[Libreoffice-commits] core.git: filter/source include/sal

[Caolán McNamara (via logerrit)]

 filter/source/graphicfilter/ipcx/ipcx.cxx |   12 +++++++++++-
 include/sal/log-areas.dox                 |    1 +
 2 files changed, 12 insertions(+), 1 deletion(-)

New commits:
commit 898993aa62276f59480df8af1da4bad530829b56
Author:     Caolán McNamara <caolanm at redhat.com>
AuthorDate: Tue Dec 22 09:49:57 2020 +0000
Commit:     Caolán McNamara <caolanm at redhat.com>
CommitDate: Tue Dec 22 13:18:48 2020 +0100

    oss-fuzz: pcxfuzzer doesn't pass sanity check
    
    Step #5:     #6 0x63cce7f in __cxa_throw (/tmp/not-out/pcxfuzzer+0x63cce7f)
    Step #5:     #7 0x4f13aa in SvStream::ReadUInt16(unsigned short&) (/tmp/not-out/pcxfuzzer+0x4f13aa)
    Step #5:     #8 0x1d86707 in (anonymous namespace)::PCXReader::ImplReadHeader() (/tmp/not-out/pcxfuzzer+0x1d86707)
    Step #5:     #9 0x1d858b1 in (anonymous namespace)::PCXReader::ReadPCX(Graphic&) (/tmp/not-out/pcxfuzzer+0x1d858b1)
    Step #5:     #10 0x1d85496 in ipxGraphicImport (/tmp/not-out/pcxfuzzer+0x1d85496)
    Step #5:     #11 0x4e3ab5 in LLVMFuzzerTestOneInput (/tmp/not-out/pcxfuzzer+0x4e3ab5)
    Step #5:     #12 0x30a5a86 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/tmp/not-out/pcxfuzzer+0x30a5a86)
    Step #5:     #13 0x30a3a31 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) (/tmp/not-out/pcxfuzzer+0x30a3a31)
    Step #5:     #14 0x30a8666 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__1::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) (/tmp/not-out/pcxfuzzer+0x30a8666)
    Step #5:     #15 0x30a92b5 in fuzzer::Fuzzer::Loop(std::__1::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) (/tmp/not-out/pcxfuzzer+0x30a92b5)
    Step #5:     #16 0x306d4c7 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/tmp/not-out/pcxfuzzer+0x306d4c7)
    Step #5:     #17 0x305ea37 in main (/tmp/not-out/pcxfuzzer+0x305ea37)
    
    Change-Id: I4c70f8879c7fb1f9bcd1c857c5fcad9bcaf8d142
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108148
    Tested-by: Caolán McNamara <caolanm at redhat.com>
    Reviewed-by: Caolán McNamara <caolanm at redhat.com>

diff --git a/filter/source/graphicfilter/ipcx/ipcx.cxx b/filter/source/graphicfilter/ipcx/ipcx.cxx
index 67cbc947fefc..1c012a8f78b9 100644
--- a/filter/source/graphicfilter/ipcx/ipcx.cxx
+++ b/filter/source/graphicfilter/ipcx/ipcx.cxx
@@ -19,6 +19,7 @@
 
 
 #include <memory>
+#include <sal/log.hxx>
 #include <vcl/graph.hxx>
 #include <vcl/BitmapTools.hxx>
 #include <tools/stream.hxx>
@@ -402,7 +403,16 @@ extern "C" SAL_DLLPUBLIC_EXPORT bool
 ipxGraphicImport( SvStream & rStream, Graphic & rGraphic, FilterConfigItem* )
 {
     PCXReader aPCXReader(rStream);
-    bool bRetValue = aPCXReader.ReadPCX(rGraphic);
+    bool bRetValue;
+    try
+    {
+        bRetValue = aPCXReader.ReadPCX(rGraphic);
+    }
+    catch (const SvStreamEOFException&)
+    {
+        SAL_WARN("filter.pcx", "EOF");
+        bRetValue = false;
+    }
     if ( !bRetValue )
         rStream.SetError( SVSTREAM_FILEFORMAT_ERROR );
     return bRetValue;
diff --git a/include/sal/log-areas.dox b/include/sal/log-areas.dox
index 4a602a604e9e..871e57319f6d 100644
--- a/include/sal/log-areas.dox
+++ b/include/sal/log-areas.dox
@@ -228,6 +228,7 @@ certain functionality.
 @li @c filter.ms - escher import/export
 @li @c filter.odfflatxml
 @li @c filter.os2met
+ at li @c filter.pcx
 @li @c filter.pdf
 @li @c filter.pict
 @li @c filter.ras