[Libreoffice-commits] core.git: comphelper/source
Caolán McNamara (via logerrit)
logerrit at kemper.freedesktop.org
Sun Nov 3 20:43:20 UTC 2019
comphelper/source/misc/backupfilehelper.cxx | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
New commits:
commit f59630c6315031cfc44c0f21cc9a1cd151b81ff0
Author: Caolán McNamara <caolanm at redhat.com>
AuthorDate: Sat Nov 2 20:34:50 2019 +0000
Commit: Caolán McNamara <caolanm at redhat.com>
CommitDate: Sun Nov 3 21:42:07 2019 +0100
cid#1448412 Untrusted value as argument
Change-Id: I89196af1fc823ef9fcf1e5a9cdb4ee07d72d6600
Reviewed-on: https://gerrit.libreoffice.org/81950
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
diff --git a/comphelper/source/misc/backupfilehelper.cxx b/comphelper/source/misc/backupfilehelper.cxx
index 5421f1510ba4..464fbeb89048 100644
--- a/comphelper/source/misc/backupfilehelper.cxx
+++ b/comphelper/source/misc/backupfilehelper.cxx
@@ -154,7 +154,19 @@ namespace
return false;
}
- std::vector< sal_Char > aTarget(nLength);
+ sal_uInt64 nPos;
+ if (osl::File::E_None != rFile->getPos(nPos))
+ return false;
+
+ sal_uInt64 nSize;
+ if (osl::File::E_None != rFile->getSize(nSize))
+ return false;
+
+ const auto nRemainingSize = nSize - nPos;
+ if (nLength > nRemainingSize)
+ return false;
+
+ std::vector<sal_Char> aTarget(nLength);
sal_uInt64 nBaseRead(0);
// read rTarget
More information about the Libreoffice-commits
mailing list