[Libreoffice-commits] core.git: Branch 'distro/lhm/libreoffice-5-2+backports' - 2 commits - include/sfx2 sfx2/source
Caolán McNamara (via logerrit)
logerrit at kemper.freedesktop.org
Sat Jul 27 22:17:07 UTC 2019
include/sfx2/objsh.hxx | 2 ++
sfx2/source/doc/objmisc.cxx | 33 ++++++++++++++++++++++++++++-----
sfx2/source/notify/eventsupplier.cxx | 18 ++++++++++++------
3 files changed, 42 insertions(+), 11 deletions(-)
New commits:
commit 9323b4ff84ffcd33ced656d5277982add00a9b17
Author: Caolán McNamara <caolanm at redhat.com>
AuthorDate: Fri Jul 26 13:25:31 2019 +0100
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Sun Jul 28 00:16:26 2019 +0200
decode url escape codes and check each path segment
Change-Id: Ie8f7cef912e8dacbc2a0bca73534a7a242a53ca1
Reviewed-on: https://gerrit.libreoffice.org/76378
Reviewed-by: Stephan Bergmann <sbergman at redhat.com>
Tested-by: Jenkins
(cherry picked from commit 7942929685fafb0f9c82feb8da7279e5103c87f0)
Reviewed-on: https://gerrit.libreoffice.org/76453
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index 330c475efb8b..d500ce76211a 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -54,6 +54,8 @@
#include <com/sun/star/script/provider/XScriptProvider.hpp>
#include <com/sun/star/script/provider/XScriptProviderSupplier.hpp>
#include <com/sun/star/ucb/SimpleFileAccess.hpp>
+#include <com/sun/star/uri/UriReferenceFactory.hpp>
+#include <com/sun/star/uri/XVndSunStarScriptUrlReference.hpp>
#include <com/sun/star/util/XModifiable.hpp>
#include <toolkit/helper/vclunohelper.hxx>
@@ -1464,7 +1466,32 @@ namespace
// don't allow LibreLogo to be used with our mouseover/etc dom-alike events
bool SfxObjectShell::UnTrustedScript(const OUString& rScriptURL)
{
- return rScriptURL.startsWithIgnoreAsciiCase("vnd.sun.star.script:LibreLogo");
+ if (!rScriptURL.startsWith("vnd.sun.star.script:"))
+ return false;
+
+ // ensure URL Escape Codes are decoded
+ css::uno::Reference<css::uri::XUriReference> uri(
+ css::uri::UriReferenceFactory::create(comphelper::getProcessComponentContext())->parse(rScriptURL));
+ css::uno::Reference<css::uri::XVndSunStarScriptUrl> sfUri(uri, css::uno::UNO_QUERY);
+
+ if (!sfUri.is())
+ return false;
+
+ OUString sScript = sfUri->getName();
+
+ // check if any path portion matches LibreLogo and ban it if it does
+ sal_Int32 nIndex = 0;
+ do
+ {
+ OUString aToken = sScript.getToken(0, '/', nIndex);
+ if (aToken.startsWithIgnoreAsciiCase("LibreLogo"))
+ {
+ return true;
+ }
+ }
+ while (nIndex >= 0);
+
+ return false;
}
ErrCode SfxObjectShell::CallXScript( const Reference< XInterface >& _rxScriptContext, const OUString& _rScriptURL,
commit 20465aeb082ea239239f598d42041c35b55598d6
Author: Caolán McNamara <caolanm at redhat.com>
AuthorDate: Tue Jul 23 15:31:05 2019 +0100
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Sun Jul 28 00:16:09 2019 +0200
expand LibreLogo check to global events
Reviewed-on: https://gerrit.libreoffice.org/76189
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
(cherry picked from commit 4a66c7eda6ccde26a42c4e31725248c59940255d)
Change-Id: I7f436983ba0eb4b76b02d08ee52626e54b103d5f
(cherry picked from commit e5702eefdfe6d44a92fdfb3c6a3ff47fec83ee49)
Reviewed-on: https://gerrit.libreoffice.org/76452
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
diff --git a/include/sfx2/objsh.hxx b/include/sfx2/objsh.hxx
index 24b1d82862f9..83b5eb654618 100644
--- a/include/sfx2/objsh.hxx
+++ b/include/sfx2/objsh.hxx
@@ -409,6 +409,8 @@ public:
*/
bool AdjustMacroMode();
+ static bool UnTrustedScript(const OUString& rScriptURL);
+
SvKeyValueIterator* GetHeaderAttributes();
void ClearHeaderAttributesForSourceViewHack();
void SetHeaderAttributesForSourceViewHack();
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index 3016315cd17b..330c475efb8b 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -1461,16 +1461,12 @@ namespace
}
}
-namespace {
-
// don't allow LibreLogo to be used with our mouseover/etc dom-alike events
-bool UnTrustedScript(const OUString& rScriptURL)
+bool SfxObjectShell::UnTrustedScript(const OUString& rScriptURL)
{
return rScriptURL.startsWithIgnoreAsciiCase("vnd.sun.star.script:LibreLogo");
}
-}
-
ErrCode SfxObjectShell::CallXScript( const Reference< XInterface >& _rxScriptContext, const OUString& _rScriptURL,
const Sequence< Any >& aParams, Any& aRet, Sequence< sal_Int16 >& aOutParamIndex, Sequence< Any >& aOutParam, bool bRaiseError, const css::uno::Any* pCaller )
{
diff --git a/sfx2/source/notify/eventsupplier.cxx b/sfx2/source/notify/eventsupplier.cxx
index a2796becd1f8..63d9cb909345 100644
--- a/sfx2/source/notify/eventsupplier.cxx
+++ b/sfx2/source/notify/eventsupplier.cxx
@@ -213,18 +213,24 @@ void SfxEvents_Impl::Execute( uno::Any& aEventData, const document::DocumentEven
else if (aType == "Service" ||
aType == "Script")
{
- if ( !aScript.isEmpty() )
+ bool bAllowed = false;
+ util::URL aURL;
+ if (!aScript.isEmpty())
{
- SfxViewFrame* pView = pDoc ?
- SfxViewFrame::GetFirst( pDoc ) :
- SfxViewFrame::Current();
-
uno::Reference < util::XURLTransformer > xTrans( util::URLTransformer::create( ::comphelper::getProcessComponentContext() ) );
- util::URL aURL;
aURL.Complete = aScript;
xTrans->parseStrict( aURL );
+ bAllowed = !SfxObjectShell::UnTrustedScript(aURL.Complete);
+ }
+
+ if (bAllowed)
+ {
+ SfxViewFrame* pView = pDoc ?
+ SfxViewFrame::GetFirst( pDoc ) :
+ SfxViewFrame::Current();
+
uno::Reference
< frame::XDispatchProvider > xProv;
More information about the Libreoffice-commits
mailing list