connectivity/source/drivers/hsqldb/HDriver.cxx | 31 ++++++++++++++++++++++
external/hsqldb/UnpackedTarball_hsqldb.mk | 1
external/hsqldb/patches/disable-dump-script.patch | 14 +++++++++
formula/source/core/api/token.cxx | 13 +++------
sc/source/core/tool/interpr4.cxx | 10 ++++++-
5 files changed, 60 insertions(+), 9 deletions(-)
New commits:
commit ae3a7dcbb60bb73700737b9ca8940ce3103648d9
Author: Caolán McNamara <caol...@redhat.com>
AuthorDate: Mon Feb 13 13:56:10 2023 +0000
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sun Feb 19 17:06:40 2023 +0000
disable script dump
Change-Id: I04d740cc0fcf87daa192a0a6af34138278043a19
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/146986
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147051
Tested-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147255
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
Reviewed-by: Andras Timar <andras.ti...@collabora.com>
diff --git a/connectivity/source/drivers/hsqldb/HDriver.cxx
b/connectivity/source/drivers/hsqldb/HDriver.cxx
index de76ecbba29d..95c610843efa 100644
--- a/connectivity/source/drivers/hsqldb/HDriver.cxx
+++ b/connectivity/source/drivers/hsqldb/HDriver.cxx
@@ -300,6 +300,37 @@ namespace connectivity
} // if ( xStream.is() )
::comphelper::disposeComponent(xStream);
}
+
+ // disallow any database/script files that contain a
"SCRIPT[.*]" entry (this is belt and braces
+ // in that bundled hsqldb 1.8.0 is patched to also reject
them)
+ //
+ // hsqldb 2.6.0 release notes have: added system role
SCRIPT_OPS for export / import of database structure and data
+ // which seems to provide a builtin way to do this with
contemporary hsqldb
+ const OUString sScript( "script" );
+ if (!bIsNewDatabase && xStorage->isStreamElement(sScript))
+ {
+ Reference<XStream > xStream =
xStorage->openStreamElement(sScript, ElementModes::READ);
+ if (xStream.is())
+ {
+ std::unique_ptr<SvStream>
pStream(::utl::UcbStreamHelper::CreateStream(xStream));
+ if (pStream)
+ {
+ OString sLine;
+ while (pStream->ReadLine(sLine))
+ {
+ OString sText = sLine.trim();
+ if
(sText.startsWithIgnoreAsciiCase("SCRIPT"))
+ {
+ ::connectivity::SharedResources
aResources;
+ sMessage =
aResources.getResourceString(STR_COULD_NOT_LOAD_FILE).replaceFirst("$filename$",
sSystemPath);
+ break;
+ }
+ }
+ }
+ } // if ( xStream.is() )
+ ::comphelper::disposeComponent(xStream);
+ }
+
}
catch(Exception&)
{
diff --git a/external/hsqldb/UnpackedTarball_hsqldb.mk
b/external/hsqldb/UnpackedTarball_hsqldb.mk
index cbba770f19a0..ed262cccf4ca 100644
--- a/external/hsqldb/UnpackedTarball_hsqldb.mk
+++ b/external/hsqldb/UnpackedTarball_hsqldb.mk
@@ -29,6 +29,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,hsqldb,\
external/hsqldb/patches/jdbc-4.1.patch \
external/hsqldb/patches/multipleResultSets.patch \
) \
+ external/hsqldb/patches/disable-dump-script.patch \
))
# vim: set noet sw=4 ts=4:
diff --git a/external/hsqldb/patches/disable-dump-script.patch
b/external/hsqldb/patches/disable-dump-script.patch
new file mode 100644
index 000000000000..401dd38abc9a
--- /dev/null
+++ b/external/hsqldb/patches/disable-dump-script.patch
@@ -0,0 +1,14 @@
+--- a/hsqldb/src/org/hsqldb/DatabaseCommandInterpreter.java 2023-02-13
11:08:11.297243034 +0000
++++ b/hsqldb/src/org/hsqldb/DatabaseCommandInterpreter.java 2023-02-13
13:49:17.973089433 +0000
+@@ -403,6 +403,11 @@
+ throw Trace.error(Trace.INVALID_IDENTIFIER);
+ }
+
++ // added condition to avoid execution of spurious command in
.script or .log file
++ if (session.isProcessingScript() ||
session.isProcessingLog()) {
++ return new Result(ResultConstants.UPDATECOUNT);
++ }
++
+ dsw = new ScriptWriterText(database, token, true, true, true);
+
+ dsw.writeAll();
commit 84a98f32cb16e0e204e37a563ba456dd875d7c11
Author: Eike Rathke <er...@redhat.com>
AuthorDate: Thu Feb 16 20:20:31 2023 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sun Feb 19 17:06:31 2023 +0000
Obtain actual 0-parameter count for OR(), AND() and 1-parameter functions
OR and AND for legacy infix notation are classified as binary
operators but in fact are functions with parameter count. In case
no argument is supplied, GetByte() returns 0 and for that case the
implicit binary operator 2 parameters were wrongly assumed.
Similar for functions expecting 1 parameter, without argument 1
was assumed. For "real" unary and binary operators the compiler
already checks parameters. Omit OR and AND and 1-parameter
functions from this implicit assumption and return the actual 0
count.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147173
Reviewed-by: Eike Rathke <er...@redhat.com>
Tested-by: Jenkins
(cherry picked from commit e7ce9bddadb2db222eaa5f594ef1de2e36d57e5c)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147129
Reviewed-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit d6599a2af131994487d2d9223a4fd32a8c3ddc49)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147235
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
Reviewed-by: Andras Timar <andras.ti...@collabora.com>
(cherry picked from commit 306dfe210814e538be803ff241fb6130e35a7554)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147239
(cherry picked from commit 32c0f09f9adb370cb4cbc126f887a63278be55ff)
Change-Id: Ie05398c112a98021ac2875cf7b6de994aee9d882
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147242
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
Reviewed-by: Andras Timar <andras.ti...@collabora.com>
diff --git a/formula/source/core/api/token.cxx
b/formula/source/core/api/token.cxx
index 17594207234f..0db0c3464610 100644
--- a/formula/source/core/api/token.cxx
+++ b/formula/source/core/api/token.cxx
@@ -95,17 +95,14 @@ sal_uInt8 FormulaToken::GetParamCount() const
return 0; // parameters and specials
// ocIf... jump commands not for FAP, have cByte then
//2do: bool parameter whether FAP or not?
- else if ( GetByte() )
+ else if (GetByte())
return GetByte(); // all functions, also ocExternal and ocMacro
- else if (SC_OPCODE_START_BIN_OP <= eOp && eOp < SC_OPCODE_STOP_BIN_OP)
- return 2; // binary
- else if ((SC_OPCODE_START_UN_OP <= eOp && eOp < SC_OPCODE_STOP_UN_OP)
- || eOp == ocPercentSign)
- return 1; // unary
+ else if (SC_OPCODE_START_BIN_OP <= eOp && eOp < SC_OPCODE_STOP_BIN_OP &&
eOp != ocAnd && eOp != ocOr)
+ return 2; // binary operators, compiler checked; OR and AND
legacy but are functions
+ else if ((SC_OPCODE_START_UN_OP <= eOp && eOp < SC_OPCODE_STOP_UN_OP) ||
eOp == ocPercentSign)
+ return 1; // unary operators, compiler checked
else if (SC_OPCODE_START_NO_PAR <= eOp && eOp < SC_OPCODE_STOP_NO_PAR)
return 0; // no parameter
- else if (SC_OPCODE_START_1_PAR <= eOp && eOp < SC_OPCODE_STOP_1_PAR)
- return 1; // one parameter
else if (FormulaCompiler::IsOpCodeJumpCommand( eOp ))
return 1; // only the condition counts as parameter
else
diff --git a/sc/source/core/tool/interpr4.cxx b/sc/source/core/tool/interpr4.cxx
index eb3fb987c034..002c7de4c1da 100644
--- a/sc/source/core/tool/interpr4.cxx
+++ b/sc/source/core/tool/interpr4.cxx
@@ -4012,7 +4012,15 @@ StackVar ScInterpreter::Interpret()
else if (sp >= pCur->GetParamCount())
nStackBase = sp - pCur->GetParamCount();
else
- nStackBase = sp; // underflow?!?
+ {
+ SAL_WARN("sc.core", "Stack anomaly at " << aPos.Format(
+ ScRefFlags::VALID | ScRefFlags::FORCE_DOC |
ScRefFlags::TAB_3D, pDok)
+ << " eOp: " << static_cast<int>(eOp)
+ << " params: " <<
static_cast<int>(pCur->GetParamCount())
+ << " nStackBase: " << nStackBase << " sp: " <<
sp);
+ nStackBase = sp;
+ assert(!"underflow");
+ }
}
switch( eOp )
