sc/source/filter/orcus/filterdetect.cxx | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)
New commits: commit a95c585433246813096e8890b7ed6ef4fe30c621 Author: Stephan Bergmann <sberg...@redhat.com> AuthorDate: Wed Jun 22 20:37:34 2022 +0200 Commit: Stephan Bergmann <sberg...@redhat.com> CommitDate: Thu Jun 23 09:43:24 2022 +0200 Pump XInputStream into an SvMemoryStream rather than an OStringBuffer ...to avoid overflow with streams >= 2^31 bytes. This should fix <https://crashreport.libreoffice.org/stats/crash_details/d9613c81-de37-4de2-8c64-e36634d10ddc> which I could reproduce with a recent master Linux build with > $ truncate -s 3G test.xml > $ instdir/program/soffice test.xml causing a SIGSEGV at > #0 0x00007ffff7f193a0 in rtl::str::stringbuffer_insert<_rtl_String, char>(_rtl_String**, int*, int, char const*, int) (ppThis=0x7fffffffb330, capacity=<optimized out>, offset=2147479552, pStr=0x20a92e8 "", len=4096) at sal/rtl/strtmpl.hxx:1424 > #1 0x00007fffb6af04e5 in rtl::OStringBuffer::append(char const*, int) (len=4096, str=<optimized out>, this=0x7fffffffb330) at include/rtl/strbuf.hxx:594 > #2 (anonymous namespace)::OrcusFormatDetect::detect(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue>&) (this=<optimized out>, rMediaDescSeq=<optimized out>) at sc/source/filter/orcus/filterdetect.cxx:80 [...] (Ideally, orcus::detect would only need a short prefix of the stream's content, but the implementation in workdir/UnpackedTarball/liborcus/src/liborcus/format_detection.cpp delegates to functions like orcus_ods::detect in workdir/UnpackedTarball/liborcus/src/liborcus/orcus_ods.cpp, which passes the content through some zip_archive that presumably needs the full content.) Change-Id: Ifaa37ee887d8296cbcf971313bde347ddfb17c12 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/136297 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sberg...@redhat.com> diff --git a/sc/source/filter/orcus/filterdetect.cxx b/sc/source/filter/orcus/filterdetect.cxx index 4e299f1d9371..21eb1d492440 100644 --- a/sc/source/filter/orcus/filterdetect.cxx +++ b/sc/source/filter/orcus/filterdetect.cxx @@ -14,7 +14,7 @@ #include <unotools/mediadescriptor.hxx> -#include <rtl/strbuf.hxx> +#include <tools/stream.hxx> #include <orcus/format_detection.hpp> @@ -68,7 +68,7 @@ OUString OrcusFormatDetect::detect(css::uno::Sequence<css::beans::PropertyValue> return OUString(); css::uno::Reference<css::io::XInputStream> xInputStream(aMediaDescriptor[utl::MediaDescriptor::PROP_INPUTSTREAM], css::uno::UNO_QUERY ); - OStringBuffer aContent(xInputStream->available()); + SvMemoryStream aContent(xInputStream->available()); static const sal_Int32 nBytes = 4096; css::uno::Sequence<sal_Int8> aSeq(nBytes); @@ -77,10 +77,10 @@ OUString OrcusFormatDetect::detect(css::uno::Sequence<css::beans::PropertyValue> { sal_Int32 nReadBytes = xInputStream->readBytes(aSeq, nBytes); bEnd = (nReadBytes != nBytes); - aContent.append(reinterpret_cast<const char*>(aSeq.getConstArray()), nReadBytes); + aContent.WriteBytes(aSeq.getConstArray(), nReadBytes); } - orcus::format_t eFormat = orcus::detect(reinterpret_cast<const unsigned char*>(aContent.getStr()), aContent.getLength()); + orcus::format_t eFormat = orcus::detect(static_cast<const unsigned char*>(aContent.GetData()), aContent.GetSize()); switch (eFormat) {