[Libreoffice-commits] core.git: Branch 'libreoffice-5-4' - oox/source

Thu, 30 Nov 2017 07:24:06 -0800 

 oox/source/crypto/CryptTools.cxx         |   12 +++++++++---
 oox/source/crypto/Standard2007Engine.cxx |    2 ++
 2 files changed, 11 insertions(+), 3 deletions(-)

New commits:
commit 0498b983cc62bc37dacd246ed6480563ede470b1
Author: Caolán McNamara <caol...@redhat.com>
Date:   Wed Nov 29 16:15:04 2017 +0000

    ofz: handle bad key len and subsequent PK11_ImportSymKey failure
    
    Change-Id: Ied93745f924cbcbc674b5c9a78545aa1f79fc61e
    Reviewed-on: https://gerrit.libreoffice.org/45515
    Tested-by: Jenkins <c...@libreoffice.org>
    Reviewed-by: Michael Stahl <mst...@redhat.com>

diff --git a/oox/source/crypto/CryptTools.cxx b/oox/source/crypto/CryptTools.cxx
index b23d3ebbf57b..a80eaad63689 100644
--- a/oox/source/crypto/CryptTools.cxx
+++ b/oox/source/crypto/CryptTools.cxx
@@ -34,9 +34,12 @@ Crypto::~Crypto()
     EVP_CIPHER_CTX_cleanup( &mContext );
 #endif
 #if USE_TLS_NSS
-    PK11_DestroyContext( mContext, PR_TRUE );
-    PK11_FreeSymKey( mSymKey );
-    SECITEM_FreeItem( mSecParam, PR_TRUE );
+    if (mContext)
+        PK11_DestroyContext(mContext, PR_TRUE);
+    if (mSymKey)
+        PK11_FreeSymKey(mSymKey);
+    if (mSecParam)
+        SECITEM_FreeItem(mSecParam, PR_TRUE);
 #endif
 }
 
@@ -101,6 +104,9 @@ void Crypto::setupContext(std::vector<sal_uInt8>& key, 
std::vector<sal_uInt8>& i
     keyItem.len  = key.size();
 
     mSymKey = PK11_ImportSymKey(pSlot, mechanism, PK11_OriginUnwrap, 
CKA_ENCRYPT, &keyItem, nullptr);
+    if (!mSymKey)
+        throw css::uno::RuntimeException("NSS SymKey failure", 
css::uno::Reference<css::uno::XInterface>());
+
     mSecParam = PK11_ParamFromIV(mechanism, pIvItem);
     mContext = PK11_CreateContextBySymKey(mechanism, operation, mSymKey, 
mSecParam);
 }
diff --git a/oox/source/crypto/Standard2007Engine.cxx 
b/oox/source/crypto/Standard2007Engine.cxx
index b9c259fa02ac..aabb7ed3027a 100644
--- a/oox/source/crypto/Standard2007Engine.cxx
+++ b/oox/source/crypto/Standard2007Engine.cxx
@@ -113,6 +113,8 @@ bool Standard2007Engine::calculateEncryptionKey(const 
OUString& rPassword)
         buffer[i] ^= hash[i];
 
     hash = comphelper::Hash::calculateHash(buffer.data(), buffer.size(), 
comphelper::HashType::SHA1);
+    if (mKey.size() > hash.size())
+        return false;
     std::copy(hash.begin(), hash.begin() + mKey.size(), mKey.begin());
 
     return true;

_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

Reply via email to