPFile::Read4b(void)
+bool HWPFile::Read4b(unsigned int &out)
{
- return hiodev ? hiodev->read4b() : -1;
+ return hiodev ? hiodev->read4b(out) : false;
}
+bool HWPFile::Read4b(int &out)
+{
+ unsigned int tmp32;
+ if (!Read4b(tmp32))
+ return false;
+ out = tmp32;
+ return true;
+}
int HWPFile::Read1b(void *ptr, size_t nmemb)
{
return hiodev ? hiodev->read1b(ptr, nmemb) : 0;
}
-
int HWPFile::Read2b(void *ptr, size_t nmemb)
{
return hiodev ? hiodev->read2b(ptr, nmemb) : 0;
@@ -271,23 +282,23 @@ bool HWPFile::ReadParaList(std::list < HWPPara* > &aplist, unsigned char flag)
return true;
}
-
-bool HWPFile::TagsRead(void)
+void HWPFile::TagsRead(void)
{
- ulong tag;
- long size;
-
while (1)
{
- tag = Read4b();
- size = Read4b();
+ uint tag;
+ if (!Read4b(tag))
+ return;
+ uint size;
+ if (!Read4b(size))
+ return;
if (size <= 0 && tag > 0){
continue;
}
if (tag == FILETAG_END_OF_COMPRESSED ||
tag == FILETAG_END_OF_UNCOMPRESSED)
- return true;
+ return;
switch (tag)
{
case FILETAG_EMBEDDED_PICTURE:
@@ -311,29 +322,39 @@ bool HWPFile::TagsRead(void)
if( (size % 617) != 0 )
SkipBlock( size );
else
- for( int i = 0 ; i < size/617 ; i++)
{
- HyperText *hypert = new HyperText;
- hypert->Read(*this);
- hyperlist.push_back(hypert);
+ for( uint i = 0 ; i < size/617 ; i++)
+ {
+ HyperText *hypert = new HyperText;
+ hypert->Read(*this);
+ hyperlist.push_back(hypert);
+ }
}
break;
}
case 6:
{
ReadBlock(_hwpInfo.back_info.reserved1, 8);
- _hwpInfo.back_info.luminance = Read4b();
- _hwpInfo.back_info.contrast = Read4b();
- _hwpInfo.back_info.effect = sal::static_int_cast<char>(Read1b());
+ if (!Read4b(_hwpInfo.back_info.luminance))
+ return;
+ if (!Read4b(_hwpInfo.back_info.contrast))
+ return;
+ if (!Read1b(_hwpInfo.back_info.effect))
+ return;
ReadBlock(_hwpInfo.back_info.reserved2, 7);
ReadBlock(_hwpInfo.back_info.filename, 260);
ReadBlock(_hwpInfo.back_info.color, 3);
- unsigned short nFlag = sal::static_int_cast<unsigned short>(Read2b());
+ unsigned short nFlag;
+ if (!Read2b(nFlag))
+ return;
_hwpInfo.back_info.flag = nFlag >> 8 ;
- int nRange = Read4b();
+ int nRange;
+ if (!Read4b(nRange))
+ return;
_hwpInfo.back_info.range = nRange >> 24;
ReadBlock(_hwpInfo.back_info.reserved3, 27);
- _hwpInfo.back_info.size = Read4b();
+ if (!Read4b(_hwpInfo.back_info.size))
+ return;
_hwpInfo.back_info.data = new char[(unsigned int)_hwpInfo.back_info.size];
ReadBlock(_hwpInfo.back_info.data, _hwpInfo.back_info.size);
@@ -664,7 +685,8 @@ int HWPFile::compareParaShape(ParaShape *shape)
shape->outline == pshape->outline &&
shape->pagebreak == pshape->pagebreak)
{
- if( shape->cshape->size == pshape->cshape->size &&
+ if( shape->cshape && pshape->cshape &&
+ shape->cshape->size == pshape->cshape->size &&
shape->cshape->font[0] == pshape->cshape->font[0] &&
shape->cshape->ratio[0] == pshape->cshape->ratio[0] &&
shape->cshape->space[0] == pshape->cshape->space[0] &&
diff --git a/hwpfilter/source/hwpfile.h b/hwpfilter/source/hwpfile.h
index d6f9738f32cb..64281ab58afc 100644
--- a/hwpfilter/source/hwpfile.h
+++ b/hwpfilter/source/hwpfile.h
@@ -124,15 +124,17 @@ class DLLEXPORT HWPFile
/**
* Reads one byte from HIODev
*/
- int Read1b( void );
+ bool Read1b(char &out);
+ bool Read1b(unsigned char &out);
/**
* Reads two byte from HIODev
*/
- int Read2b( void );
+ bool Read2b(unsigned short &out);
/**
* Reads four byte from HIODev
*/
- long Read4b( void );
+ bool Read4b(unsigned int &out);
+ bool Read4b(int &out);
/**
* Reads nmemb byte array from HIODev
*/
@@ -191,7 +193,7 @@ class DLLEXPORT HWPFile
/**
* Reads additional information like embeded image of hwp file from HIODev
*/
- bool TagsRead(void);
+ void TagsRead();
enum Paper
{
diff --git a/hwpfilter/source/hwplib.h b/hwpfilter/source/hwplib.h
index da8a253c65fc..c78b0522099f 100644
--- a/hwpfilter/source/hwplib.h
+++ b/hwpfilter/source/hwplib.h
@@ -35,22 +35,11 @@ typedef unsigned char kchar;
typedef unsigned char echar;
#endif // _HCHAR_
-#if !defined(WIN32)
-#if !defined(_BOOL_T_) && !defined(OS2)
-typedef unsigned short BOOL;
-#endif /* _BOOL_T_ */
-typedef unsigned short WORD;
-typedef int SIZE;
-typedef unsigned long DWORD;
-typedef long LONG;
-#endif /* WIN32 */
-
#ifndef _UTYPE_
#define _UTYPE_
typedef unsigned char uchar;
typedef unsigned short ushort;
typedef unsigned int uint;
-typedef unsigned long ulong;
#endif /* _UTYPE_ */
typedef ::std::basic_string<hchar> hchar_string;
diff --git a/hwpfilter/source/hwpread.cxx b/hwpfilter/source/hwpread.cxx
index becdb76773a6..ba5b0a426318 100644
--- a/hwpfilter/source/hwpread.cxx
+++ b/hwpfilter/source/hwpread.cxx
@@ -61,12 +61,12 @@ int SkipData::Read(HWPFile & hwpf)
// Field code(5)
int FieldCode::Read(HWPFile & hwpf)
{
- ulong size;
+ uint size;
hchar dummy;
- ulong len1; /* hcharŸÀÔÀÇ ¹®ÀÚ¿ Å×ÀÌÅÍ #1ÀÇ ±æÀÌ */
- ulong len2; /* hcharŸÀÔÀÇ ¹®ÀÚ¿ Å×ÀÌÅÍ #2ÀÇ ±æÀÌ */
- ulong len3; /* hcharŸÀÔÀÇ ¹®ÀÚ¿ Å×ÀÌÅÍ #3ÀÇ ±æÀÌ */
- ulong binlen; /* ÀÓÀÇ Çü½ÄÀÇ ¹ÙÀ̳ʸ® µ¥ÀÌŸ ±æÀÌ */
+ uint len1; /* hchar타입의 문자열 테이터 #1의 길이 */
+ uint len2; /* hchar타입의 문자열 테이터 #2의 길이 */
+ uint len3; /* hchar타입의 문자열 테이터 #3의 길이 */
+ uint binlen; /* 임의 형식의 바이너리 데이타 길이 */
hwpf.Read4b(&size, 1);
hwpf.Read2b(&dummy, 1);
@@ -79,9 +79,9 @@ int FieldCode::Read(HWPFile & hwpf)
hwpf.Read4b(&len3, 1);
hwpf.Read4b(&binlen, 1);
- ulong const len1_ = ((len1 > 1024) ? 1024 : len1) / sizeof(hchar);
- ulong const len2_ = ((len2 > 1024) ? 1024 : len2) / sizeof(hchar);
- ulong const len3_ = ((len3 > 1024) ? 1024 : len3) / sizeof(hchar);
+ uint const len1_ = ((len1 > 1024) ? 1024 : len1) / sizeof(hchar);
+ uint const len2_ = ((len2 > 1024) ? 1024 : len2) / sizeof(hchar);
+ uint const len3_ = ((len3 > 1024) ? 1024 : len3) / sizeof(hchar);
str1 = new hchar[len1_ ? len1_ : 1];
str2 = new hchar[len2_ ? len2_ : 1];
@@ -114,14 +114,14 @@ int FieldCode::Read(HWPFile & hwpf)
return true;
}
-
// book mark(6)
int Bookmark::Read(HWPFile & hwpf)
{
long len;
hwpf.Read4b(&len, 1);
- dummy = sal::static_int_cast<hchar>(hwpf.Read2b());
+ if (!hwpf.Read2b(dummy))
+ return false;
if (!(len == 34))// 2 * (BMK_COMMENT_LEN + 1) + 2
{
@@ -133,17 +133,15 @@ int Bookmark::Read(HWPFile & hwpf)
hwpf.Read2b(id, BMK_COMMENT_LEN + 1);
hwpf.Read2b(&type, 1);
-//return hwpf.Read2b(&type, 1);
return 1;
}
-
// date format(7)
-
int DateFormat::Read(HWPFile & hwpf)
{
hwpf.Read2b(format, DATE_SIZE);
- dummy = sal::static_int_cast<hchar>(hwpf.Read2b());
+ if (!hwpf.Read2b(dummy))
+ return false;
if (!(hh == dummy && CH_DATE_FORM == dummy)){
return hwpf.SetState(HWP_InvalidFileFormat);
}
@@ -157,7 +155,8 @@ int DateCode::Read(HWPFile & hwpf)
{
hwpf.Read2b(format, DATE_SIZE);
hwpf.Read2b(date, 6);
- dummy = sal::static_int_cast<hchar>(hwpf.Read2b());
+ if (!hwpf.Read2b(dummy))
+ return false;
if (!(hh == dummy && CH_DATE_CODE == dummy)){
return hwpf.SetState(HWP_InvalidFileFormat);
}
@@ -165,30 +164,30 @@ int DateCode::Read(HWPFile & hwpf)
return true;
}
-
// tab(9)
-
int Tab::Read(HWPFile & hwpf)
{
- width = hwpf.Read2b();
- leader = sal::static_int_cast<unsigned short>(hwpf.Read2b());
- dummy = sal::static_int_cast<hchar>(hwpf.Read2b());
+ unsigned short tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ width = tmp16;
+ if (!hwpf.Read2b(leader))
+ return false;
+ if (!hwpf.Read2b(dummy))
+ return false;
if (!(hh == dummy && CH_TAB == dummy)){
return hwpf.SetState(HWP_InvalidFileFormat);
}
return true;
}
-
// tbox(10) TABLE BOX MATH BUTTON HYPERTEXT
-
static void UpdateBBox(FBox * fbox)
{
fbox->boundsy = fbox->pgy;
fbox->boundey = fbox->pgy + fbox->ys - 1;
}
-
void Cell::Read(HWPFile & hwpf)
{
hwpf.Read2b(&p, 1);
@@ -411,15 +410,24 @@ int Picture::Read(HWPFile & hwpf)
hwpf.Read2b(&cap_pos, 1); /* ĸ¼ÇÀ§Ä¡ 0 - 7 ¸Þ´º¼ø¼. */
hwpf.Read2b(&num, 1); /* ¹Ú½º¹øÈ£ 0ºÎÅÍ ½ÃÀÛÇؼ ¸Å±äÀϷùøÈ£ */
- hwpf.Read1b(&pictype, 1); /* ±×¸²Á¾·ù */
-
- skip[0] = (short) hwpf.Read2b(); /* ±×¸²¿¡¼ ½ÇÁ¦ Ç¥½Ã¸¦ ½ÃÀÛÇÒ À§Ä¡ °¡·Î */
- skip[1] = (short) hwpf.Read2b(); /* ¼¼·Î */
- scale[0] = (short) hwpf.Read2b(); /* È®´ëºñÀ² : 0 °íÁ¤, ÀÌ¿Ü ÆÛ¼¾Æ® ´ÜÀ§ °¡·Î */
- scale[1] = (short) hwpf.Read2b(); /* ¼¼·Î */
-
- hwpf.Read1b(picinfo.picun.path, 256); /* ±×¸²ÆÄÀÏ À̸§ : Á¾·ù°¡ DrawingÀÌ ¾Æ´Ò¶§. */
- hwpf.Read1b(reserved3, 9); /* ¹à±â/¸í¾Ï/±×¸²È¿°ú µî */
+ hwpf.Read1b(&pictype, 1);
+
+ unsigned short tmp16;
+ if (!hwpf.Read2b(tmp16)) /* 그림에서 실제 표시를 시작할 위치 가로 */
+ return false;
+ skip[0] = tmp16;
+ if (!hwpf.Read2b(tmp16)) /* 세로 */
+ return false;
+ skip[1] = tmp16;
+ if (!hwpf.Read2b(tmp16)) /* 확대비율 : 0 고정, 이외 퍼센트 단위 가로 */
+ return false;
+ scale[0] = tmp16;
+ if (!hwpf.Read2b(tmp16)) /* 세로 */
+ return false;
+ scale[1] = tmp16;
+
+ hwpf.Read1b(picinfo.picun.path, 256);
+ hwpf.Read1b(reserved3, 9);
UpdateBBox(this);
if( pictype != PICTYPE_DRAW )
@@ -589,7 +597,10 @@ int Footnote::Read(HWPFile & hwpf)
hwpf.Read1b(info, 8);
hwpf.Read2b(&number, 1);
hwpf.Read2b(&type, 1);
- width = (short) hwpf.Read2b();
+ unsigned short tmp16;
+ if (!hwpf.Read2b(tmp16))
+ return false;
+ width = tmp16;
hwpf.ReadParaList(plist, CH_FOOTNOTE);
return !hwpf.State();
commit f0a5642def9d402f89f2a819f9f8cc6eb78da3fd
Author: Caolán McNamara <caolanm at redhat.com>
Date: Sun May 27 15:34:06 2018 +0200
Fix CID#982602 to CID#982608 using invalid iterator
Change-Id: Ie254ff9c653b88be45680e547759b1ae58b4c0c8
diff --git a/hwpfilter/source/hwpfile.cxx b/hwpfilter/source/hwpfile.cxx
index 0082693f7b16..6f4cd6cfc44c 100644
--- a/hwpfilter/source/hwpfile.cxx
+++ b/hwpfilter/source/hwpfile.cxx
@@ -399,7 +399,7 @@ HyperText *HWPFile::GetHyperText()
}
currenthyper++;
- return *it;
+ return it != hyperlist.end() ? *it : NULL;
}
EmPicture *HWPFile::GetEmPicture(Picture * pic)
@@ -455,7 +455,7 @@ ParaShape *HWPFile::getParaShape(int index)
break;
}
- return *it;
+ return it != pslist.end() ? *it : NULL;
}
@@ -468,7 +468,7 @@ CharShape *HWPFile::getCharShape(int index)
break;
}
- return *it;
+ return it != cslist.end() ? *it : 0;
}
@@ -481,7 +481,7 @@ FBoxStyle *HWPFile::getFBoxStyle(int index)
break;
}
- return *it;
+ return it != fbslist.end() ? *it : 0;
}
DateCode *HWPFile::getDateCode(int index)
@@ -505,7 +505,7 @@ HeaderFooter *HWPFile::getHeaderFooter(int index)
break;
}
- return *it;
+ return it != headerfooters.end() ? *it : NULL;
}
ShowPageNum *HWPFile::getPageNumber(int index)
@@ -517,7 +517,7 @@ ShowPageNum *HWPFile::getPageNumber(int index)
break;
}
- return *it;
+ return it != pagenumbers.end() ? *it : NULL;
}
@@ -530,7 +530,7 @@ Table *HWPFile::getTable(int index)
break;
}
- return *it;
+ return it != tables.end() ? *it : NULL;
}
void HWPFile::AddParaShape(ParaShape * pshape)
More information about the Libreoffice-commits
mailing list