[Libreoffice-commits] core.git: sw/source

[Stephan Bergmann (via logerrit)]

 sw/source/filter/html/svxcss1.cxx |    9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

New commits:
commit 547c8a8a8935204bed319b959dd040d6413bdf74
Author:     Stephan Bergmann <sbergman at redhat.com>
AuthorDate: Thu Jun 13 20:21:20 2019 +0200
Commit:     Stephan Bergmann <sbergman at redhat.com>
CommitDate: Thu Jun 13 22:17:46 2019 +0200

    Avoid -fsanitize=float-cast-overflow
    
    ...as happens when loading xhtml/kde143045-4.xhtml as obtained via
    bin/get-bugzilla-attachments-by-mimetype (i.e., the attachment at
    <https://bugs.kde.org/show_bug.cgi?id=143045#c4>):
    
    > sw/source/filter/html/svxcss1.cxx:1424:60: runtime error: -5000 is outside the range of representable values of type 'unsigned long'
    >  #0 in ParseCSS1_background(CSS1Expression const*, SfxItemSet&, SvxCSS1PropertyInfo&, SvxCSS1Parser const&) at sw/source/filter/html/svxcss1.cxx:1424:60
    >  #1 in SvxCSS1Parser::DeclarationParsed(rtl::OUString const&, std::unique_ptr<CSS1Expression, std::default_delete<CSS1Expression> >) at sw/source/filter/html/svxcss1.cxx:3156:9
    >  #2 in CSS1Parser::ParseRule() at sw/source/filter/html/parcss1.cxx:774:5
    >  #3 in CSS1Parser::ParseStyleSheet() at sw/source/filter/html/parcss1.cxx:719:13
    
    Conversion to integral type (which truncates) was always there at least since
    7b0b5cdfeed656b279bc32cd929630d5fc25878b "initial import".  It is unclear to me
    whether that's really relevant or wanted, but lets keep that behavior with an
    explicit std::trunc.
    
    Change-Id: Ib3b99a89e460850a992b403982e2797d24eee65b
    Reviewed-on: https://gerrit.libreoffice.org/73980
    Tested-by: Jenkins
    Reviewed-by: Stephan Bergmann <sbergman at redhat.com>

diff --git a/sw/source/filter/html/svxcss1.cxx b/sw/source/filter/html/svxcss1.cxx
index b956bb401a9e..c1ecd4315b16 100644
--- a/sw/source/filter/html/svxcss1.cxx
+++ b/sw/source/filter/html/svxcss1.cxx
@@ -17,6 +17,9 @@
  *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
  */
 
+#include <sal/config.h>
+
+#include <cmath>
 #include <memory>
 #include <stdlib.h>
 
@@ -1421,15 +1424,15 @@ static void ParseCSS1_background( const CSS1Expression *pExpr,
                 // only distinguish between 0 and !0. Therefore pixel
                 // can be handled like all other units.
 
-                sal_uLong nLength = static_cast<sal_uLong>(pExpr->GetNumber());
+                bool nonZero = std::trunc(pExpr->GetNumber()) != 0.0;
                 if( !bHori )
                 {
-                    ePos = nLength ? GPOS_MM : GPOS_LT;
+                    ePos = nonZero ? GPOS_MM : GPOS_LT;
                     bHori = true;
                 }
                 else if( !bVert )
                 {
-                    MergeVert( ePos, (nLength ? GPOS_LM : GPOS_LT) );
+                    MergeVert( ePos, (nonZero ? GPOS_LM : GPOS_LT) );
                     bVert = true;
                 }
             }