[Libreoffice-commits] core.git: sot/source

[Caolán McNamara (via logerrit)]

 sot/source/sdstor/stgelem.cxx |    4 ++--
 sot/source/sdstor/stgio.cxx   |   12 +++++++++++-
 2 files changed, 13 insertions(+), 3 deletions(-)

New commits:
commit 974ffa79b0fef4ca76558bb8b16bce84af3aaf6c
Author:     Caolán McNamara <caolanm at redhat.com>
AuthorDate: Tue Dec 22 10:09:17 2020 +0000
Commit:     Caolán McNamara <caolanm at redhat.com>
CommitDate: Tue Dec 22 13:20:20 2020 +0100

    oss-fuzz: xlsxfuzzer doesn't pass sanity check
    
    Step #5:     #6 0xc1f47cf in __cxa_throw (/tmp/not-out/xlsxfuzzer+0xc1f47cf)
    Step #5:     #7 0x4602309 in SvStream::ReadUInt32(unsigned int&) (/tmp/not-out/xlsxfuzzer+0x4602309)
    Step #5:     #8 0x33d288f in ReadClsId(SvStream&, SvGUID&) (/tmp/not-out/xlsxfuzzer+0x33d288f)
    Step #5:     #9 0x33d328d in StgHeader::Load(SvStream&) (/tmp/not-out/xlsxfuzzer+0x33d328d)
    Step #5:     #10 0x33d3204 in StgHeader::Load(StgIo&) (/tmp/not-out/xlsxfuzzer+0x33d3204)
    Step #5:     #11 0x33d5d8d in StgIo::Load() (/tmp/not-out/xlsxfuzzer+0x33d5d8d)
    Step #5:     #12 0x33b2e01 in Storage::Init(bool) (/tmp/not-out/xlsxfuzzer+0x33b2e01)
    Step #5:     #13 0x33b33c8 in Storage::Storage(SvStream&, bool) (/tmp/not-out/xlsxfuzzer+0x33b33c8)
    Step #5:     #14 0x9b3d5b1 in OLESimpleStorage::OLESimpleStorage(com::sun::star::uno::Reference<com::sun::star::uno::XComponentContext> const&,
    
    Change-Id: Ibc03107373f5558f47894fffc34169218e4aff12
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108151
    Tested-by: Jenkins
    Reviewed-by: Caolán McNamara <caolanm at redhat.com>

diff --git a/sot/source/sdstor/stgelem.cxx b/sot/source/sdstor/stgelem.cxx
index ff41d8d70f9c..3b946f4c77b4 100644
--- a/sot/source/sdstor/stgelem.cxx
+++ b/sot/source/sdstor/stgelem.cxx
@@ -126,9 +126,9 @@ bool StgHeader::Load( SvStream& r )
 {
     r.Seek( 0 );
     r.ReadBytes( m_cSignature, 8 );
-    ReadClsId( r, m_aClsId );         // 08 Class ID
+    ReadClsId( r, m_aClsId );                   // 08 Class ID
     r.ReadInt32( m_nVersion )                   // 1A version number
-     .ReadUInt16( m_nByteOrder )                 // 1C Unicode byte order indicator
+     .ReadUInt16( m_nByteOrder )                // 1C Unicode byte order indicator
      .ReadInt16( m_nPageSize )                  // 1E 1 << nPageSize = block size
      .ReadInt16( m_nDataPageSize );             // 20 1 << this size == data block size
     if (!r.good())
diff --git a/sot/source/sdstor/stgio.cxx b/sot/source/sdstor/stgio.cxx
index 7d90c490c634..c4294924697a 100644
--- a/sot/source/sdstor/stgio.cxx
+++ b/sot/source/sdstor/stgio.cxx
@@ -55,7 +55,17 @@ bool StgIo::Load()
 {
     if( GetStrm() )
     {
-        if( m_aHdr.Load( *this ) )
+        bool bLoaded;
+        try
+        {
+            bLoaded = m_aHdr.Load(*this);
+        }
+        catch (const SvStreamEOFException&)
+        {
+            SAL_WARN("sot", "EOF");
+            bLoaded = false;
+        }
+        if (bLoaded)
         {
             if( m_aHdr.Check() )
                 SetupStreams();