filter/source/graphicfilter/ieps/ieps.cxx | 81 +++++++++++++++++++----------- 1 file changed, 53 insertions(+), 28 deletions(-)
New commits: commit c642912b90a45e6fb1d13b30f7003c01d7c460bc Author: Caolán McNamara <caol...@redhat.com> Date: Sun Jan 29 20:54:56 2017 +0000 Resolves: ofz#488 check remaining size while parsing Change-Id: Ibb2b6c59a159f9fafa6a065be438b59a6d2d3f21 Reviewed-on: https://gerrit.libreoffice.org/33688 Tested-by: Jenkins <c...@libreoffice.org> Reviewed-by: Miklos Vajna <vmik...@collabora.co.uk> diff --git a/filter/source/graphicfilter/ieps/ieps.cxx b/filter/source/graphicfilter/ieps/ieps.cxx index 33a4ac9..1ec3257 100644 --- a/filter/source/graphicfilter/ieps/ieps.cxx +++ b/filter/source/graphicfilter/ieps/ieps.cxx @@ -459,7 +459,6 @@ void MakePreview(sal_uInt8* pBuf, sal_uInt32 nBytesRead, pVDev->SetFillColor(); aFont.SetColor( COL_LIGHTRED ); -// aFont.SetSize( Size( 0, 32 ) ); pVDev->Push( PushFlags::FONT ); pVDev->SetFont( aFont ); @@ -470,51 +469,77 @@ void MakePreview(sal_uInt8* pBuf, sal_uInt32 nBytesRead, OUString aString; int nLen; sal_uInt8* pDest = ImplSearchEntry( pBuf, reinterpret_cast<sal_uInt8 const *>("%%Title:"), nBytesRead - 32, 8 ); - if ( pDest ) + sal_uInt32 nRemainingBytes = pDest ? (nBytesRead - (pDest - pBuf)) : 0; + if (nRemainingBytes >= 8) { pDest += 8; - if ( *pDest == ' ' ) - pDest++; - nLen = ImplGetLen( pDest, 32 ); - sal_uInt8 aOldValue(pDest[ nLen ]); pDest[ nLen ] = 0; - if ( strcmp( reinterpret_cast<char*>(pDest), "none" ) != 0 ) + nRemainingBytes -= 8; + if (nRemainingBytes && *pDest == ' ') { - aString += " Title:" + OUString::createFromAscii( reinterpret_cast<char*>(pDest) ) + "\n"; + ++pDest; + --nRemainingBytes; + } + nLen = ImplGetLen(pDest, std::min<sal_uInt32>(nRemainingBytes, 32)); + if (static_cast<sal_uInt32>(nLen) < nRemainingBytes) + { + sal_uInt8 aOldValue(pDest[ nLen ]); pDest[ nLen ] = 0; + if ( strcmp( reinterpret_cast<char*>(pDest), "none" ) != 0 ) + { + aString += " Title:" + OUString::createFromAscii( reinterpret_cast<char*>(pDest) ) + "\n"; + } + pDest[ nLen ] = aOldValue; } - pDest[ nLen ] = aOldValue; } pDest = ImplSearchEntry( pBuf, reinterpret_cast<sal_uInt8 const *>("%%Creator:"), nBytesRead - 32, 10 ); - if ( pDest ) + nRemainingBytes = pDest ? (nBytesRead - (pDest - pBuf)) : 0; + if (nRemainingBytes >= 10) { pDest += 10; - if ( *pDest == ' ' ) - pDest++; - nLen = ImplGetLen( pDest, 32 ); - sal_uInt8 aOldValue(pDest[ nLen ]); pDest[ nLen ] = 0; - aString += " Creator:" + OUString::createFromAscii( reinterpret_cast<char*>(pDest) ) + "\n"; - pDest[ nLen ] = aOldValue; + nRemainingBytes -= 10; + if (nRemainingBytes && *pDest == ' ') + { + ++pDest; + --nRemainingBytes; + } + nLen = ImplGetLen(pDest, std::min<sal_uInt32>(nRemainingBytes, 32)); + if (static_cast<sal_uInt32>(nLen) < nRemainingBytes) + { + sal_uInt8 aOldValue(pDest[nLen]); pDest[nLen] = 0; + aString += " Creator:" + OUString::createFromAscii( reinterpret_cast<char*>(pDest) ) + "\n"; + pDest[nLen] = aOldValue; + } } pDest = ImplSearchEntry( pBuf, reinterpret_cast<sal_uInt8 const *>("%%CreationDate:"), nBytesRead - 32, 15 ); - if ( pDest ) + nRemainingBytes = pDest ? (nBytesRead - (pDest - pBuf)) : 0; + if (nRemainingBytes >= 15) { pDest += 15; - if ( *pDest == ' ' ) - pDest++; - nLen = ImplGetLen( pDest, 32 ); - sal_uInt8 aOldValue(pDest[ nLen ]); pDest[ nLen ] = 0; - if ( strcmp( reinterpret_cast<char*>(pDest), "none" ) != 0 ) + nRemainingBytes -= 15; + if (nRemainingBytes && *pDest == ' ') + { + ++pDest; + --nRemainingBytes; + } + nLen = ImplGetLen(pDest, std::min<sal_uInt32>(nRemainingBytes, 32)); + if (static_cast<sal_uInt32>(nLen) < nRemainingBytes) { - aString += " CreationDate:" + OUString::createFromAscii( reinterpret_cast<char*>(pDest) ) + "\n"; + sal_uInt8 aOldValue(pDest[ nLen ]); pDest[ nLen ] = 0; + if ( strcmp( reinterpret_cast<char*>(pDest), "none" ) != 0 ) + { + aString += " CreationDate:" + OUString::createFromAscii( reinterpret_cast<char*>(pDest) ) + "\n"; + } + pDest[ nLen ] = aOldValue; } - pDest[ nLen ] = aOldValue; } pDest = ImplSearchEntry( pBuf, reinterpret_cast<sal_uInt8 const *>("%%LanguageLevel:"), nBytesRead - 4, 16 ); - if ( pDest ) + nRemainingBytes = pDest ? (nBytesRead - (pDest - pBuf)) : 0; + if (nRemainingBytes >= 16) { pDest += 16; - sal_uInt32 nCount = 4; - long nNumber = ImplGetNumber(pDest, nCount); - if ( nCount && ( (sal_uInt32)nNumber < 10 ) ) + nRemainingBytes -= 16; + sal_uInt32 nCount = std::min<sal_uInt32>(nRemainingBytes, 4U); + sal_uInt32 nNumber = ImplGetNumber(pDest, nCount); + if (nCount && nNumber < 10) { aString += " LanguageLevel:" + OUString::number( nNumber ); }
_______________________________________________ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits