embeddedobj/source/commonembedding/persistence.cxx | 22 +++++++++++++--------
1 file changed, 14 insertions(+), 8 deletions(-)
New commits:
commit 7273de2730022deb37a8c7f2fedbe7fc4551f9b5
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Mon Oct 16 15:21:03 2023 +0100
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Tue Oct 17 10:24:59 2023 +0200
check earlier on loading ole objects if parent doc is untrusted referer
Change-Id: Ib1169d5c40ca87f789c71b48124754e073895fcd
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158054
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
diff --git a/embeddedobj/source/commonembedding/persistence.cxx
b/embeddedobj/source/commonembedding/persistence.cxx
index ce77c9531db0..4bb8d19123a3 100644
--- a/embeddedobj/source/commonembedding/persistence.cxx
+++ b/embeddedobj/source/commonembedding/persistence.cxx
@@ -54,11 +54,12 @@
#include <comphelper/mimeconfighelper.hxx>
#include <comphelper/namedvaluecollection.hxx>
#include <comphelper/propertyvalue.hxx>
+#include <unotools/configmgr.hxx>
#include <unotools/mediadescriptor.hxx>
+#include <unotools/securityoptions.hxx>
#include <comphelper/diagnose_ex.hxx>
#include <sal/log.hxx>
-#include <unotools/configmgr.hxx>
#include "persistence.hxx"
using namespace ::com::sun::star;
@@ -361,14 +362,8 @@ uno::Reference< util::XCloseable >
OCommonEmbeddedObject::InitNewDocument_Impl()
return xDocument;
}
-
uno::Reference< util::XCloseable > OCommonEmbeddedObject::LoadLink_Impl()
{
- uno::Reference< util::XCloseable > xDocument( CreateDocument( m_xContext,
GetDocumentServiceName(),
- m_bEmbeddedScriptSupport,
m_bDocumentRecoverySupport ) );
-
- uno::Reference< frame::XLoadable > xLoadable( xDocument,
uno::UNO_QUERY_THROW );
-
sal_Int32 nLen = m_bLinkHasPassword ? 3 : 2;
uno::Sequence< beans::PropertyValue > aArgs(
m_aDocMediaDescriptor.getLength() + nLen );
auto pArgs = aArgs.getArray();
@@ -390,10 +385,22 @@ uno::Reference< util::XCloseable >
OCommonEmbeddedObject::LoadLink_Impl()
for ( sal_Int32 nInd = 0; nInd < m_aDocMediaDescriptor.getLength(); nInd++
)
{
+ // return early if this document is not trusted to open links
+ if (m_aDocMediaDescriptor[nInd].Name ==
utl::MediaDescriptor::PROP_REFERRER)
+ {
+ OUString referer;
+ m_aDocMediaDescriptor[nInd].Value >>= referer;
+ if (SvtSecurityOptions::isUntrustedReferer(referer))
+ return nullptr;
+ }
pArgs[nInd+nLen].Name = m_aDocMediaDescriptor[nInd].Name;
pArgs[nInd+nLen].Value = m_aDocMediaDescriptor[nInd].Value;
}
+ uno::Reference< util::XCloseable > xDocument( CreateDocument( m_xContext,
GetDocumentServiceName(),
+ m_bEmbeddedScriptSupport,
m_bDocumentRecoverySupport ) );
+ uno::Reference< frame::XLoadable > xLoadable( xDocument,
uno::UNO_QUERY_THROW );
+
try
{
handleLinkedOLE(CopyBackToOLELink::CopyLinkToTemp);
@@ -437,7 +444,6 @@ uno::Reference< util::XCloseable >
OCommonEmbeddedObject::LoadLink_Impl()
}
-
OUString OCommonEmbeddedObject::GetFilterName( sal_Int32 nVersion ) const
{
OUString aFilterName = GetPresetFilterName();
