[Libreoffice-commits] core.git: sc/source

Fri, 09 Nov 2018 09:13:59 -0800 

 sc/source/filter/inc/xladdress.hxx |   10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

New commits:
commit d75563504643f4b4f8275cb754ec5ab4d786b7ad
Author:     Stephan Bergmann <sberg...@redhat.com>
AuthorDate: Fri Nov 9 16:41:55 2018 +0100
Commit:     Stephan Bergmann <sberg...@redhat.com>
CommitDate: Fri Nov 9 18:11:52 2018 +0100

    Make XclRange::GetCol/RowCount more robust
    
    Under (new-in-Clang) -fsanitize=implicit-signed-integer-truncation,
    CppunitTest_sc_filters_test failed with
    
    > Testing file:///.../sc/qa/unit/data/xls/pass/crash-7.xls:
    > warn:sc:27699:27699:sc/source/filter/excel/xlroot.cxx:158: 
XclRootData::XclRootData - cannot get output device info: 
N3com3sun4star3uno9ExceptionE msg: invalid attempt to assign an empty interface 
of type com.sun.star.frame.XFrame!
    > warn:legacy.osl:27699:27699:sc/source/filter/excel/xilink.cxx:631: 
XclImpSupbook::XclImpSupbook - unknown special SUPBOOK type
    > warn:sc:27699:27699:sc/source/filter/excel/xilink.cxx:703: 
XclImpSupbook::GetExternName - index must be >0
    > warn:legacy.osl:27699:27699:sc/source/filter/excel/xistream.cxx:802: 
XclImpStream::Ignore - record overread
    > sc/source/filter/inc/xladdress.hxx:72:47: runtime error: implicit 
conversion from type 'int' of value -511 (32-bit, signed) to type 'sal_uInt16' 
(aka 'unsigned short') changed the value to 65025 (16-bit, unsigned)
    >  #0 in XclRange::GetColCount() const at 
sc/source/filter/inc/xladdress.hxx:72:47 (instdir/program/libscfiltlo.so 
+0x2510655)
    >  #1 in ImportExcel::ReadDimensions() at 
sc/source/filter/excel/impop.cxx:255:27 (instdir/program/libscfiltlo.so 
+0x24e52c4)
    >  #2 in ImportExcel8::Read() at sc/source/filter/excel/read.cxx:1110:49 
(instdir/program/libscfiltlo.so +0x2589a90)
    >  #3 in ScFormatFilterPluginImpl::ScImportExcel(SfxMedium&, ScDocument*, 
EXCIMPFORMAT) at sc/source/filter/excel/excel.cxx:145:35 
(instdir/program/libscfiltlo.so +0x230df62)
    >  #4 in ScDocShell::ConvertFrom(SfxMedium&) at 
sc/source/ui/docshell/docsh.cxx:1265:52 (instdir/program/libsclo.so +0xcc8db50)
    >  #5 in SfxObjectShell::DoLoad(SfxMedium*) at 
sfx2/source/doc/objstor.cxx:787:23 (instdir/program/libsfxlo.so +0x389f0df)
    >  #6 in ScBootstrapFixture::load(bool, rtl::OUString const&, rtl::OUString 
const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, 
SotClipboardFormatId, unsigned long, rtl::OUString const*) at 
sc/qa/unit/helper/qahelper.cxx:582:21 
(workdir/LinkTarget/CppunitTest/../Library/libscqahelper.so +0x869b5)
    >  #7 in ScBootstrapFixture::load(rtl::OUString const&, rtl::OUString 
const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, 
SotClipboardFormatId, unsigned long, rtl::OUString const*) at 
sc/qa/unit/helper/qahelper.cxx:597:12 
(workdir/LinkTarget/CppunitTest/../Library/libscqahelper.so +0x86fa6)
    >  #8 in ScFiltersTest::load(rtl::OUString const&, rtl::OUString const&, 
rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int) at 
sc/qa/unit/filters-test.cxx:125:51 
(workdir/LinkTarget/CppunitTest/libtest_sc_filters_test.so +0x4623a)
    >  #9 in test::FiltersTest::recursiveScan(test::filterStatus, rtl::OUString 
const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, 
SotClipboardFormatId, unsigned int, bool) at 
unotest/source/cpp/filters-test.cxx:130:20 
(workdir/LinkTarget/CppunitTest/../Library/libunotest.so +0x7526d)
    >  #10 in test::FiltersTest::testDir(rtl::OUString const&, rtl::OUString 
const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned 
int, bool) at unotest/source/cpp/filters-test.cxx:155:5 
(workdir/LinkTarget/CppunitTest/../Library/libunotest.so +0x79127)
    >  #11 in ScFiltersTest::testCVEs() at sc/qa/unit/filters-test.cxx:146:5 
(workdir/LinkTarget/CppunitTest/libtest_sc_filters_test.so +0x4729d)
    [...]
    
    so it smells like the given XclRange (with maFirst.mnCol=512, 
maFirst.mnRow=0,
    maLast.mnCol=0, maLast.mnRow=0) already is the result of some previous 
lenient
    parsing of invalid input.
    
    Change-Id: Ib7915eac5526fc295e7fbbc1c001549b991ddbf7
    Reviewed-on: https://gerrit.libreoffice.org/63200
    Tested-by: Jenkins
    Reviewed-by: Stephan Bergmann <sberg...@redhat.com>

diff --git a/sc/source/filter/inc/xladdress.hxx 
b/sc/source/filter/inc/xladdress.hxx
index 141faeb6c71f..da72035a2c89 100644
--- a/sc/source/filter/inc/xladdress.hxx
+++ b/sc/source/filter/inc/xladdress.hxx
@@ -69,8 +69,14 @@ struct XclRange
     void         Set( sal_uInt16 nCol1, sal_uInt32 nRow1, sal_uInt16 nCol2, 
sal_uInt32 nRow2 )
                             { maFirst.Set( nCol1, nRow1 ); maLast.Set( nCol2, 
nRow2 ); }
 
-    sal_uInt16   GetColCount() const { return maLast.mnCol - maFirst.mnCol + 
1; }
-    sal_uInt32   GetRowCount() const { return maLast.mnRow - maFirst.mnRow + 
1; }
+    sal_uInt16   GetColCount() const {
+        return maFirst.mnCol <= maLast.mnCol && maFirst.mnRow <= maLast.mnRow
+            ? maLast.mnCol - maFirst.mnCol + 1 : 0;
+    }
+    sal_uInt32   GetRowCount() const {
+        return maFirst.mnCol <= maLast.mnCol && maFirst.mnRow <= maLast.mnRow
+            ? maLast.mnRow - maFirst.mnRow + 1 : 0;
+    }
     bool                Contains( const XclAddress& rPos ) const;
 
     void                Read( XclImpStream& rStrm, bool bCol16Bit = true );
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

Reply via email to