vcl/inc/regionband.hxx | 3 ++-
vcl/source/gdi/region.cxx | 8 +++++++-
vcl/source/gdi/regionband.cxx | 27 +++++++++++++++++++++++----
3 files changed, 32 insertions(+), 6 deletions(-)
New commits:
commit 2a63eb8ba642b58814f8a78ba65a2c537aa97cdf
Author: Caolán McNamara <caol...@redhat.com>
Date: Mon Mar 12 14:13:23 2018 +0000
forcepoint #27 check region bands loaded from stream for consistency
Change-Id: I92376b5fb4208c78fa25a94d4dd394256793161c
Reviewed-on: https://gerrit.libreoffice.org/51145
Tested-by: Jenkins <c...@libreoffice.org>
Reviewed-by: Michael Stahl <mst...@redhat.com>
diff --git a/vcl/inc/regionband.hxx b/vcl/inc/regionband.hxx
index 1fb5db93a410..b227226353d1 100644
--- a/vcl/inc/regionband.hxx
+++ b/vcl/inc/regionband.hxx
@@ -36,6 +36,7 @@ private:
ImplRegionBand* mpLastCheckedBand;
void implReset();
+ SAL_WARN_UNUSED_RESULT bool CheckConsistency() const;
public:
RegionBand();
@@ -46,7 +47,7 @@ public:
bool operator==( const RegionBand& rRegionBand ) const;
- void load(SvStream& rIStrm);
+ SAL_WARN_UNUSED_RESULT bool load(SvStream& rIStrm);
void save(SvStream& rIStrm) const;
bool isSingleRectangle() const;
diff --git a/vcl/source/gdi/region.cxx b/vcl/source/gdi/region.cxx
index a4163402ea7a..3f52101d35c4 100644
--- a/vcl/source/gdi/region.cxx
+++ b/vcl/source/gdi/region.cxx
@@ -1586,7 +1586,7 @@ SvStream& ReadRegion(SvStream& rIStrm, vcl::Region&
rRegion)
default:
{
RegionBand* pNewRegionBand = new RegionBand();
- pNewRegionBand->load(rIStrm);
+ bool bSuccess = pNewRegionBand->load(rIStrm);
rRegion.mpRegionBand.reset(pNewRegionBand);
if(aCompat.GetVersion() >= 2)
@@ -1603,6 +1603,12 @@ SvStream& ReadRegion(SvStream& rIStrm, vcl::Region&
rRegion)
}
}
+ if (!bSuccess)
+ {
+ SAL_WARN("vcl.gdi", "bad region band");
+ rRegion.SetNull();
+ }
+
break;
}
}
diff --git a/vcl/source/gdi/regionband.cxx b/vcl/source/gdi/regionband.cxx
index e14029548202..22dfb5d53193 100644
--- a/vcl/source/gdi/regionband.cxx
+++ b/vcl/source/gdi/regionband.cxx
@@ -190,7 +190,7 @@ bool RegionBand::operator==( const RegionBand& rRegionBand
) const
enum StreamEntryType { STREAMENTRY_BANDHEADER, STREAMENTRY_SEPARATION,
STREAMENTRY_END };
-void RegionBand::load(SvStream& rIStrm)
+bool RegionBand::load(SvStream& rIStrm)
{
// clear this instance data
implReset();
@@ -203,14 +203,14 @@ void RegionBand::load(SvStream& rIStrm)
rIStrm.ReadUInt16(nTmp16);
if (STREAMENTRY_END == (StreamEntryType)nTmp16)
- return;
+ return false;
size_t nRecordsPossible = rIStrm.remainingSize() / (2*sizeof(sal_Int32));
if (!nRecordsPossible)
{
OSL_ENSURE(false, "premature end of region stream" );
implReset();
- return;
+ return false;
}
do
@@ -259,13 +259,19 @@ void RegionBand::load(SvStream& rIStrm)
{
OSL_ENSURE(false, "premature end of region stream" );
implReset();
- return;
+ return false;
}
// get next header
rIStrm.ReadUInt16( nTmp16 );
}
while (STREAMENTRY_END != (StreamEntryType)nTmp16 && rIStrm.good());
+ if (!CheckConsistency())
+ {
+ implReset();
+ return false;
+ }
+ return true;
}
void RegionBand::save(SvStream& rOStrm) const
@@ -1155,6 +1161,19 @@ bool RegionBand::Exclude(const RegionBand& rSource)
return true;
}
+bool RegionBand::CheckConsistency() const
+{
+ // look in the band list (don't test first band again!)
+ const ImplRegionBand* pBand = mpFirstBand->mpNextBand;
+ while (pBand)
+ {
+ if (!pBand->mpFirstSep)
+ return false;
+ pBand = pBand->mpNextBand;
+ }
+ return true;
+}
+
tools::Rectangle RegionBand::GetBoundRect() const
{
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
