[Libreoffice-commits] core.git: Branch 'feature/cib_contract138c' - 16 commits - basctl/source comphelper/source configure.ac download.lst external/icu external/libxml2 external/libxslt external/nss external/poppler external/python3 framework/source oox/source package/source sal/osl sdext/source sfx2/source shell/source
Thorsten Behrens (via logerrit)
logerrit at kemper.freedesktop.org
Wed May 27 20:28:22 UTC 2020
basctl/source/basicide/baside2.cxx | 16
comphelper/source/misc/docpasswordhelper.cxx | 72 ++++
configure.ac | 4
download.lst | 20 -
external/icu/ExternalProject_icu.mk | 5
external/icu/UnpackedTarball_icu.mk | 1
external/icu/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca.patch.2 | 30 +
external/libxml2/libxml2-android.patch | 2
external/libxml2/libxml2-config.patch.1 | 46 --
external/libxslt/UnpackedTarball_libxslt.mk | 2
external/libxslt/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1 | 120 -------
external/libxslt/e2584eed1c84c18f16e42188c30d2c3d8e3e8853.patch.1 | 69 ++++
external/libxslt/libxslt-config.patch.1 | 18 -
external/libxslt/libxslt-internal-symbols.patch.1 | 8
external/nss/UnpackedTarball_nss.mk | 3
external/nss/clang-cl.patch.0 | 2
external/nss/nss.aix.patch | 2
external/nss/nss.fix-freebl-add-lcc-support.patch.1 | 11
external/nss/nss.patch | 14
external/nss/nss.vs2015.pdb.patch | 4
external/poppler/0001-ImageStream-getLine-fix-crash-on-broken-files.patch.1 | 27 -
external/poppler/0001-Revert-Make-the-mul-tables-be-calculated-at-compile-.patch.1 | 169 ++++++++++
external/poppler/StaticLibrary_poppler.mk | 1
external/poppler/UnpackedTarball_poppler.mk | 4
external/poppler/poppler-config.patch.1 | 19 -
external/python3/ExternalProject_python3.mk | 6
external/python3/UnpackedTarball_python3.mk | 2
external/python3/python-3.3.5-pyexpat-symbols.patch.1 | 28 -
external/python3/python-3.5.7-c99.patch.1 | 62 ---
framework/source/services/autorecovery.cxx | 32 +
oox/source/ole/vbaproject.cxx | 1
package/source/xstor/owriteablestream.cxx | 8
package/source/xstor/owriteablestream.hxx | 3
package/source/xstor/xstorage.cxx | 2
sal/osl/w32/process.cxx | 6
sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx | 25 +
sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx | 14
sfx2/source/appl/appopen.cxx | 17 +
sfx2/source/dialog/filedlghelper.cxx | 18 -
shell/source/win32/SysShExec.cxx | 6
40 files changed, 530 insertions(+), 369 deletions(-)
New commits:
commit a957ae1045ede8e1193924b5d0cd3de39c7aed0b
Author: Thorsten Behrens <Thorsten.Behrens at CIB.de>
AuthorDate: Wed May 27 22:25:53 2020 +0200
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 22:27:32 2020 +0200
Release 6.2.9.8
Change-Id: I46c542a4b8af6b52ebb9672f955677039df2fcd9
diff --git a/configure.ac b/configure.ac
index b9747e40c1ec..5a73c8ad68ae 100644
--- a/configure.ac
+++ b/configure.ac
@@ -9,7 +9,7 @@ dnl in order to create a configure script.
# several non-alphanumeric characters, those are split off and used only for the
# ABOUTBOXPRODUCTVERSIONSUFFIX in openoffice.lst. Why that is necessary, no idea.
-AC_INIT([LibreOffice],[6.2.9.7],[],[],[http://documentfoundation.org/])
+AC_INIT([LibreOffice],[6.2.9.8],[],[],[http://documentfoundation.org/])
AC_PREREQ([2.59])
commit d916b6d7a318b4664d4d1e7dc777ac639332e7da
Author: Vasily Melenchuk <vasily.melenchuk at cib.de>
AuthorDate: Mon Feb 17 10:52:11 2020 +0300
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 22:27:32 2020 +0200
tdf#129096: Document Recovery: Use TypeDetection on load
Loading of recovered document happend before via XFilter::filter
is not updating media descriptor of document. But this is
important for password protected documents to store entered password
and used encryption type.
To avoid this problem let's use TypeDetection which during its work
will ask user for password and store all the info in modified media
descriptor before actual recovery attempt.
Change-Id: Ide2ebf0955e0937cdc7c9d7165593b71f904649b
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/88844
Reviewed-by: Mike Kaganski <mike.kaganski at collabora.com>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Tested-by: Jenkins
(cherry picked from commit 8461127750e1fe92a615409505256132e54fb8e8)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/89789
Reviewed-by: Vasily Melenchuk <vasily.melenchuk at cib.de>
(cherry picked from commit b05c87f00433987b10542866696f0b4aaad015cc)
diff --git a/framework/source/services/autorecovery.cxx b/framework/source/services/autorecovery.cxx
index da6c33022c23..8dce1f8c994c 100644
--- a/framework/source/services/autorecovery.cxx
+++ b/framework/source/services/autorecovery.cxx
@@ -56,6 +56,7 @@
#include <com/sun/star/beans/PropertyAttribute.hpp>
#include <com/sun/star/document/XDocumentPropertiesSupplier.hpp>
#include <com/sun/star/document/XDocumentRecovery.hpp>
+#include <com/sun/star/document/XExtendedFilterDetection.hpp>
#include <com/sun/star/util/XCloseable.hpp>
#include <com/sun/star/awt/XWindow2.hpp>
#include <com/sun/star/task/XStatusIndicatorFactory.hpp>
@@ -3355,6 +3356,37 @@ void AutoRecovery::implts_openOneDoc(const OUString& sURL ,
}
else
{
+ OUString sFilterName;
+ lDescriptor[utl::MediaDescriptor::PROP_FILTERNAME()] >>= sFilterName;
+ if (!sFilterName.isEmpty()
+ && ( sFilterName == "Calc MS Excel 2007 XML"
+ || sFilterName == "Impress MS PowerPoint 2007 XML"
+ || sFilterName == "MS Word 2007 XML"))
+ // TODO: Propbably need to check other affected formats + templates?
+ {
+ // tdf#129096: in case of recovery of password protected OOXML document it is done not
+ // the same way as ordinal loading. Inside XDocumentRecovery::recoverFromFile
+ // there is a call to XFilter::filter which has constant media descriptor and thus
+ // all encryption data used in document is lost. To avoid this try to walkaround
+ // with explicit call to FormatDetector. It will try to load document, prompt for password
+ // and store this info in media descriptor we will use for recoverFromFile call.
+ Reference< css::document::XExtendedFilterDetection > xDetection(
+ m_xContext->getServiceManager()->createInstanceWithContext(
+ "com.sun.star.comp.oox.FormatDetector", m_xContext),
+ UNO_QUERY_THROW);
+ lDescriptor[utl::MediaDescriptor::PROP_URL()] <<= sURL;
+ Sequence< css::beans::PropertyValue > aDescriptorSeq = lDescriptor.getAsConstPropertyValueList();
+ OUString sType = xDetection->detect(aDescriptorSeq);
+
+ OUString sNewFilterName;
+ lDescriptor[utl::MediaDescriptor::PROP_FILTERNAME()] >>= sNewFilterName;
+ if (!sType.isEmpty() && sNewFilterName == sFilterName)
+ {
+ // Filter detection was okay, update media descriptor with one received from FilterDetect
+ lDescriptor = aDescriptorSeq;
+ }
+ }
+
// let it recover itself
Reference< XDocumentRecovery > xDocRecover( xModel, UNO_QUERY_THROW );
xDocRecover->recoverFromFile(
commit ef9f8bb874c77063c2410cb91315c8e76c38019e
Author: Mike Kaganski <mike.kaganski at collabora.com>
AuthorDate: Fri Jan 3 22:40:07 2020 +0300
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 22:27:32 2020 +0200
tdf#93389: keep encryption information for autorecovered MS formats
The autorecovery data is stored in ODF, regardless of the original
document format. When restoring, type detection generates ODF data,
which is stored in the media descriptor attached to document, even
after real filter was restored (see AutoRecovery::implts_openDocs).
If real filter is not ODF, then at the save time, it doesn't find
necessary information in encryption data, and makes not encrypted
package.
This patch adds both MS binary data, and OOXML data, to existing
ODF data for recovered password-protected documents (regardless of
their real filter).
TODO: only add required information to encryption data: pass real
filter name to DocPasswordHelper::requestAndVerifyDocPassword from
AutoRecovery::implts_openDocs.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86201
Reviewed-by: Mike Kaganski <mike.kaganski at collabora.com>
Tested-by: Mike Kaganski <mike.kaganski at collabora.com>
(cherry picked from commit dd198398b6e5c84ab1255a90ef96e6445b66a64f)
Conflicts:
comphelper/source/misc/docpasswordhelper.cxx
Change-Id: I4717f067ad3c40167312b99eefef5584a467bfed
(cherry picked from commit 6017cdff264afc3b98beeba1330d6df28102fe7a)
diff --git a/comphelper/source/misc/docpasswordhelper.cxx b/comphelper/source/misc/docpasswordhelper.cxx
index 9963e90309d4..d888a352858d 100644
--- a/comphelper/source/misc/docpasswordhelper.cxx
+++ b/comphelper/source/misc/docpasswordhelper.cxx
@@ -25,6 +25,7 @@
#include <comphelper/storagehelper.hxx>
#include <comphelper/hash.hxx>
#include <comphelper/base64.hxx>
+#include <comphelper/propertysequence.hxx>
#include <comphelper/sequence.hxx>
#include <com/sun/star/beans/NamedValue.hpp>
#include <com/sun/star/beans/PropertyValue.hpp>
@@ -431,6 +432,25 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
OUString aPassword;
DocPasswordVerifierResult eResult = DocPasswordVerifierResult::WrongPassword;
+ sal_Int32 nMediaEncDataCount = rMediaEncData.getLength();
+
+ // tdf#93389: if the document is being restored from autorecovery, we need to add encryption
+ // data also for real document type.
+ // TODO: get real filter name here (from CheckPasswd_Impl), to only add necessary data
+ bool bForSalvage = false;
+ if (nMediaEncDataCount)
+ {
+ for (auto& val : rMediaEncData)
+ {
+ if (val.Name == "ForSalvage")
+ {
+ --nMediaEncDataCount; // don't consider this element below
+ val.Value >>= bForSalvage;
+ break;
+ }
+ }
+ }
+
// first, try provided default passwords
if( pbIsDefaultPassword )
*pbIsDefaultPassword = false;
@@ -455,7 +475,7 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
// try media encryption data (skip, if result is OK or ABORT)
if( eResult == DocPasswordVerifierResult::WrongPassword )
{
- if( rMediaEncData.getLength() > 0 )
+ if (nMediaEncDataCount)
{
eResult = rVerifier.verifyEncryptionData( rMediaEncData );
if( eResult == DocPasswordVerifierResult::OK )
@@ -514,6 +534,26 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
aEncData = comphelper::concatSequences(
aEncData, OStorageHelper::CreatePackageEncryptionData(aPassword));
}
+
+ if (bForSalvage)
+ {
+ // TODO: add individual methods for different target filter, and only call what's needed
+
+ // 1. Prepare binary MS formats encryption data
+ auto aUniqueID = GenerateRandomByteSequence(16);
+ auto aEnc97Key = GenerateStd97Key(aPassword.getStr(), aUniqueID);
+ // 2. Add MS binary and OOXML encryption data to result
+ uno::Sequence< beans::NamedValue > aContainer(3);
+ aContainer[0].Name = "STD97EncryptionKey";
+ aContainer[0].Value <<= aEnc97Key;
+ aContainer[1].Name = "STD97UniqueID";
+ aContainer[1].Value <<= aUniqueID;
+ aContainer[2].Name = "OOXPassword";
+ aContainer[2].Value <<= aPassword;
+
+ aEncData = comphelper::concatSequences(
+ aEncData, aContainer);
+ }
}
return (eResult == DocPasswordVerifierResult::OK) ? aEncData : uno::Sequence< beans::NamedValue >();
diff --git a/package/source/xstor/owriteablestream.cxx b/package/source/xstor/owriteablestream.cxx
index 8fe6446b50db..5e5fe05f7e11 100644
--- a/package/source/xstor/owriteablestream.cxx
+++ b/package/source/xstor/owriteablestream.cxx
@@ -80,9 +80,11 @@ struct WSInternalData_Impl
namespace package
{
-bool PackageEncryptionDatasEqual( const ::comphelper::SequenceAsHashMap& aHash1, const ::comphelper::SequenceAsHashMap& aHash2 )
+bool PackageEncryptionDataLessOrEqual( const ::comphelper::SequenceAsHashMap& aHash1, const ::comphelper::SequenceAsHashMap& aHash2 )
{
- bool bResult = !aHash1.empty() && aHash1.size() == aHash2.size();
+ // tdf#93389: aHash2 may contain more than in aHash1, if it contains also data for other package
+ // formats (as in case of autorecovery)
+ bool bResult = !aHash1.empty() && aHash1.size() <= aHash2.size();
for ( ::comphelper::SequenceAsHashMap::const_iterator aIter = aHash1.begin();
bResult && aIter != aHash1.end();
++aIter )
@@ -1161,7 +1163,7 @@ uno::Reference< io::XStream > OWriteStream_Impl::GetStream( sal_Int32 nStreamMod
if ( m_bHasCachedEncryptionData )
{
- if ( !::package::PackageEncryptionDatasEqual( m_aEncryptionData, aEncryptionData ) )
+ if ( !::package::PackageEncryptionDataLessOrEqual( m_aEncryptionData, aEncryptionData ) )
throw packages::WrongPasswordException();
// the correct key must be set already
diff --git a/package/source/xstor/owriteablestream.hxx b/package/source/xstor/owriteablestream.hxx
index 7d7abf6647c3..681d347e8bce 100644
--- a/package/source/xstor/owriteablestream.hxx
+++ b/package/source/xstor/owriteablestream.hxx
@@ -55,7 +55,8 @@ namespace com { namespace sun { namespace star { namespace uno {
} } } }
namespace package {
- bool PackageEncryptionDatasEqual( const ::comphelper::SequenceAsHashMap& aHash1, const ::comphelper::SequenceAsHashMap& aHash2 );
+ // all data in aHash1 is contained in aHash2
+ bool PackageEncryptionDataLessOrEqual( const ::comphelper::SequenceAsHashMap& aHash1, const ::comphelper::SequenceAsHashMap& aHash2 );
}
struct WSInternalData_Impl;
diff --git a/package/source/xstor/xstorage.cxx b/package/source/xstor/xstorage.cxx
index f29ecfd3ea0a..8fc52dfffa6e 100644
--- a/package/source/xstor/xstorage.cxx
+++ b/package/source/xstor/xstorage.cxx
@@ -858,7 +858,7 @@ void OStorage_Impl::CopyStorageElement( SotElement_Impl* pElement,
SAL_INFO("package.xstor", "No Encryption: " << rNoEncryptionException);
}
- if (bHasCommonEncryptionData && ::package::PackageEncryptionDatasEqual(pElement->m_xStream->GetCachedEncryptionData(), aCommonEncryptionData))
+ if (bHasCommonEncryptionData && ::package::PackageEncryptionDataLessOrEqual(pElement->m_xStream->GetCachedEncryptionData(), aCommonEncryptionData))
{
// If the stream can be opened with the common storage password
// it must be stored with the common storage password as well
diff --git a/sfx2/source/appl/appopen.cxx b/sfx2/source/appl/appopen.cxx
index c54b3e58580b..f9505dd1c43a 100644
--- a/sfx2/source/appl/appopen.cxx
+++ b/sfx2/source/appl/appopen.cxx
@@ -43,6 +43,8 @@
#include <comphelper/processfactory.hxx>
#include <comphelper/storagehelper.hxx>
+#include <comphelper/string.hxx>
+#include <comphelper/sequence.hxx>
#include <comphelper/synchronousdispatch.hxx>
#include <vcl/wrkwin.hxx>
@@ -239,6 +241,21 @@ ErrCode CheckPasswd_Impl
if ( !aEncryptionData.hasElements() && aGpgProperties.hasElements() )
aEncryptionData = ::comphelper::DocPasswordHelper::decryptGpgSession(aGpgProperties);
+ // tdf#93389: if recoverying a document, encryption data should contain
+ // entries for the real filter, not only for recovery ODF, to keep it
+ // encrypted. Pass this in encryption data.
+ // TODO: pass here the real filter (from AutoRecovery::implts_openDocs)
+ // to marshal this to requestAndVerifyDocPassword
+ if (pSet->GetItemState(SID_DOC_SALVAGE, false) == SfxItemState::SET)
+ {
+ uno::Sequence< beans::NamedValue > aContainer(1);
+ aContainer[0].Name = "ForSalvage";
+ aContainer[0].Value <<= true;
+
+ aEncryptionData = comphelper::concatSequences(
+ aEncryptionData, aContainer);
+ }
+
SfxDocPasswordVerifier aVerifier( xStorage );
aEncryptionData = ::comphelper::DocPasswordHelper::requestAndVerifyDocPassword(
aVerifier, aEncryptionData, aPassword, xInteractionHandler, pFile->GetOrigURL(), comphelper::DocPasswordRequestType::Standard );
commit f8e296f5e6174055d2ad865ab1872193e2f74af2
Author: Mike Kaganski <mike.kaganski at collabora.com>
AuthorDate: Fri Nov 29 13:07:57 2019 +0300
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 22:27:32 2020 +0200
tdf#118639: store ODF encryption data for autorecovery
When saving autorecovery information, ODF is used. If the original
document is password-protected, its autorecovery is also generated
password-protected (since ef87ff6680f79362a431db6e7ef2f40cfc576219).
But when the stored encryption data for non-ODF document does not
contain "PackageSHA256UTF8EncryptionKey" value, following
ZipPackage::GetEncryptionKey fails, so the whole save fails.
So just generate and append ODF encryption keys where we still have
user password.
Reviewed-on: https://gerrit.libreoffice.org/84052
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kaganski at collabora.com>
(cherry picked from commit 63634738dd03cc74806ce6843c16ff5e51a371a0)
Reviewed-on: https://gerrit.libreoffice.org/84133
Reviewed-by: Xisco Faulí <xiscofauli at libreoffice.org>
(cherry picked from commit e569dc9824e95617d921bb8f115d243aea0125b9)
Reviewed-on: https://gerrit.libreoffice.org/84232
Reviewed-by: Adolfo Jayme Barrientos <fitojb at ubuntu.com>
(cherry picked from commit d1450f5bddd0f108078e0dfb11c9f130175fafe7)
Conflicts:
comphelper/source/misc/docpasswordhelper.cxx
Change-Id: I776e28de784489521e4941d1075690f90c056014
diff --git a/comphelper/source/misc/docpasswordhelper.cxx b/comphelper/source/misc/docpasswordhelper.cxx
index 6cf07d4795fb..9963e90309d4 100644
--- a/comphelper/source/misc/docpasswordhelper.cxx
+++ b/comphelper/source/misc/docpasswordhelper.cxx
@@ -428,6 +428,7 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
bool* pbIsDefaultPassword )
{
css::uno::Sequence< css::beans::NamedValue > aEncData;
+ OUString aPassword;
DocPasswordVerifierResult eResult = DocPasswordVerifierResult::WrongPassword;
// first, try provided default passwords
@@ -441,8 +442,12 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
if( !aIt->isEmpty() )
{
eResult = rVerifier.verifyPassword( *aIt, aEncData );
- if( pbIsDefaultPassword )
- *pbIsDefaultPassword = eResult == DocPasswordVerifierResult::OK;
+ if (eResult == DocPasswordVerifierResult::OK)
+ {
+ aPassword = *aIt;
+ if (pbIsDefaultPassword)
+ *pbIsDefaultPassword = true;
+ }
}
}
}
@@ -462,7 +467,11 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
if( eResult == DocPasswordVerifierResult::WrongPassword )
{
if( !rMediaPassword.isEmpty() )
+ {
eResult = rVerifier.verifyPassword( rMediaPassword, aEncData );
+ if (eResult == DocPasswordVerifierResult::OK)
+ aPassword = rMediaPassword;
+ }
}
// request a password (skip, if result is OK or ABORT)
@@ -478,6 +487,8 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
{
if( !pRequest->getPassword().isEmpty() )
eResult = rVerifier.verifyPassword( pRequest->getPassword(), aEncData );
+ if (eResult == DocPasswordVerifierResult::OK)
+ aPassword = pRequest->getPassword();
}
else
{
@@ -490,6 +501,21 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
{
}
+ if (eResult == DocPasswordVerifierResult::OK && !aPassword.isEmpty())
+ {
+ if (std::find_if(std::cbegin(aEncData), std::cend(aEncData),
+ [](const css::beans::NamedValue& val) {
+ return val.Name == PACKAGE_ENCRYPTIONDATA_SHA256UTF8;
+ })
+ == std::cend(aEncData))
+ {
+ // tdf#118639: We need ODF encryption data for autorecovery, where password
+ // will already be unavailable, so generate and append it here
+ aEncData = comphelper::concatSequences(
+ aEncData, OStorageHelper::CreatePackageEncryptionData(aPassword));
+ }
+ }
+
return (eResult == DocPasswordVerifierResult::OK) ? aEncData : uno::Sequence< beans::NamedValue >();
}
diff --git a/sfx2/source/dialog/filedlghelper.cxx b/sfx2/source/dialog/filedlghelper.cxx
index 0e5a3610ee3e..8f221b8bfb19 100644
--- a/sfx2/source/dialog/filedlghelper.cxx
+++ b/sfx2/source/dialog/filedlghelper.cxx
@@ -2697,6 +2697,8 @@ ErrCode RequestPassword(const std::shared_ptr<const SfxFilter>& pCurrentFilter,
{
if ( pPasswordRequest->getPassword().getLength() )
{
+ css::uno::Sequence< css::beans::NamedValue > aEncryptionData;
+
// TODO/LATER: The filters should show the password dialog themself in future
if ( bMSType )
{
@@ -2705,7 +2707,7 @@ ErrCode RequestPassword(const std::shared_ptr<const SfxFilter>& pCurrentFilter,
{
::comphelper::SequenceAsHashMap aHashData;
aHashData[ OUString( "OOXPassword" ) ] <<= pPasswordRequest->getPassword();
- pSet->Put( SfxUnoAnyItem( SID_ENCRYPTIONDATA, uno::makeAny( aHashData.getAsConstNamedValueList() ) ) );
+ aEncryptionData = aHashData.getAsConstNamedValueList();
}
else
{
@@ -2718,7 +2720,7 @@ ErrCode RequestPassword(const std::shared_ptr<const SfxFilter>& pCurrentFilter,
aHashData[ OUString( "STD97EncryptionKey" ) ] <<= aEncryptionKey;
aHashData[ OUString( "STD97UniqueID" ) ] <<= aUniqueID;
- pSet->Put( SfxUnoAnyItem( SID_ENCRYPTIONDATA, uno::makeAny( aHashData.getAsConstNamedValueList() ) ) );
+ aEncryptionData = aHashData.getAsConstNamedValueList();
}
else
{
@@ -2726,10 +2728,14 @@ ErrCode RequestPassword(const std::shared_ptr<const SfxFilter>& pCurrentFilter,
}
}
}
- else
- {
- pSet->Put( SfxUnoAnyItem( SID_ENCRYPTIONDATA, uno::makeAny( ::comphelper::OStorageHelper::CreatePackageEncryptionData( pPasswordRequest->getPassword() ) ) ) );
- }
+
+ // tdf#118639: We need ODF encryption data for autorecovery where password will already
+ // be unavailable, even for non-ODF documents, so append it here unconditionally
+ pSet->Put(SfxUnoAnyItem(
+ SID_ENCRYPTIONDATA,
+ uno::makeAny(comphelper::concatSequences(
+ aEncryptionData, comphelper::OStorageHelper::CreatePackageEncryptionData(
+ pPasswordRequest->getPassword())))));
}
if ( pPasswordRequest->getRecommendReadOnly() )
commit 9c3c2145e364e7d6f367d4e5171001bff69a15d1
Author: Mike Kaganski <mike.kaganski at collabora.com>
AuthorDate: Tue Apr 16 22:08:42 2019 +0200
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 22:27:32 2020 +0200
tdf#124776: don't use SearchPathW to get full path of executable
... use GetModuleFileNameW() for that.
We call SetDllDirectoryW and SetSearchPathMode to improve security of
the process, and exclude some paths (including current directory) from
search when using API that looks for binaries whose names are not fully
qualified.
So the sequence is this:
1. Program is started using relative executable path like
"instdir\program\soffice";
2. sal_detail_initialize is called, which calls the two mentioned
hardening functions;
3. sal_detail_initialize calls osl_setCommandArgs, which in turn calls
osl_createCommandArgs_Impl;
4. The latter uses SearchPathW with empty path and first program arg
"instdir\program\soffice" to find fully qualified program path.
That now naturally fails, because current path is not searched.
But to find the process name, we need no search: we can simply use
GetModuleFileNameW() with NULL passed as module handle. Let's use that.
Note that we can't use _wpgmptr/_get_wpgmptr, because we don't use wide
entry point like wmain.
LHM-Stuff
---------
Dieser Patch löst das Problem wenn Symbols eingeschaltet ist, danach
konnte LO nicht mit scalc.exe, swriter.exe, .. gestartet werden den es
ist damit abgestürzt. (Dumpfile war im LO-Verzeichnis)
Reviewed-on: https://gerrit.libreoffice.org/70844
Reviewed-by: Mike Kaganski <mike.kaganski at collabora.com>
Tested-by: Mike Kaganski <mike.kaganski at collabora.com>
(cherry picked from commit c650217cc543080928a26de4bfc07ebb0be5c6ca)
Change-Id: I7a0013a0505f7bdd38164b09b045bfade9686664
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/89689
Tested-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
diff --git a/sal/osl/w32/process.cxx b/sal/osl/w32/process.cxx
index f1e223bd34cd..cc5c1568f2f4 100644
--- a/sal/osl/w32/process.cxx
+++ b/sal/osl/w32/process.cxx
@@ -335,10 +335,8 @@ static rtl_uString ** osl_createCommandArgs_Impl (int argc, char **)
{
/* Ensure absolute path */
::osl::LongPathBuffer< sal_Unicode > aBuffer( MAX_LONG_PATH );
- DWORD dwResult = 0;
-
- dwResult = SearchPathW (
- nullptr, o3tl::toW(ppArgs[0]->buffer), L".exe", aBuffer.getBufSizeInSymbols(), o3tl::toW(aBuffer), nullptr);
+ DWORD dwResult
+ = GetModuleFileNameW(nullptr, o3tl::toW(aBuffer), aBuffer.getBufSizeInSymbols());
if ((0 < dwResult) && (dwResult < aBuffer.getBufSizeInSymbols()))
{
/* Replace argv[0] with its absolute path */
commit 97e0abd51b333c01e7c6d7b8cf191dd185e3c26c
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Tue Mar 24 10:48:04 2020 +0100
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 22:27:32 2020 +0200
icu: add patch to fix CVE-2020-10531
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90971
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl at cib.de>
(cherry picked from commit 002d1152dc418f7d624409e76cd9d4ac0b42c7f8)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90975
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
(cherry picked from commit 63b573faf984875cda7a879e696ea75fae81df57)
Change-Id: I0aca4af1bd79f28bf1c920a4d05e80948106aaac
diff --git a/external/icu/ExternalProject_icu.mk b/external/icu/ExternalProject_icu.mk
index ac5a12b00509..0dfa6be07a50 100644
--- a/external/icu/ExternalProject_icu.mk
+++ b/external/icu/ExternalProject_icu.mk
@@ -13,7 +13,10 @@ $(eval $(call gb_ExternalProject_register_targets,icu,\
build \
))
-icu_CPPFLAGS:="-DHAVE_GCC_ATOMICS=$(if $(filter TRUE,$(GCC_HAVE_BUILTIN_ATOMIC)),1,0)"
+# -I to find o3tl headers
+icu_CPPFLAGS:=" \
+ -DHAVE_GCC_ATOMICS=$(if $(filter TRUE,$(GCC_HAVE_BUILTIN_ATOMIC)),1,0) \
+ -I$(SRCDIR)/include"
ifeq ($(OS),WNT)
diff --git a/external/icu/UnpackedTarball_icu.mk b/external/icu/UnpackedTarball_icu.mk
index 9e5f7974a700..a5416b7ee078 100644
--- a/external/icu/UnpackedTarball_icu.mk
+++ b/external/icu/UnpackedTarball_icu.mk
@@ -39,6 +39,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,icu,\
external/icu/gcc9.patch \
external/icu/char8_t.patch \
external/icu/CVE-2018-18928.patch.2 \
+ external/icu/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca.patch.2 \
))
$(eval $(call gb_UnpackedTarball_add_file,icu,source/data/brkitr/khmerdict.dict,external/icu/khmerdict.dict))
diff --git a/external/icu/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca.patch.2 b/external/icu/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca.patch.2
new file mode 100644
index 000000000000..24f4e81fba9a
--- /dev/null
+++ b/external/icu/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca.patch.2
@@ -0,0 +1,30 @@
+From b7d08bc04a4296982fcef8b6b8a354a9e4e7afca Mon Sep 17 00:00:00 2001
+From: Frank Tang <ftang at chromium.org>
+Date: Sat, 1 Feb 2020 02:39:04 +0000
+Subject: [PATCH] ICU-20958 Prevent SEGV_MAPERR in append
+
+See #971
+---
+ icu4c/source/common/unistr.cpp | 6 ++-
+ icu4c/source/test/intltest/ustrtest.cpp | 62 +++++++++++++++++++++++++
+ icu4c/source/test/intltest/ustrtest.h | 1 +
+ 3 files changed, 68 insertions(+), 1 deletion(-)
+
+diff --git a/icu4c/source/common/unistr.cpp b/icu4c/source/common/unistr.cpp
+index 901bb3358ba..077b4d6ef20 100644
+--- a/icu4c/source/common/unistr.cpp
++++ b/icu4c/source/common/unistr.cpp
+@@ -1563,7 +1563,11 @@ UnicodeString::doAppend(const UChar *srcChars, int32_t srcStart, int32_t srcLeng
+ }
+
+ int32_t oldLength = length();
+- int32_t newLength = oldLength + srcLength;
++ int32_t newLength;
++ if (uprv_add32_overflow(oldLength, srcLength, &newLength)) {
++ setToBogus();
++ return *this;
++ }
+
+ // Check for append onto ourself
+ const UChar* oldArray = getArrayStart();
+ if (isBufferWritable() &&
commit 28d366aea513620260c24b02979480575ce8face
Author: Stephan Bergmann <sbergman at redhat.com>
AuthorDate: Wed Jan 15 17:16:02 2020 +0100
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 22:27:32 2020 +0200
Remove a fragment from a file URL early on
...as ShellExecuteExW would ignore it anyway
Change-Id: I969db094bb7d2ea230ac8c36eb23d71a90fbe466
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86868
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman at redhat.com>
(cherry picked from commit 14b36a16b225bf7c988f118d499a7287c47cd83e)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86875
Reviewed-by: Mike Kaganski <mike.kaganski at collabora.com>
(cherry picked from commit e033f200d74202d64f4a928c2d7b3b1cadd1c8e8)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/88203
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
diff --git a/shell/source/win32/SysShExec.cxx b/shell/source/win32/SysShExec.cxx
index 910aae1c095f..c4091616f7d8 100644
--- a/shell/source/win32/SysShExec.cxx
+++ b/shell/source/win32/SysShExec.cxx
@@ -301,6 +301,7 @@ void SAL_CALL CSysShExec::execute( const OUString& aCommand, const OUString& aPa
static_cast< XSystemShellExecute* >( this ),
3 );
+ OUString preprocessed_command(aCommand);
if ((nFlags & URIS_ONLY) != 0)
{
css::uno::Reference< css::uri::XUriReference > uri(
@@ -314,8 +315,10 @@ void SAL_CALL CSysShExec::execute( const OUString& aCommand, const OUString& aPa
static_cast< cppu::OWeakObject * >(this), 0);
}
if (uri->getScheme().equalsIgnoreAsciiCase("file")) {
+ // ShellExecuteExW appears to ignore the fragment of a file URL anyway, so remove it:
+ uri->clearFragment();
+ preprocessed_command = uri->getUriReference();
OUString pathname;
- uri->clearFragment(); // getSystemPathFromFileURL fails for URLs with fragment
auto const e1
= osl::FileBase::getSystemPathFromFileURL(uri->getUriReference(), pathname);
if (e1 != osl::FileBase::E_None) {
@@ -419,7 +422,6 @@ void SAL_CALL CSysShExec::execute( const OUString& aCommand, const OUString& aPa
and names no existing file (remember the jump mark
sign '#' is a valid file name character we remove
the jump mark, else ShellExecuteEx fails */
- OUString preprocessed_command(aCommand);
if (is_system_path(preprocessed_command))
{
if (has_jump_mark(preprocessed_command) && !is_existing_file(preprocessed_command))
commit 7ddf0edf5e79be5749f9e287dec0bc13ef983213
Author: Samuel Mehrbrodt <Samuel.Mehrbrodt at cib.de>
AuthorDate: Mon Nov 11 14:53:51 2019 +0100
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 22:27:32 2020 +0200
Fix macro disabling in Basic IDE
After 8d69ca60f3c8f53699986f924291a2acda5694a1 macros were always disabled
as ScriptDocument::allowMacros always returned false when called from
non-document context.
Change-Id: Ibef4c7d561f4ee01cd44f5327e4ab948282bb07d
Reviewed-on: https://gerrit.libreoffice.org/82444
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt at cib.de>
(cherry picked from commit 6a40737e1feb2e8d1992c46ee6c0e5cf30bab025)
Reviewed-on: https://gerrit.libreoffice.org/82489
Reviewed-by: Adolfo Jayme Barrientos <fitojb at ubuntu.com>
(cherry picked from commit bed9f9b118566abcb96026e2e795c4c89fe18bb4)
Reviewed-on: https://gerrit.libreoffice.org/84310
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
diff --git a/basctl/source/basicide/baside2.cxx b/basctl/source/basicide/baside2.cxx
index cfcb5f56c7b1..786b8720bd01 100644
--- a/basctl/source/basicide/baside2.cxx
+++ b/basctl/source/basicide/baside2.cxx
@@ -54,6 +54,7 @@
#include <vcl/xtextedt.hxx>
#include <toolkit/helper/vclunohelper.hxx>
#include <cassert>
+#include <officecfg/Office/Common.hxx>
namespace basctl
{
@@ -296,7 +297,8 @@ void ModulWindow::BasicExecute()
{
// #116444# check security settings before macro execution
ScriptDocument aDocument( GetDocument() );
- if (!aDocument.allowMacros())
+ bool bMacrosDisabled = officecfg::Office::Common::Security::Scripting::DisableMacrosExecution::get();
+ if (bMacrosDisabled || (aDocument.isDocument() && !aDocument.allowMacros()))
{
std::unique_ptr<weld::MessageDialog> xBox(
Application::CreateMessageDialog(GetFrameWeld(), VclMessageType::Warning,
commit 3264bd6aea2a8389cf0398da48381c8a3dd9504a
Author: Samuel Mehrbrodt <Samuel.Mehrbrodt at cib.de>
AuthorDate: Thu Nov 7 16:01:32 2019 +0100
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 22:27:32 2020 +0200
Always check whether macro execution is allowed
No only when this executing from a document.
Setting 'DisableMacrosExecution' had no effect on the macro editor,
macros could still be executed there.
Change-Id: I400ed25050173d2ce1fb612aebd2dbcb73720a73
Reviewed-on: https://gerrit.libreoffice.org/82229
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt at cib.de>
(cherry picked from commit 8d69ca60f3c8f53699986f924291a2acda5694a1)
Reviewed-on: https://gerrit.libreoffice.org/82251
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
(cherry picked from commit c7be35e618eddf7b83faae1fd8211a4c52a9d35b)
Reviewed-on: https://gerrit.libreoffice.org/84309
Tested-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
diff --git a/basctl/source/basicide/baside2.cxx b/basctl/source/basicide/baside2.cxx
index 81efba1d5b3d..cfcb5f56c7b1 100644
--- a/basctl/source/basicide/baside2.cxx
+++ b/basctl/source/basicide/baside2.cxx
@@ -296,15 +296,13 @@ void ModulWindow::BasicExecute()
{
// #116444# check security settings before macro execution
ScriptDocument aDocument( GetDocument() );
- if ( aDocument.isDocument() )
+ if (!aDocument.allowMacros())
{
- if ( !aDocument.allowMacros() )
- {
- std::unique_ptr<weld::MessageDialog> xBox(Application::CreateMessageDialog(GetFrameWeld(),
- VclMessageType::Warning, VclButtonsType::Ok, IDEResId(RID_STR_CANNOTRUNMACRO)));
- xBox->run();
- return;
- }
+ std::unique_ptr<weld::MessageDialog> xBox(
+ Application::CreateMessageDialog(GetFrameWeld(), VclMessageType::Warning,
+ VclButtonsType::Ok, IDEResId(RID_STR_CANNOTRUNMACRO)));
+ xBox->run();
+ return;
}
CheckCompileBasic();
commit ae41e431bc12311360c406351193595f0b479c93
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Mon Nov 25 12:34:28 2019 +0100
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 22:27:32 2020 +0200
nss: upgrade to release 3.47.1
Fixes CVE-2019-11745.
Remove nss.fix-freebl-add-lcc-support.patch.1, fixed upstream.
Reviewed-on: https://gerrit.libreoffice.org/83673
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl at cib.de>
(cherry picked from commit a6238c3fba80889f9090d997e2a4979b78b34ac7)
Change-Id: I72e35c90fabb0a83f547a787dbaee774e35f9c08
diff --git a/download.lst b/download.lst
index cc73017944a4..a8f79e4b113f 100644
--- a/download.lst
+++ b/download.lst
@@ -181,8 +181,8 @@ export MYTHES_SHA256SUM := 1e81f395d8c851c3e4e75b568e20fa2fa549354e75ab397f9de4b
export MYTHES_TARBALL := a8c2c5b8f09e7ede322d5c602ff6a4b6-mythes-1.2.4.tar.gz
export NEON_SHA256SUM := db0bd8cdec329b48f53a6f00199c92d5ba40b0f015b153718d1b15d3d967fbca
export NEON_TARBALL := neon-0.30.2.tar.gz
-export NSS_SHA256SUM := fae11751100510d26f16a245f0db9a5b3d638ab28ce0bccd50d4314f7e526ba1
-export NSS_TARBALL := nss-3.45-with-nspr-4.21.tar.gz
+export NSS_SHA256SUM := 07d4276168f59bb3038c7826dabb5fbfbab8336ddf65e4e6e43bce89ada78c64
+export NSS_TARBALL := nss-3.47.1-with-nspr-4.23.tar.gz
export ODFGEN_SHA256SUM := 2c7b21892f84a4c67546f84611eccdad6259875c971e98ddb027da66ea0ac9c2
export ODFGEN_VERSION_MICRO := 6
export ODFGEN_TARBALL := libodfgen-0.1.$(ODFGEN_VERSION_MICRO).tar.bz2
diff --git a/external/nss/UnpackedTarball_nss.mk b/external/nss/UnpackedTarball_nss.mk
index 916fa0df171b..0ac6717503b9 100644
--- a/external/nss/UnpackedTarball_nss.mk
+++ b/external/nss/UnpackedTarball_nss.mk
@@ -22,7 +22,6 @@ $(eval $(call gb_UnpackedTarball_add_patches,nss,\
external/nss/nss.vs2015.patch) \
external/nss/ubsan.patch.0 \
external/nss/clang-cl.patch.0 \
- external/nss/nss.fix-freebl-add-lcc-support.patch.1 \
$(if $(filter iOS,$(OS)), \
external/nss/nss-ios.patch) \
$(if $(filter MSC-INTEL,$(COM)-$(CPUNAME)), \
@@ -30,7 +29,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,nss,\
$(if $(filter WNT,$(OS)), \
external/nss/nss.vs2015.pdb.patch) \
$(if $(filter WNT,$(OS)), \
- external/nss/nss.utf8bom.patch.1) \
+ external/nss/nss.utf8bom.patch.1) \
$(if $(filter ANDROID,$(OS)), \
external/nss/nss-android.patch.1) \
))
diff --git a/external/nss/clang-cl.patch.0 b/external/nss/clang-cl.patch.0
index 111ec934d147..1d615c2397d8 100644
--- a/external/nss/clang-cl.patch.0
+++ b/external/nss/clang-cl.patch.0
@@ -22,7 +22,7 @@
+ defined(_M_ARM64)) && !defined __clang__
# include <intrin.h>
# pragma intrinsic(_BitScanForward,_BitScanReverse)
- __forceinline static int __prBitScanForward32(unsigned int val)
+ __forceinline static int __prBitScanForward32(unsigned int val)
@@ -32,7 +32,7 @@
# define pr_bitscan_ctz32(val) __prBitScanForward32(val)
# define pr_bitscan_clz32(val) __prBitScanReverse32(val)
diff --git a/external/nss/nss.aix.patch b/external/nss/nss.aix.patch
index da9aacb10e84..4b0c6bfb3261 100644
--- a/external/nss/nss.aix.patch
+++ b/external/nss/nss.aix.patch
@@ -38,7 +38,7 @@ diff -ru a/nspr/pr/src/Makefile.in b/nspr/pr/src/Makefile.in
--- a/a/nspr/pr/src/Makefile.in 2014-09-29 16:46:35.281395079 +0100
+++ b/b/nspr/pr/src/Makefile.in 2014-09-29 16:50:33.909375948 +0100
@@ -74,7 +74,6 @@
- endif
+ endif # SunOS
ifeq ($(OS_ARCH),AIX)
-DSO_LDOPTS += -binitfini::_PR_Fini
diff --git a/external/nss/nss.fix-freebl-add-lcc-support.patch.1 b/external/nss/nss.fix-freebl-add-lcc-support.patch.1
deleted file mode 100644
index 3e3c06327dde..000000000000
--- a/external/nss/nss.fix-freebl-add-lcc-support.patch.1
+++ /dev/null
@@ -1,11 +0,0 @@
---- b/nss/lib/freebl/Makefile
-+++ a/nss/lib/freebl/Makefile
-@@ -495,7 +495,7 @@
- ifdef USE_64
- # no __int128 at least up to lcc 1.23 (pretending to be gcc5)
- # NB: CC_NAME is not defined here
--ifneq ($(shell $(CC) -? 2>&1 >/dev/null | sed -e 's/:.*//;1q'),lcc)
-+ifneq ($(shell $(CC) -? 2>&1 >/dev/null </dev/null | sed -e 's/:.*//;1q'),lcc)
- ifdef CC_IS_CLANG
- HAVE_INT128_SUPPORT = 1
- DEFINES += -DHAVE_INT128_SUPPORT
diff --git a/external/nss/nss.patch b/external/nss/nss.patch
index c367bce9097b..d9aaee5199bb 100644
--- a/external/nss/nss.patch
+++ b/external/nss/nss.patch
@@ -12,14 +12,14 @@
--- a/nss.orig/nspr/pr/src/misc/prnetdb.c 2017-08-29 23:44:13.690045031 +0530
+++ b/nss/nspr/pr/src/misc/prnetdb.c 2017-08-29 23:47:03.810814019 +0530
@@ -438,7 +438,7 @@
- char *buf = *bufp;
- PRIntn buflen = *buflenp;
+ char *buf = *bufp;
+ PRIntn buflen = *buflenp;
-- if (align && ((long)buf & (align - 1))) {
-+ if (align && ((ptrdiff_t)buf & (align - 1))) {
- PRIntn skip = align - ((ptrdiff_t)buf & (align - 1));
- if (buflen < skip) {
- return 0;
+- if (align && ((long)buf & (align - 1))) {
++ if (align && ((ptrdiff_t)buf & (align - 1))) {
+ PRIntn skip = align - ((ptrdiff_t)buf & (align - 1));
+ if (buflen < skip) {
+ return 0;
--- a/a/nss/cmd/platlibs.mk 2017-08-29 23:44:13.554044416 +0530
+++ b/b/nss/cmd/platlibs.mk 2017-08-29 23:46:09.638569150 +0530
@@ -10,17 +10,22 @@
diff --git a/external/nss/nss.vs2015.pdb.patch b/external/nss/nss.vs2015.pdb.patch
index dc4f4638b476..c66940132cdd 100644
--- a/external/nss/nss.vs2015.pdb.patch
+++ b/external/nss/nss.vs2015.pdb.patch
@@ -18,5 +18,5 @@ diff -ru nss.orig/nss/coreconf/WIN32.mk nss/nss/coreconf/WIN32.mk
- OPTIMIZER += -Zi -Fd$(OBJDIR)/ -Od
+ OPTIMIZER += -Zi -Fd./ -Od
NULLSTRING :=
- SPACE := $(NULLSTRING) # end of the line
- USERNAME := $(subst $(SPACE),_,$(USERNAME))
+ DEFINES += -DDEBUG -UNDEBUG
+ DLLFLAGS += -DEBUG -OUT:$@
commit 553e3c51c33e0e0861d14733f5b67a4f9b4ac7f9
Author: Rasmus Thomsen <oss at cogitri.dev>
AuthorDate: Sat Oct 26 14:11:35 2019 +0200
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 22:27:32 2020 +0200
Fix build with poppler-0.82
Reviewed-on: https://gerrit.libreoffice.org/81545
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl at cib.de>
(cherry picked from commit 2eadd46ab81058087af95bdfc1fea28fcdb65998)
Reviewed-on: https://gerrit.libreoffice.org/83363
Reviewed-by: Rasmus Thomsen <oss at cogitri.dev>
(cherry picked from commit 928a372775a0758aa76eb10e568d5c106a8586eb)
Change-Id: I3b6b3faea7986f3e5a6ae4790580d03bc9c955fc
diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
index 9842b9734e8d..410e5ad657b7 100644
--- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
+++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
@@ -863,11 +863,20 @@ void PDFOutDev::eoClip(GfxState *state)
local offset of character (zero for horizontal writing mode). not
taken into account for output pos updates. Used for vertical writing.
*/
+
+#if POPPLER_CHECK_VERSION(0, 82, 0)
+void PDFOutDev::drawChar(GfxState *state, double x, double y,
+ double dx, double dy,
+ double originX, double originY,
+ CharCode, int /*nBytes*/, const Unicode *u, int uLen)
+{
+#else
void PDFOutDev::drawChar(GfxState *state, double x, double y,
double dx, double dy,
double originX, double originY,
CharCode, int /*nBytes*/, Unicode *u, int uLen)
{
+#endif
assert(state);
if( u == nullptr )
@@ -979,11 +988,19 @@ void PDFOutDev::drawImageMask(GfxState* pState, Object*, Stream* str,
writeBinaryBuffer(aBuf);
}
+#if POPPLER_CHECK_VERSION(0, 82, 0)
+void PDFOutDev::drawImage(GfxState*, Object*, Stream* str,
+ int width, int height, GfxImageColorMap* colorMap,
+ poppler_bool /*interpolate*/,
+ const int* maskColors, poppler_bool /*inlineImg*/ )
+{
+#else
void PDFOutDev::drawImage(GfxState*, Object*, Stream* str,
int width, int height, GfxImageColorMap* colorMap,
poppler_bool /*interpolate*/,
int* maskColors, poppler_bool /*inlineImg*/ )
{
+#endif
if (m_bSkipImages)
return;
OutputBuffer aBuf; initBuf(aBuf);
@@ -1004,12 +1021,20 @@ void PDFOutDev::drawImage(GfxState*, Object*, Stream* str,
{
GfxRGB aMinRGB;
colorMap->getColorSpace()->getRGB(
+#if POPPLER_CHECK_VERSION(0, 82, 0)
+ reinterpret_cast<const GfxColor*>(maskColors),
+#else
reinterpret_cast<GfxColor*>(maskColors),
+#endif
&aMinRGB );
GfxRGB aMaxRGB;
colorMap->getColorSpace()->getRGB(
+#if POPPLER_CHECK_VERSION(0, 82, 0)
+ reinterpret_cast<const GfxColor*>(maskColors)+gfxColorMaxComps,
+#else
reinterpret_cast<GfxColor*>(maskColors)+gfxColorMaxComps,
+#endif
&aMaxRGB );
aMaskBuf.push_back( colToByte(aMinRGB.r) );
diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
index 51dcd18e2436..d2e2f18e9d62 100644
--- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
+++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.hxx
@@ -232,10 +232,17 @@ namespace pdfi
virtual void eoClip(GfxState *state) override;
//----- text drawing
+#if POPPLER_CHECK_VERSION(0, 82, 0)
+ virtual void drawChar(GfxState *state, double x, double y,
+ double dx, double dy,
+ double originX, double originY,
+ CharCode code, int nBytes, const Unicode *u, int uLen) override;
+#else
virtual void drawChar(GfxState *state, double x, double y,
double dx, double dy,
double originX, double originY,
CharCode code, int nBytes, Unicode *u, int uLen) override;
+#endif
#if POPPLER_CHECK_VERSION(0, 64, 0)
virtual void drawString(GfxState *state, const GooString *s) override;
#else
@@ -248,10 +255,17 @@ namespace pdfi
int width, int height, poppler_bool invert,
poppler_bool interpolate,
poppler_bool inlineImg) override;
+#if POPPLER_CHECK_VERSION(0, 82, 0)
+ virtual void drawImage(GfxState *state, Object *ref, Stream *str,
+ int width, int height, GfxImageColorMap *colorMap,
+ poppler_bool interpolate,
+ const int* maskColors, poppler_bool inlineImg) override;
+#else
virtual void drawImage(GfxState *state, Object *ref, Stream *str,
int width, int height, GfxImageColorMap *colorMap,
poppler_bool interpolate,
int* maskColors, poppler_bool inlineImg) override;
+#endif
virtual void drawMaskedImage(GfxState *state, Object *ref, Stream *str,
int width, int height,
GfxImageColorMap *colorMap,
commit 5e605a09a42d9c6ccb6386d6d46ecd9a98d17fab
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Wed Nov 20 13:11:59 2019 +0100
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 22:27:31 2020 +0200
poppler: upgrade to release 0.82.0
fixes CVE-2019-9903 CVE-2019-9631 CVE-2019-9545 CVE-2019-9543
CVE-2019-14494 CVE-2019-12293 CVE-2019-11026 CVE-2019-10873
CVE-2019-10872 CVE-2019-10871 CVE-2019-10018
remove obsolete 0001-ImageStream-getLine-fix-crash-on-broken-files.patch.1
Reviewed-on: https://gerrit.libreoffice.org/83308
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl at cib.de>
(cherry picked from commit 28e52c49452320ac76489d0f93ca5692456e5331)
Reviewed-on: https://gerrit.libreoffice.org/83336
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice at googlemail.com>
(cherry picked from commit f3b2d61376c6d7ae262f58406d89ef0caa8b0aaf)
Change-Id: I72b3bf89b294ed3e24157c7e75fd58d4f68d9f35
diff --git a/download.lst b/download.lst
index 6b938e09b0a6..cc73017944a4 100644
--- a/download.lst
+++ b/download.lst
@@ -206,8 +206,8 @@ export PIXMAN_SHA256SUM := 21b6b249b51c6800dc9553b65106e1e37d0e25df942c90531d4c3
export PIXMAN_TARBALL := e80ebae4da01e77f68744319f01d52a3-pixman-0.34.0.tar.gz
export LIBPNG_SHA256SUM := 505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca
export LIBPNG_TARBALL := libpng-1.6.37.tar.xz
-export POPPLER_SHA256SUM := 92e09fd3302567fd36146b36bb707db43ce436e8841219025a82ea9fb0076b2f
-export POPPLER_TARBALL := poppler-0.74.0.tar.xz
+export POPPLER_SHA256SUM := 234f8e573ea57fb6a008e7c1e56bfae1af5d1adf0e65f47555e1ae103874e4df
+export POPPLER_TARBALL := poppler-0.82.0.tar.xz
export POSTGRESQL_SHA256SUM := a754c02f7051c2f21e52f8669a421b50485afcde9a581674d6106326b189d126
export POSTGRESQL_TARBALL := postgresql-9.2.24.tar.bz2
export PYTHON_SHA256SUM := c24a37c63a67f53bdd09c5f287b5cff8e8b98f857bf348c577d454d3f74db049
diff --git a/external/poppler/0001-ImageStream-getLine-fix-crash-on-broken-files.patch.1 b/external/poppler/0001-ImageStream-getLine-fix-crash-on-broken-files.patch.1
deleted file mode 100644
index b459a0a0bef7..000000000000
--- a/external/poppler/0001-ImageStream-getLine-fix-crash-on-broken-files.patch.1
+++ /dev/null
@@ -1,27 +0,0 @@
-From f4136a6353162db249f63ddb0f20611622ab61b4 Mon Sep 17 00:00:00 2001
-From: Albert Astals Cid <aacid at kde.org>
-Date: Wed, 27 Feb 2019 19:43:22 +0100
-Subject: [PATCH] ImageStream::getLine: fix crash on broken files
-
-Fixes #728
----
- poppler/Stream.cc | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/poppler/Stream.cc b/poppler/Stream.cc
-index 33537b0e..a41435ab 100644
---- a/poppler/Stream.cc
-+++ b/poppler/Stream.cc
-@@ -496,6 +496,9 @@ unsigned char *ImageStream::getLine() {
- }
-
- int readChars = str->doGetChars(inputLineSize, inputLine);
-+ if (unlikely(readChars == -1)) {
-+ readChars = 0;
-+ }
- for ( ; readChars < inputLineSize; readChars++) inputLine[readChars] = EOF;
- if (nBits == 1) {
- unsigned char *p = inputLine;
---
-2.20.1
-
diff --git a/external/poppler/0001-Revert-Make-the-mul-tables-be-calculated-at-compile-.patch.1 b/external/poppler/0001-Revert-Make-the-mul-tables-be-calculated-at-compile-.patch.1
new file mode 100644
index 000000000000..26fdc10dec50
--- /dev/null
+++ b/external/poppler/0001-Revert-Make-the-mul-tables-be-calculated-at-compile-.patch.1
@@ -0,0 +1,169 @@
+Revert "Make the mul tables be calculated at compile time with constexpr"
+
+This reverts commit e0ef346c0f669140076c4cf443f07ea0770996da.
+---
+ poppler/Decrypt.cc | 134 ++++++++++++---------------------------------
+ 1 file changed, 35 insertions(+), 99 deletions(-)
+
+diff --git a/poppler/Decrypt.cc b/poppler/Decrypt.cc
+index 57945778..f5062929 100644
+--- a/poppler/Decrypt.cc
++++ b/poppler/Decrypt.cc
+@@ -763,119 +763,55 @@ static inline void invShiftRows(unsigned char *state) {
+ }
+
+ // {02} \cdot s
+-struct Mul02Table
+-{
+- constexpr Mul02Table() : values()
+- {
+- for(int s = 0; s < 256; s++) {
+- values[s] = (s & 0x80) ? ((s << 1) ^ 0x1b) : (s << 1);
+- }
+- }
+-
+- constexpr unsigned char operator()(uint8_t i) const { return values[i]; }
+-
+- unsigned char values[256];
+-};
+-
+-static constexpr Mul02Table mul02;
++static inline unsigned char mul02(unsigned char s) {
++ return (s & 0x80) ? ((s << 1) ^ 0x1b) : (s << 1);
++}
+
+ // {03} \cdot s
+-struct Mul03Table
+-{
+- constexpr Mul03Table() : values()
+- {
+- for(int s=0; s<256; s++) {
+- const unsigned char s2 = (s & 0x80) ? ((s << 1) ^ 0x1b) : (s << 1);
+- values[s] = s ^ s2;
+- }
+- }
+-
+- constexpr unsigned char operator()(uint8_t i) const { return values[i]; }
+-
+- unsigned char values[256];
+-};
+-
+-static constexpr Mul03Table mul03;
++static inline unsigned char mul03(unsigned char s) {
++ unsigned char s2 = (s & 0x80) ? ((s << 1) ^ 0x1b) : (s << 1);
++ return s ^ s2;
++}
+
+ // {09} \cdot s
+-struct Mul09Table
+-{
+- constexpr Mul09Table() : values()
+- {
+- for(int s=0; s<256; s++) {
+- const unsigned char s2 = (s & 0x80) ? ((s << 1) ^ 0x1b) : (s << 1);
+- const unsigned char s4 = (s2 & 0x80) ? ((s2 << 1) ^ 0x1b) : (s2 << 1);
+- const unsigned char s8 = (s4 & 0x80) ? ((s4 << 1) ^ 0x1b) : (s4 << 1);
+- values[s] = s ^ s8;
+- }
+- }
+-
+- constexpr unsigned char operator()(uint8_t i) const { return values[i]; }
+-
+- unsigned char values[256];
+-};
++static inline unsigned char mul09(unsigned char s) {
++ unsigned char s2, s4, s8;
+
+-static constexpr Mul09Table mul09;
++ s2 = (s & 0x80) ? ((s << 1) ^ 0x1b) : (s << 1);
++ s4 = (s2 & 0x80) ? ((s2 << 1) ^ 0x1b) : (s2 << 1);
++ s8 = (s4 & 0x80) ? ((s4 << 1) ^ 0x1b) : (s4 << 1);
++ return s ^ s8;
++}
+
+ // {0b} \cdot s
+-struct Mul0bTable
+-{
+- constexpr Mul0bTable() : values()
+- {
+- for(int s=0; s<256; s++) {
+- const unsigned char s2 = (s & 0x80) ? ((s << 1) ^ 0x1b) : (s << 1);
+- const unsigned char s4 = (s2 & 0x80) ? ((s2 << 1) ^ 0x1b) : (s2 << 1);
+- const unsigned char s8 = (s4 & 0x80) ? ((s4 << 1) ^ 0x1b) : (s4 << 1);
+- values[s] = s ^ s2 ^ s8;
+- }
+- }
+-
+- constexpr unsigned char operator()(uint8_t i) const { return values[i]; }
++static inline unsigned char mul0b(unsigned char s) {
++ unsigned char s2, s4, s8;
+
+- unsigned char values[256];
+-};
+-
+-static constexpr Mul0bTable mul0b;
++ s2 = (s & 0x80) ? ((s << 1) ^ 0x1b) : (s << 1);
++ s4 = (s2 & 0x80) ? ((s2 << 1) ^ 0x1b) : (s2 << 1);
++ s8 = (s4 & 0x80) ? ((s4 << 1) ^ 0x1b) : (s4 << 1);
++ return s ^ s2 ^ s8;
++}
+
+ // {0d} \cdot s
+-struct Mul0dTable
+-{
+- constexpr Mul0dTable() : values()
+- {
+- for(int s=0; s<256; s++) {
+- const unsigned char s2 = (s & 0x80) ? ((s << 1) ^ 0x1b) : (s << 1);
+- const unsigned char s4 = (s2 & 0x80) ? ((s2 << 1) ^ 0x1b) : (s2 << 1);
+- const unsigned char s8 = (s4 & 0x80) ? ((s4 << 1) ^ 0x1b) : (s4 << 1);
+- values[s] = s ^ s4 ^ s8;
+- }
+- }
++static inline unsigned char mul0d(unsigned char s) {
++ unsigned char s2, s4, s8;
+
+- constexpr unsigned char operator()(uint8_t i) const { return values[i]; }
+-
+- unsigned char values[256];
+-};
+-
+-static constexpr Mul0dTable mul0d;
++ s2 = (s & 0x80) ? ((s << 1) ^ 0x1b) : (s << 1);
++ s4 = (s2 & 0x80) ? ((s2 << 1) ^ 0x1b) : (s2 << 1);
++ s8 = (s4 & 0x80) ? ((s4 << 1) ^ 0x1b) : (s4 << 1);
++ return s ^ s4 ^ s8;
++}
+
+ // {0e} \cdot s
+-struct Mul0eTable
+-{
+- constexpr Mul0eTable() : values()
+- {
+- for(int s=0; s<256; s++) {
+- const unsigned char s2 = (s & 0x80) ? ((s << 1) ^ 0x1b) : (s << 1);
+- const unsigned char s4 = (s2 & 0x80) ? ((s2 << 1) ^ 0x1b) : (s2 << 1);
+- const unsigned char s8 = (s4 & 0x80) ? ((s4 << 1) ^ 0x1b) : (s4 << 1);
+- values[s] = s2 ^ s4 ^ s8;
+- }
+- }
+-
+- constexpr unsigned char operator()(uint8_t i) const { return values[i]; }
++static inline unsigned char mul0e(unsigned char s) {
++ unsigned char s2, s4, s8;
+
+- unsigned char values[256];
+-};
+-
+-static constexpr Mul0eTable mul0e;
++ s2 = (s & 0x80) ? ((s << 1) ^ 0x1b) : (s << 1);
++ s4 = (s2 & 0x80) ? ((s2 << 1) ^ 0x1b) : (s2 << 1);
++ s8 = (s4 & 0x80) ? ((s4 << 1) ^ 0x1b) : (s4 << 1);
++ return s2 ^ s4 ^ s8;
++}
+
+ static inline void mixColumns(unsigned char *state) {
+ int c;
+--
+2.21.0
+
diff --git a/external/poppler/StaticLibrary_poppler.mk b/external/poppler/StaticLibrary_poppler.mk
index aa5ed693eb22..ae03836f2ba6 100644
--- a/external/poppler/StaticLibrary_poppler.mk
+++ b/external/poppler/StaticLibrary_poppler.mk
@@ -55,7 +55,6 @@ $(eval $(call gb_StaticLibrary_add_generated_exception_objects,poppler,\
UnpackedTarball/poppler/goo/gfile \
UnpackedTarball/poppler/goo/GooTimer \
UnpackedTarball/poppler/goo/GooString \
- UnpackedTarball/poppler/goo/FixedPoint \
UnpackedTarball/poppler/goo/NetPBMWriter \
UnpackedTarball/poppler/goo/PNGWriter \
UnpackedTarball/poppler/goo/TiffWriter \
diff --git a/external/poppler/UnpackedTarball_poppler.mk b/external/poppler/UnpackedTarball_poppler.mk
index 151fa5d0444f..76fd33236e5d 100644
--- a/external/poppler/UnpackedTarball_poppler.mk
+++ b/external/poppler/UnpackedTarball_poppler.mk
@@ -14,7 +14,7 @@ $(eval $(call gb_UnpackedTarball_set_tarball,poppler,$(POPPLER_TARBALL),,poppler
$(eval $(call gb_UnpackedTarball_add_patches,poppler,\
external/poppler/poppler-config.patch.1 \
external/poppler/poppler-c++11.patch.1 \
- external/poppler/0001-ImageStream-getLine-fix-crash-on-broken-files.patch.1 \
+ external/poppler/0001-Revert-Make-the-mul-tables-be-calculated-at-compile-.patch.1 \
))
# std::make_unique is only available in C++14
@@ -23,7 +23,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,poppler,\
# be happy with std::make_unique so just skip it
ifneq ($(OS_FOR_BUILD),MACOSX)
$(eval $(call gb_UnpackedTarball_set_post_action,poppler,\
- env -i PATH="$(PATH)" $(FIND) . -name '*.cc' -exec sed -i -e 's/std::make_unique/o3tl::make_unique/' {} \\; \
+ env -i PATH="$(if $(filter WNT,$(OS)),/usr/bin,$(PATH))" $(FIND) . -name '*.cc' -exec sed -i -e 's/std::make_unique/o3tl::make_unique/' {} \\; \
))
endif
diff --git a/external/poppler/poppler-config.patch.1 b/external/poppler/poppler-config.patch.1
index 1c68806276f7..cb74cd66fb5e 100644
--- a/external/poppler/poppler-config.patch.1
+++ b/external/poppler/poppler-config.patch.1
@@ -195,7 +195,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_NAME "poppler"
+
+/* Define to the full name and version of this package. */
-+#define PACKAGE_STRING "poppler 0.74.0"
++#define PACKAGE_STRING "poppler 0.82.0"
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME "poppler"
@@ -204,7 +204,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_URL ""
+
+/* Define to the version of this package. */
-+#define PACKAGE_VERSION "0.74.0"
++#define PACKAGE_VERSION "0.82.0"
+
+/* Poppler data dir */
+#define POPPLER_DATADIR "/usr/local/share/poppler"
@@ -228,7 +228,7 @@ index 0fbd336a..451213f8 100644
+/* #undef USE_FLOAT */
+
+/* Version number of package */
-+#define VERSION "0.74.0"
++#define VERSION "0.82.0"
+
+#if defined(__APPLE__)
+#elif defined (_WIN32)
@@ -268,7 +268,7 @@ new file mode 100644
index 0fbd336a..451213f8 100644
--- /dev/null
+++ b/poppler/poppler-config.h
-@@ -0,0 +1,168 @@
+@@ -0,0 +1,173 @@
+//================================================= -*- mode: c++ -*- ====
+//
+// poppler-config.h
@@ -304,7 +304,7 @@ index 0fbd336a..451213f8 100644
+
+/* Defines the poppler version. */
+#ifndef POPPLER_VERSION
-+#define POPPLER_VERSION "0.74.0"
++#define POPPLER_VERSION "0.82.0"
+#endif
+
+/* Enable multithreading support. */
@@ -396,6 +396,11 @@ index 0fbd336a..451213f8 100644
+/* #undef USE_CMS */
+#endif
+
++/* Use header-only classes from Boost in the Splash backend */
++#ifndef USE_BOOST_HEADERS
++/* #undef USE_BOOST_HEADERS */
++#endif
++
+// Also, there are preprocessor symbols in the header files
+// that are used but never defined when building poppler using configure
+// or cmake: DISABLE_OUTLINE, DEBUG_MEM,
@@ -466,9 +471,9 @@ index 0fbd336a..451213f8 100644
+
+#include "poppler-global.h"
+
-+#define POPPLER_VERSION "0.74.0"
++#define POPPLER_VERSION "0.82.0"
+#define POPPLER_VERSION_MAJOR 0
-+#define POPPLER_VERSION_MINOR 74
++#define POPPLER_VERSION_MINOR 82
+#define POPPLER_VERSION_MICRO 0
+
+namespace poppler
commit c13a400e966e24b0e9aa964551dc163cce6e56e2
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Wed Nov 20 15:08:24 2019 +0100
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 19:06:10 2020 +0200
libxslt: upgrade to release 1.1.34
Fixes CVE-2019-18197.
Remove obsolete e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1.
Change-Id: I95cf498e245083528f98bfef8cdd240bbe2211b9
Reviewed-on: https://gerrit.libreoffice.org/83312
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl at cib.de>
(cherry picked from commit e9ea24cc004a8b9a5856f2f268bd40433c504db1)
Reviewed-on: https://gerrit.libreoffice.org/83377
(cherry picked from commit d19b32c779bfeb51ef9570c3de8ed1925ec44473)
diff --git a/download.lst b/download.lst
index 03188881959c..6b938e09b0a6 100644
--- a/download.lst
+++ b/download.lst
@@ -159,8 +159,8 @@ export XMLSEC_TARBALL := xmlsec1-1.2.27.tar.gz
export LIBXML_SHA256SUM := aafee193ffb8fe0c82d4afef6ef91972cbaf5feea100edc2f262750611b4be1f
export LIBXML_VERSION_MICRO := 10
export LIBXML_TARBALL := libxml2-2.9.$(LIBXML_VERSION_MICRO).tar.gz
-export LIBXSLT_SHA256SUM := 8e36605144409df979cab43d835002f63988f3dc94d5d3537c12796db90e38c8
-export LIBXSLT_VERSION_MICRO := 33
+export LIBXSLT_SHA256SUM := 98b1bd46d6792925ad2dfe9a87452ea2adebf69dcb9919ffd55bf926a7f93f7f
+export LIBXSLT_VERSION_MICRO := 34
export LIBXSLT_TARBALL := libxslt-1.1.$(LIBXSLT_VERSION_MICRO).tar.gz
export LPSOLVE_SHA256SUM := 171816288f14215c69e730f7a4f1c325739873e21f946ff83884b350574e6695
export LPSOLVE_TARBALL := 26b3e95ddf3d9c077c480ea45874b3b8-lp_solve_5.5.tar.gz
diff --git a/external/libxslt/UnpackedTarball_libxslt.mk b/external/libxslt/UnpackedTarball_libxslt.mk
index beb591b8b2a8..b035e99f0a79 100644
--- a/external/libxslt/UnpackedTarball_libxslt.mk
+++ b/external/libxslt/UnpackedTarball_libxslt.mk
@@ -19,7 +19,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,libxslt,\
external/libxslt/libxslt-msvc.patch.2 \
external/libxslt/libxslt-1.1.26-memdump.patch \
external/libxslt/rpath.patch.0 \
- external/libxslt/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1 \
+ external/libxslt/e2584eed1c84c18f16e42188c30d2c3d8e3e8853.patch.1 \
))
# vim: set noet sw=4 ts=4:
diff --git a/external/libxslt/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1 b/external/libxslt/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1
deleted file mode 100644
index 260f35d1a35e..000000000000
--- a/external/libxslt/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1
+++ /dev/null
@@ -1,120 +0,0 @@
-From e03553605b45c88f0b4b2980adfbbb8f6fca2fd6 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer at aevum.de>
-Date: Sun, 24 Mar 2019 09:51:39 +0100
-Subject: [PATCH] Fix security framework bypass
-
-xsltCheckRead and xsltCheckWrite return -1 in case of error but callers
-don't check for this condition and allow access. With a specially
-crafted URL, xsltCheckRead could be tricked into returning an error
-because of a supposedly invalid URL that would still be loaded
-succesfully later on.
-
-Fixes #12.
-
-Thanks to Felix Wilhelm for the report.
----
- libxslt/documents.c | 18 ++++++++++--------
- libxslt/imports.c | 9 +++++----
- libxslt/transform.c | 9 +++++----
- libxslt/xslt.c | 9 +++++----
- 4 files changed, 25 insertions(+), 20 deletions(-)
-
-diff --git a/libxslt/documents.c b/libxslt/documents.c
-index 3f3a7312..4aad11bb 100644
---- a/libxslt/documents.c
-+++ b/libxslt/documents.c
-@@ -296,10 +296,11 @@ xsltLoadDocument(xsltTransformContextPtr ctxt, const xmlChar *URI) {
- int res;
-
- res = xsltCheckRead(ctxt->sec, ctxt, URI);
-- if (res == 0) {
-- xsltTransformError(ctxt, NULL, NULL,
-- "xsltLoadDocument: read rights for %s denied\n",
-- URI);
-+ if (res <= 0) {
-+ if (res == 0)
-+ xsltTransformError(ctxt, NULL, NULL,
-+ "xsltLoadDocument: read rights for %s denied\n",
-+ URI);
- return(NULL);
- }
- }
-@@ -372,10 +373,11 @@ xsltLoadStyleDocument(xsltStylesheetPtr style, const xmlChar *URI) {
- int res;
-
- res = xsltCheckRead(sec, NULL, URI);
-- if (res == 0) {
-- xsltTransformError(NULL, NULL, NULL,
-- "xsltLoadStyleDocument: read rights for %s denied\n",
-- URI);
-+ if (res <= 0) {
-+ if (res == 0)
-+ xsltTransformError(NULL, NULL, NULL,
-+ "xsltLoadStyleDocument: read rights for %s denied\n",
-+ URI);
- return(NULL);
- }
- }
-diff --git a/libxslt/imports.c b/libxslt/imports.c
-index 874870cc..3783b247 100644
---- a/libxslt/imports.c
-+++ b/libxslt/imports.c
-@@ -130,10 +130,11 @@ xsltParseStylesheetImport(xsltStylesheetPtr style, xmlNodePtr cur) {
- int secres;
-
- secres = xsltCheckRead(sec, NULL, URI);
-- if (secres == 0) {
-- xsltTransformError(NULL, NULL, NULL,
-- "xsl:import: read rights for %s denied\n",
-- URI);
-+ if (secres <= 0) {
-+ if (secres == 0)
-+ xsltTransformError(NULL, NULL, NULL,
-+ "xsl:import: read rights for %s denied\n",
-+ URI);
- goto error;
- }
- }
-diff --git a/libxslt/transform.c b/libxslt/transform.c
-index 13793914..0636dbd0 100644
---- a/libxslt/transform.c
-+++ b/libxslt/transform.c
-@@ -3493,10 +3493,11 @@ xsltDocumentElem(xsltTransformContextPtr ctxt, xmlNodePtr node,
- */
- if (ctxt->sec != NULL) {
- ret = xsltCheckWrite(ctxt->sec, ctxt, filename);
-- if (ret == 0) {
-- xsltTransformError(ctxt, NULL, inst,
-- "xsltDocumentElem: write rights for %s denied\n",
-- filename);
-+ if (ret <= 0) {
-+ if (ret == 0)
-+ xsltTransformError(ctxt, NULL, inst,
-+ "xsltDocumentElem: write rights for %s denied\n",
-+ filename);
- xmlFree(URL);
- xmlFree(filename);
- return;
-diff --git a/libxslt/xslt.c b/libxslt/xslt.c
-index 780a5ad7..a234eb79 100644
---- a/libxslt/xslt.c
-+++ b/libxslt/xslt.c
-@@ -6763,10 +6763,11 @@ xsltParseStylesheetFile(const xmlChar* filename) {
- int res;
-
- res = xsltCheckRead(sec, NULL, filename);
-- if (res == 0) {
-- xsltTransformError(NULL, NULL, NULL,
-- "xsltParseStylesheetFile: read rights for %s denied\n",
-- filename);
-+ if (res <= 0) {
-+ if (res == 0)
-+ xsltTransformError(NULL, NULL, NULL,
-+ "xsltParseStylesheetFile: read rights for %s denied\n",
-+ filename);
- return(NULL);
- }
- }
---
-2.18.1
-
diff --git a/external/libxslt/e2584eed1c84c18f16e42188c30d2c3d8e3e8853.patch.1 b/external/libxslt/e2584eed1c84c18f16e42188c30d2c3d8e3e8853.patch.1
new file mode 100644
index 000000000000..f82c2e4f77ee
--- /dev/null
+++ b/external/libxslt/e2584eed1c84c18f16e42188c30d2c3d8e3e8853.patch.1
@@ -0,0 +1,69 @@
+From e2584eed1c84c18f16e42188c30d2c3d8e3e8853 Mon Sep 17 00:00:00 2001
+From: Chun-wei Fan <fanchunwei at src.gnome.org>
+Date: Tue, 12 Nov 2019 17:37:05 +0800
+Subject: [PATCH] win32: Add configuration for profiler
+
+Without this the generated xsltconfig.h will not be complete as there
+will be a configuration variable that is left in the header, breaking
+builds.
+
+This will allow one to enable or disable profiler support in Windows
+builds, and the default is to enable this.
+---
+ win32/configure.js | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/win32/configure.js b/win32/configure.js
+index 56694cce..12c99f30 100644
+--- a/win32/configure.js
++++ b/win32/configure.js
+@@ -47,6 +47,7 @@ var withIconv = true;
+ var withZlib = false;
+ var withCrypto = true;
+ var withModules = false;
++var withProfiler = true;
+ /* Win32 build options. */
+ var dirSep = "\\";
+ var compiler = "msvc";
+@@ -106,6 +107,7 @@ function usage()
+ txt += " zlib: Use zlib library (" + (withZlib? "yes" : "no") + ")\n";
+ txt += " crypto: Enable Crypto support (" + (withCrypto? "yes" : "no") + ")\n";
+ txt += " modules: Enable Module support (" + (withModules? "yes" : "no") + ")\n";
++ txt += " profiler: Enable Profiler support (" + (withProfiler? "yes" : "no") + ")\n";
+ txt += "\nWin32 build options, default value given in parentheses:\n\n";
+ txt += " compiler: Compiler to be used [msvc|mingw] (" + compiler + ")\n";
+ txt += " cruntime: C-runtime compiler option (only msvc) (" + cruntime + ")\n";
+@@ -192,6 +194,7 @@ function discoverVersion()
+ vf.WriteLine("WITH_ZLIB=" + (withZlib? "1" : "0"));
+ vf.WriteLine("WITH_CRYPTO=" + (withCrypto? "1" : "0"));
+ vf.WriteLine("WITH_MODULES=" + (withModules? "1" : "0"));
++ vf.WriteLine("WITH_PROFILER=" + (withProfiler? "1" : "0"));
+ vf.WriteLine("DEBUG=" + (buildDebug? "1" : "0"));
+ vf.WriteLine("STATIC=" + (buildStatic? "1" : "0"));
+ vf.WriteLine("PREFIX=" + buildPrefix);
+@@ -240,6 +243,8 @@ function configureXslt()
+ of.WriteLine(s.replace(/\@WITH_DEBUGGER\@/, withDebugger? "1" : "0"));
+ } else if (s.search(/\@WITH_MODULES\@/) != -1) {
+ of.WriteLine(s.replace(/\@WITH_MODULES\@/, withModules? "1" : "0"));
++ } else if (s.search(/\@WITH_PROFILER\@/) != -1) {
++ of.WriteLine(s.replace(/\@WITH_PROFILER\@/, withProfiler? "1" : "0"));
+ } else if (s.search(/\@LIBXSLT_DEFAULT_PLUGINS_PATH\@/) != -1) {
+ of.WriteLine(s.replace(/\@LIBXSLT_DEFAULT_PLUGINS_PATH\@/, "NULL"));
+ } else
+@@ -343,6 +348,8 @@ for (i = 0; (i < WScript.Arguments.length) && (error == 0); i++) {
+ withCrypto = strToBool(arg.substring(opt.length + 1, arg.length));
+ else if (opt == "modules")
+ withModules = strToBool(arg.substring(opt.length + 1, arg.length));
++ else if (opt == "profiler")
++ withProfiler = strToBool(arg.substring(opt.length + 1, arg.length));
+ else if (opt == "compiler")
+ compiler = arg.substring(opt.length + 1, arg.length);
+ else if (opt == "cruntime")
+@@ -477,6 +484,7 @@ txtOut += " Use iconv: " + boolToStr(withIconv) + "\n";
+ txtOut += " With zlib: " + boolToStr(withZlib) + "\n";
+ txtOut += " Crypto: " + boolToStr(withCrypto) + "\n";
+ txtOut += " Modules: " + boolToStr(withModules) + "\n";
++txtOut += " Profiler: " + boolToStr(withProfiler) + "\n";
+ txtOut += "\n";
+ txtOut += "Win32 build configuration\n";
+ txtOut += "-------------------------\n";
diff --git a/external/libxslt/libxslt-config.patch.1 b/external/libxslt/libxslt-config.patch.1
index 5f9d107bd1e7..e4ce5d9e27cf 100644
--- a/external/libxslt/libxslt-config.patch.1
+++ b/external/libxslt/libxslt-config.patch.1
@@ -23,13 +23,13 @@ Hack the xslt-config to return paths into WORKDIR.
usage()
{
-@@ -89,7 +95,8 @@
- shift
- done
+@@ -92,7 +98,8 @@
+ libs="@XSLT_LIBDIR@ $libs"
+ fi
--the_libs="@XSLT_LIBDIR@ @XSLT_LIBS@ @EXTRA_LIBS@"
-+#the_libs="@XSLT_LIBDIR@ @XSLT_LIBS@ @EXTRA_LIBS@"
-+the_libs="-L${libdir}/libxslt/.libs -L${libdir}/libexslt/.libs -lxslt -lm"
- if test "$includedir" != "/usr/include"; then
- the_flags="$the_flags -I$includedir `@XML_CONFIG@ --cflags`"
- else
+- libs="$libs @EXTRA_LIBS@"
++ #libs="$libs @EXTRA_LIBS@"
++ libs="-L${libdir}/libxslt/.libs -L${libdir}/libexslt/.libs -lxslt -lm"
+ ;;
+
+ *)
diff --git a/external/libxslt/libxslt-internal-symbols.patch.1 b/external/libxslt/libxslt-internal-symbols.patch.1
index 7b13e1007c00..84a15154d729 100644
--- a/external/libxslt/libxslt-internal-symbols.patch.1
+++ b/external/libxslt/libxslt-internal-symbols.patch.1
@@ -1,13 +1,13 @@
--- xslt/libxslt/libxslt.syms.orig 2017-09-05 16:25:50.504966267 +0200
+++ xslt/libxslt/libxslt.syms 2017-09-05 16:41:00.256895709 +0200
@@ -497,5 +497,10 @@
- # xsltInternals
- xsltFlagRVTs;
- xsltDecimalFormatGetByQName;
+
+ # pattern
+ xsltCompMatchClearCache;
+
+# Solaris ld needs explicit auto-reduction (or, alternatively, "-B local")
+ local:
+ *;
+
- } LIBXML2_1.1.27;
+ } LIBXML2_1.1.30;
commit 583eb9818fd9579705d89e9f075a58cbfbf7db72
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Wed Nov 20 15:05:02 2019 +0100
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 19:06:06 2020 +0200
libxml2: upgrade to release 2.9.10
... which is, surprisingly enough, required to build the latest libxslt.
Reviewed-on: https://gerrit.libreoffice.org/83311
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl at cib.de>
(cherry picked from commit d1bf39a78ed239d4493f0470ca937852265e79d6)
Reviewed-on: https://gerrit.libreoffice.org/83347
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
(cherry picked from commit e9dc4662d4ba3bde91407911f1bc1a7aa25fa0ce)
Change-Id: Ifbb36ed61b8f68185f9c788f63a8edeb58899f94
diff --git a/download.lst b/download.lst
index 35a2263e5bb1..03188881959c 100644
--- a/download.lst
+++ b/download.lst
@@ -156,8 +156,8 @@ export LIBTOMMATH_SHA256SUM := 083daa92d8ee6f4af96a6143b12d7fc8fe1a547e14f862304
export LIBTOMMATH_TARBALL := ltm-1.0.zip
export XMLSEC_SHA256SUM := 97d756bad8e92588e6997d2227797eaa900d05e34a426829b149f65d87118eb6
export XMLSEC_TARBALL := xmlsec1-1.2.27.tar.gz
-export LIBXML_SHA256SUM := 94fb70890143e3c6549f265cee93ec064c80a84c42ad0f23e85ee1fd6540a871
-export LIBXML_VERSION_MICRO := 9
+export LIBXML_SHA256SUM := aafee193ffb8fe0c82d4afef6ef91972cbaf5feea100edc2f262750611b4be1f
+export LIBXML_VERSION_MICRO := 10
export LIBXML_TARBALL := libxml2-2.9.$(LIBXML_VERSION_MICRO).tar.gz
export LIBXSLT_SHA256SUM := 8e36605144409df979cab43d835002f63988f3dc94d5d3537c12796db90e38c8
export LIBXSLT_VERSION_MICRO := 33
diff --git a/external/libxml2/libxml2-android.patch b/external/libxml2/libxml2-android.patch
index 714de61068fb..42af83274026 100644
--- a/external/libxml2/libxml2-android.patch
+++ b/external/libxml2/libxml2-android.patch
@@ -4,7 +4,7 @@
$(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS)
check: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) check-recursive
--all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(SCRIPTS) $(MANS) $(DATA) \
+-all-am: Makefile $(PROGRAMS) $(LTLIBRARIES) $(SCRIPTS) $(MANS) $(DATA) \
+all-am: Makefile $(LTLIBRARIES) \
config.h
install-binPROGRAMS: install-libLTLIBRARIES
diff --git a/external/libxml2/libxml2-config.patch.1 b/external/libxml2/libxml2-config.patch.1
index 7d96fb530e57..8c28fb6a7806 100644
--- a/external/libxml2/libxml2-config.patch.1
+++ b/external/libxml2/libxml2-config.patch.1
@@ -25,45 +25,19 @@ Hack the xml2-config to return paths into WORKDIR.
;;
--cflags)
-- echo @XML_INCLUDEDIR@ @XML_CFLAGS@
-+ echo -I${includedir}
-+# echo @XML_INCLUDEDIR@ @XML_CFLAGS@
+- cflags="@XML_INCLUDEDIR@ @XML_CFLAGS@"
++ #cflags="@XML_INCLUDEDIR@ @XML_CFLAGS@"
++ cflags="-I${includedir}"
;;
--libtool-libs)
-@@ -82,19 +88,24 @@
- ;;
+@@ -91,7 +96,8 @@
+ libs="@XML_LIBDIR@ $libs"
+ fi
- --libs)
-- if [ "`uname`" = "Linux" ]
-- then
-- if [ "@XML_LIBDIR@" = "-L/usr/lib" -o "@XML_LIBDIR@" = "-L/usr/lib64" ]
-- then
-- echo @XML_LIBS@ @MODULE_PLATFORM_LIBS@
-- else
-- echo @XML_LIBDIR@ @XML_LIBS@ @MODULE_PLATFORM_LIBS@
-- fi
-- else
-- echo @XML_LIBDIR@ @XML_LIBS@ @MODULE_PLATFORM_LIBS@ @WIN32_EXTRA_LIBADD@
-- fi
-+ echo -L${libdir} -lxml2 -lm
-+# if [ "`uname`" = "Linux" ]
-+# then
-+# if [ "@XML_LIBDIR@" = "-L/usr/lib" -o "@XML_LIBDIR@" = "-L/usr/lib64" ]
-+# then
-+# echo @XML_LIBS@ @MODULE_PLATFORM_LIBS@
-+# else
-+# echo @XML_LIBDIR@ @XML_LIBS@ @MODULE_PLATFORM_LIBS@
-+# fi
-+# else
-+# echo @XML_LIBDIR@ @XML_LIBS@ @MODULE_PLATFORM_LIBS@ @WIN32_EXTRA_LIBADD@
-+# fi
- ;;
+- libs="$libs @WIN32_EXTRA_LIBADD@"
++ #libs="$libs @WIN32_EXTRA_LIBADD@"
++ libs="-L${libdir} -lxml2 -lm"
+ ;;
-+ print) # ugly configure hack
-+ exit 0
-+ ;;
-+
*)
- usage
- exit 1
commit 2afda465b852d44bd673ab2560dd50cc6cf5988f
Author: Michael Stahl <Michael.Stahl at cib.de>
AuthorDate: Mon Nov 18 18:45:46 2019 +0100
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 01:53:01 2020 +0200
python3: upgrade to release 3.5.9
Fixes CVE-2019-9948 CVE-2019-9740 CVE-2019-10160 CVE-2019-16056
and expat CVE-2019-15903.
python-3.3.5-pyexpat-symbols.patch.1 fails to apply, and it's a
mystery why --with-system-expat is used everywhere but on MacOSX,
where 292af048ace2d4b455b2da3a22c784cb05db1d09 disabled it for no
obvious reason, so try to remove the special case and get rid of the
patch.
Reviewed-on: https://gerrit.libreoffice.org/83117
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl at cib.de>
(cherry picked from commit b0930d56130fdddfe65e92b081a8afad77974076)
Reviewed-on: https://gerrit.libreoffice.org/83189
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
(cherry picked from commit 0d4b1f624349361e5bf11b58ccc9e0e295c0e4aa)
Remove external/python3/python-3.5.7-c99.patch.1 - was apparently
reverted upstream.
Change-Id: I5ba4532eb6e7c2fb90daba95d132dcc7c9013d96
diff --git a/configure.ac b/configure.ac
index b5ff5b40713b..b9747e40c1ec 100644
--- a/configure.ac
+++ b/configure.ac
@@ -8449,7 +8449,7 @@ internal)
SYSTEM_PYTHON=
PYTHON_VERSION_MAJOR=3
PYTHON_VERSION_MINOR=5
- PYTHON_VERSION=${PYTHON_VERSION_MAJOR}.${PYTHON_VERSION_MINOR}.7
+ PYTHON_VERSION=${PYTHON_VERSION_MAJOR}.${PYTHON_VERSION_MINOR}.9
if ! grep -q -i python.*${PYTHON_VERSION} ${SRC_ROOT}/download.lst; then
AC_MSG_ERROR([PYTHON_VERSION ${PYTHON_VERSION} but no matching file in download.lst])
fi
diff --git a/download.lst b/download.lst
index 71b4432c6ac0..35a2263e5bb1 100644
--- a/download.lst
+++ b/download.lst
@@ -210,8 +210,8 @@ export POPPLER_SHA256SUM := 92e09fd3302567fd36146b36bb707db43ce436e8841219025a82
export POPPLER_TARBALL := poppler-0.74.0.tar.xz
export POSTGRESQL_SHA256SUM := a754c02f7051c2f21e52f8669a421b50485afcde9a581674d6106326b189d126
export POSTGRESQL_TARBALL := postgresql-9.2.24.tar.bz2
-export PYTHON_SHA256SUM := 285892899bf4d5737fd08482aa6171c6b2564a45b9102dfacfb72826aebdc7dc
-export PYTHON_TARBALL := Python-3.5.7.tar.xz
+export PYTHON_SHA256SUM := c24a37c63a67f53bdd09c5f287b5cff8e8b98f857bf348c577d454d3f74db049
+export PYTHON_TARBALL := Python-3.5.9.tar.xz
export QXP_SHA256SUM := e137b6b110120a52c98edd02ebdc4095ee08d0d5295a94316a981750095a945c
export QXP_TARBALL := libqxp-0.0.2.tar.xz
export RAPTOR_SHA256SUM := ada7f0ba54787b33485d090d3d2680533520cd4426d2f7fb4782dd4a6a1480ed
diff --git a/external/python3/ExternalProject_python3.mk b/external/python3/ExternalProject_python3.mk
index 7e9952ac6cc7..7eef2ce179f6 100644
--- a/external/python3/ExternalProject_python3.mk
+++ b/external/python3/ExternalProject_python3.mk
@@ -44,9 +44,7 @@ $(call gb_ExternalProject_get_state_target,python3,build) :
else
-# this was added in 2004, hopefully is obsolete now (and why only intel anyway)? $(if $(filter SOLARIS-INTEL,$(OS)$(CPUNAME)),--disable-ipv6)
-
-# --with-system-expat: this should find the one in the solver (or system)
+# --with-system-expat: this should find the one in the workdir (or system)
# create a symlink "LO_lib" because the .so are in a directory with platform
# specific name like build/lib.linux-x86_64-3.3
@@ -68,7 +66,7 @@ $(call gb_ExternalProject_get_state_target,python3,build) :
$(if $(CROSS_COMPILING),--build=$(BUILD_PLATFORM) --host=$(HOST_PLATFORM)) \
$(if $(ENABLE_VALGRIND),--with-valgrind) \
--prefix=/python-inst \
- $(if $(filter MACOSX,$(OS)),,--with-system-expat) \
+ --with-system-expat \
$(if $(filter AIX,$(OS)), \
--disable-ipv6 --with-threads OPT="-g0 -fwrapv -O3 -Wall", \
$(if $(gb_Module_CURRENTMODULE_DEBUG_ENABLED), \
diff --git a/external/python3/UnpackedTarball_python3.mk b/external/python3/UnpackedTarball_python3.mk
index 66a82955e440..ee99de1f5e0c 100644
--- a/external/python3/UnpackedTarball_python3.mk
+++ b/external/python3/UnpackedTarball_python3.mk
@@ -23,11 +23,9 @@ $(eval $(call gb_UnpackedTarball_add_patches,python3,\
external/python3/python-3.5.4-msvc-disable.patch.1 \
external/python3/python-3.3.0-pythreadstate.patch.1 \
external/python3/python-3.3.0-clang.patch.1 \
- external/python3/python-3.3.5-pyexpat-symbols.patch.1 \
external/python3/ubsan.patch.0 \
external/python3/python-3.5.tweak.strip.soabi.patch \
external/python3/0001-3.6-bpo-17239-Disable-external-entities-in-SAX-parse.patch.1 \
- external/python3/python-3.5.7-c99.patch.1 \
))
ifneq ($(filter DRAGONFLY FREEBSD LINUX NETBSD OPENBSD SOLARIS,$(OS)),)
diff --git a/external/python3/python-3.3.5-pyexpat-symbols.patch.1 b/external/python3/python-3.3.5-pyexpat-symbols.patch.1
deleted file mode 100644
index c04c78cf36e7..000000000000
--- a/external/python3/python-3.3.5-pyexpat-symbols.patch.1
+++ /dev/null
@@ -1,28 +0,0 @@
-HACK: Fix build breakage on MacOS:
-
-*** WARNING: renaming "pyexpat" since importing it failed: dlopen(build/lib.macosx-10.6-i386-3.3/pyexpat.so, 2): Symbol not found: _XML_ErrorString
-
-This reverts c242a8f30806 from the python hg repo:
-
-restore namespacing of pyexpat symbols (closes #19186)
-
-
-See http://bugs.python.org/issue19186#msg214069
-
-The recommendation to include Modules/inc at first broke the Linux build...
-
-So do it this way, as it was before. Needs some realignment later.
-
---- python3/Modules/expat/expat_external.h
-+++ python3/Modules/expat/expat_external.h
-@@ -7,10 +7,6 @@
-
- /* External API definitions */
-
--/* Namespace external symbols to allow multiple libexpat version to
-- co-exist. */
--#include "pyexpatns.h"
--
- #if defined(_MSC_EXTENSIONS) && !defined(__BEOS__) && !defined(__CYGWIN__)
- #define XML_USE_MSC_EXTENSIONS 1
- #endif
diff --git a/external/python3/python-3.5.7-c99.patch.1 b/external/python3/python-3.5.7-c99.patch.1
deleted file mode 100644
index 558166d9953f..000000000000
--- a/external/python3/python-3.5.7-c99.patch.1
+++ /dev/null
@@ -1,62 +0,0 @@
-remove C99 which isn't suppored by all compilers yet
-
---- python3/Modules/_pickle.c.orig 2019-04-03 16:34:01.380124314 +0200
-+++ python3/Modules/_pickle.c 2019-04-03 16:35:18.579005171 +0200
-@@ -674,9 +674,12 @@
- PyErr_NoMemory();
- return NULL;
- }
-- for (size_t i = 0; i < self->mt_allocated; i++) {
-+ {
-+ size_t i;
-+ for (i = 0; i < self->mt_allocated; i++) {
- Py_XINCREF(self->mt_table[i].me_key);
- }
-+ }
- memcpy(new->mt_table, self->mt_table,
- sizeof(PyMemoEntry) * self->mt_allocated);
-
-@@ -4204,7 +4207,9 @@
- return NULL;
-
- memo = self->pickler->memo;
-- for (size_t i = 0; i < memo->mt_allocated; ++i) {
-+ {
-+ size_t i;
-+ for (i = 0; i < memo->mt_allocated; ++i) {
- PyMemoEntry entry = memo->mt_table[i];
- if (entry.me_key != NULL) {
- int status;
-@@ -4225,6 +4230,7 @@
- goto error;
- }
- }
-+ }
- return new_memo;
-
- error:
-@@ -6791,10 +6797,13 @@
- if (new_memo == NULL)
- return -1;
-
-- for (size_t i = 0; i < new_memo_size; i++) {
-+ {
-+ size_t i;
-+ for (i = 0; i < new_memo_size; i++) {
- Py_XINCREF(unpickler->memo[i]);
- new_memo[i] = unpickler->memo[i];
- }
-+ }
- }
- else if (PyDict_Check(obj)) {
- Py_ssize_t i = 0;
-@@ -6839,7 +6848,8 @@
-
- error:
- if (new_memo_size) {
-- for (size_t i = new_memo_size - 1; i != SIZE_MAX; i--) {
-+ size_t i;
-+ for (i = new_memo_size - 1; i != SIZE_MAX; i--) {
- Py_XDECREF(new_memo[i]);
- }
- PyMem_FREE(new_memo);
commit 36cbb30416e469ca3b2b54f1fb31900a5267a783
Author: Caolán McNamara <caolanm at redhat.com>
AuthorDate: Wed Aug 7 17:37:11 2019 +0100
Commit: Thorsten Behrens <Thorsten.Behrens at CIB.de>
CommitDate: Wed May 27 01:51:44 2020 +0200
warn on load when a document binds an event to a macro
a) treat shared/Scripts equivalently to document scripts
This doesn't automatically warn/block running those scripts when used in a
freshly loaded document on its own however
because DocumentMacroMode::checkMacrosOnLoading will see at...
if ( m_xData->m_rDocumentAccess.documentStorageHasMacros() || hasMacroLibrary() )
that the document contains no macros and flip the allow macros flag to true so
that potentially new uses of macros added by the user during the edit are
allowed to run
b) so, add an additional flag to indicate existence of use of macros in a document
c) for odf import, set it when a script:event-listener tag is encountered
d) for html import when registerScriptEvents or SwFormatINetFormat::SetMacroTable is called
e) for doc import when Read_F_Macro or StoreMacroCmds is called as well for good measure
f) for xls import when registerScriptEvent or ScMacroInfo::SetMacro is called
g) for oox import when VbaProject::attachMacros is called
Reviewed-on: https://gerrit.libreoffice.org/77387
Tested-by: Jenkins
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice at googlemail.com>
(cherry picked from commit 35fe064a67b54b0680b4845477c9b8751edda160)
Change-Id: Ic1203d8ec7dfc217aa217135033ae9db2888e19b
diff --git a/oox/source/ole/vbaproject.cxx b/oox/source/ole/vbaproject.cxx
index 62ec72070b46..7ffe6574d708 100644
--- a/oox/source/ole/vbaproject.cxx
+++ b/oox/source/ole/vbaproject.cxx
@@ -31,6 +31,7 @@
#include <com/sun/star/script/vba/XVBAMacroResolver.hpp>
#include <com/sun/star/uno/XComponentContext.hpp>
#include <comphelper/configurationhelper.hxx>
+#include <comphelper/string.hxx>
#include <comphelper/documentinfo.hxx>
#include <comphelper/storagehelper.hxx>
#include <osl/diagnose.h>
More information about the Libreoffice-commits
mailing list