Makefile.in | 2 +-
filter/source/msfilter/svdfppt.cxx | 28 ++++++++++++++++++----------
2 files changed, 19 insertions(+), 11 deletions(-)
New commits:
commit 665d7a4e659114120009636aeb4049b10009f36e
Author: Caolán McNamara <caol...@redhat.com>
Date: Thu Mar 16 09:56:36 2017 +0000
ppt fuzzer is good enough to get started
This reverts commit 78dbfa9fff9c408108112302640e0cfb8aa53a11.
diff --git a/Makefile.in b/Makefile.in
index bc5285b..87b4e97 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -446,7 +446,7 @@ $(foreach ide,\
eclipsecdt,\
$(eval $(call gb_Top_GbuildToIdeIntegrationNS,$(ide))))
-fuzzers: Library_sal Library_salhelper Library_reg Library_store
Library_unoidl codemaker Library_cppu Library_i18nlangtag Library_cppuhelper
Library_comphelper StaticLibrary_ulingu StaticLibrary_findsofficepath
Library_tl Library_basegfx Library_canvastools Library_cppcanvas
Library_dbtools Library_deploymentmisc Library_deploymentmisc Library_editeng
Library_fwe Library_fwi Library_i18nutil Library_localebe1 Library_sax
Library_sofficeapp Library_ucbhelper Library_opencl Rdb_services udkapi offapi
Library_clew Library_gie Library_icg Library_reflection Library_invocadapt
Library_bootstrap Library_introspection Library_stocservices Library_xmlreader
Library_gcc3_uno instsetoo_native more_fonts StaticLibrary_fuzzer
Executable_wmffuzzer Executable_jpgfuzzer Executable_giffuzzer
Executable_xbmfuzzer Executable_xpmfuzzer Executable_pngfuzzer
Executable_bmpfuzzer Executable_svmfuzzer Executable_pcdfuzzer
Executable_dxffuzzer Executable_metfuzzer Executable_ppmfuzzer
Executable_psdfuzzer
Executable_epsfuzzer Executable_pctfuzzer Executable_pcxfuzzer
Executable_rasfuzzer Executable_tgafuzzer Executable_tiffuzzer
Executable_hwpfuzzer Executable_602fuzzer Executable_lwpfuzzer
Executable_olefuzzer AllLangResTarget_sd
+fuzzers: Library_sal Library_salhelper Library_reg Library_store
Library_unoidl codemaker Library_cppu Library_i18nlangtag Library_cppuhelper
Library_comphelper StaticLibrary_ulingu StaticLibrary_findsofficepath
Library_tl Library_basegfx Library_canvastools Library_cppcanvas
Library_dbtools Library_deploymentmisc Library_deploymentmisc Library_editeng
Library_fwe Library_fwi Library_i18nutil Library_localebe1 Library_sax
Library_sofficeapp Library_ucbhelper Library_opencl Rdb_services udkapi offapi
Library_clew Library_gie Library_icg Library_reflection Library_invocadapt
Library_bootstrap Library_introspection Library_stocservices Library_xmlreader
Library_gcc3_uno instsetoo_native more_fonts StaticLibrary_fuzzer
Executable_wmffuzzer Executable_jpgfuzzer Executable_giffuzzer
Executable_xbmfuzzer Executable_xpmfuzzer Executable_pngfuzzer
Executable_bmpfuzzer Executable_svmfuzzer Executable_pcdfuzzer
Executable_dxffuzzer Executable_metfuzzer Executable_ppmfuzzer
Executable_psdfuzzer
Executable_epsfuzzer Executable_pctfuzzer Executable_pcxfuzzer
Executable_rasfuzzer Executable_tgafuzzer Executable_tiffuzzer
Executable_hwpfuzzer Executable_602fuzzer Executable_lwpfuzzer
Executable_olefuzzer AllLangResTarget_sd Executable_pptfuzzer
endif # MAKE_RESTARTS
commit 30e2b7203963af215c9aaaec12383e0d5e1f6a7f
Author: Caolán McNamara <caol...@redhat.com>
Date: Thu Mar 16 09:53:19 2017 +0000
ofz#875 limit depth to max legal depth
Change-Id: Icbe9339148dc4aeb31c160e976385e3bcaef75b6
diff --git a/filter/source/msfilter/svdfppt.cxx
b/filter/source/msfilter/svdfppt.cxx
index ae5a5a3..c41be38 100644
--- a/filter/source/msfilter/svdfppt.cxx
+++ b/filter/source/msfilter/svdfppt.cxx
@@ -5908,6 +5908,14 @@ bool PPTParagraphObj::GetAttrib( sal_uInt32 nAttr,
sal_uInt32& rRetValue, TSS_Ty
bool bIsHardAttribute = ( ( pParaSet->mnAttrSet & nMask ) != 0 );
+ sal_uInt16 nDepth = pParaSet->mnDepth;
+
+ if (nDepth >= nMaxPPTLevels)
+ {
+ SAL_WARN("filter.ms", "Para Style Sheet depth " << nDepth << " but "
<< nMaxPPTLevels - 1 << " is max possible");
+ nDepth = nMaxPPTLevels - 1;
+ }
+
if ( bIsHardAttribute )
{
if ( nAttr == PPT_ParaAttr_BulletColor )
@@ -5916,7 +5924,7 @@ bool PPTParagraphObj::GetAttrib( sal_uInt32 nAttr,
sal_uInt32& rRetValue, TSS_Ty
if ( pParaSet->mnAttrSet & ( 1 << PPT_ParaAttr_BuHardColor ) )
bHardBulletColor = pParaSet->mpArry[ PPT_ParaAttr_BuHardColor
] != 0;
else
- bHardBulletColor = ( mrStyleSheet.mpParaSheet[ mnInstance
]->maParaLevel[ pParaSet->mnDepth ].mnBuFlags
+ bHardBulletColor = ( mrStyleSheet.mpParaSheet[ mnInstance
]->maParaLevel[nDepth].mnBuFlags
& ( 1 << PPT_ParaAttr_BuHardColor ) )
!= 0;
if ( bHardBulletColor )
rRetValue = pParaSet->mnBulletColor;
@@ -5932,7 +5940,7 @@ bool PPTParagraphObj::GetAttrib( sal_uInt32 nAttr,
sal_uInt32& rRetValue, TSS_Ty
}
else
{
- rRetValue = mrStyleSheet.mpCharSheet[
nDestinationInstance ]->maCharLevel[ pParaSet->mnDepth ].mnFontColor;
+ rRetValue = mrStyleSheet.mpCharSheet[
nDestinationInstance ]->maCharLevel[nDepth].mnFontColor;
}
}
}
@@ -5943,7 +5951,7 @@ bool PPTParagraphObj::GetAttrib( sal_uInt32 nAttr,
sal_uInt32& rRetValue, TSS_Ty
if ( pParaSet->mnAttrSet & ( 1 << PPT_ParaAttr_BuHardFont ) )
bHardBuFont = pParaSet->mpArry[ PPT_ParaAttr_BuHardFont ] != 0;
else
- bHardBuFont = ( mrStyleSheet.mpParaSheet[ mnInstance
]->maParaLevel[ pParaSet->mnDepth ].mnBuFlags
+ bHardBuFont = ( mrStyleSheet.mpParaSheet[ mnInstance
]->maParaLevel[nDepth].mnBuFlags
& ( 1 << PPT_ParaAttr_BuHardFont ) )
!= 0;
if ( bHardBuFont )
rRetValue = pParaSet->mpArry[ PPT_ParaAttr_BulletFont ];
@@ -5960,7 +5968,7 @@ bool PPTParagraphObj::GetAttrib( sal_uInt32 nAttr,
sal_uInt32& rRetValue, TSS_Ty
}
else
{
- rRetValue = mrStyleSheet.mpCharSheet[
nDestinationInstance ]->maCharLevel[ pParaSet->mnDepth ].mnFont;
+ rRetValue = mrStyleSheet.mpCharSheet[
nDestinationInstance ]->maCharLevel[nDepth].mnFont;
}
}
}
@@ -5970,14 +5978,14 @@ bool PPTParagraphObj::GetAttrib( sal_uInt32 nAttr,
sal_uInt32& rRetValue, TSS_Ty
}
else
{
- const PPTParaLevel& rParaLevel = mrStyleSheet.mpParaSheet[ mnInstance
]->maParaLevel[ pParaSet->mnDepth ];
+ const PPTParaLevel& rParaLevel = mrStyleSheet.mpParaSheet[ mnInstance
]->maParaLevel[nDepth];
PPTParaLevel* pParaLevel = nullptr;
if ( ( nDestinationInstance == TSS_Type::Unknown )
- || ( pParaSet->mnDepth && ( ( mnInstance == TSS_Type::Subtitle )
|| ( mnInstance == TSS_Type::TextInShape ) ) ) )
+ || ( nDepth && ( ( mnInstance == TSS_Type::Subtitle ) || (
mnInstance == TSS_Type::TextInShape ) ) ) )
bIsHardAttribute = true;
else if ( nDestinationInstance != mnInstance )
- pParaLevel = &mrStyleSheet.mpParaSheet[ nDestinationInstance
]->maParaLevel[ pParaSet->mnDepth ];
+ pParaLevel = &mrStyleSheet.mpParaSheet[ nDestinationInstance
]->maParaLevel[nDepth];
switch ( nAttr )
{
case PPT_ParaAttr_BulletOn :
@@ -6025,7 +6033,7 @@ bool PPTParagraphObj::GetAttrib( sal_uInt32 nAttr,
sal_uInt32& rRetValue, TSS_Ty
}
else
{
- rRetValue = mrStyleSheet.mpCharSheet[ mnInstance
]->maCharLevel[ pParaSet->mnDepth ].mnFont;
+ rRetValue = mrStyleSheet.mpCharSheet[ mnInstance
]->maCharLevel[nDepth].mnFont;
bIsHardAttribute = true;
}
}
@@ -6061,7 +6069,7 @@ bool PPTParagraphObj::GetAttrib( sal_uInt32 nAttr,
sal_uInt32& rRetValue, TSS_Ty
if( rPortion.mbHardHylinkOrigColor )
rRetValue = rPortion.mnHylinkOrigColor;
else
- rRetValue = mrStyleSheet.mpCharSheet[
mnInstance ]->maCharLevel[ pParaSet->mnDepth ].mnFontColor;
+ rRetValue = mrStyleSheet.mpCharSheet[
mnInstance ]->maCharLevel[nDepth].mnFontColor;
bIsHardAttribute = true;
}
else
@@ -6071,7 +6079,7 @@ bool PPTParagraphObj::GetAttrib( sal_uInt32 nAttr,
sal_uInt32& rRetValue, TSS_Ty
}
else
{
- rRetValue = mrStyleSheet.mpCharSheet[ mnInstance
]->maCharLevel[ pParaSet->mnDepth ].mnFontColor;
+ rRetValue = mrStyleSheet.mpCharSheet[ mnInstance
]->maCharLevel[nDepth].mnFontColor;
bIsHardAttribute = true;
}
}
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
