core.git: Branch 'libreoffice-24-2' - comphelper/source oox/source package/source sc/source svl/source sw/source xmlsecurity/source

Tue, 06 Feb 2024 11:34:56 -0800 

 comphelper/source/misc/docpasswordhelper.cxx       |    5 ++++-
 comphelper/source/misc/storagehelper.cxx           |    5 ++++-
 oox/source/crypto/Standard2007Engine.cxx           |    5 ++++-
 package/source/zippackage/ZipPackageStream.cxx     |   10 ++++++++--
 sc/source/filter/excel/xeroot.cxx                  |    6 ++++--
 sc/source/filter/excel/xestream.cxx                |    5 ++++-
 svl/source/passwordcontainer/passwordcontainer.cxx |    5 ++++-
 sw/source/filter/ww8/wrtww8.cxx                    |    6 ++++--
 sw/source/filter/ww8/ww8par.cxx                    |    6 ++++--
 xmlsecurity/source/xmlsec/nss/ciphercontext.cxx    |    5 ++++-
 10 files changed, 44 insertions(+), 14 deletions(-)

New commits:
commit b828a5e1acbeb1cd2dbf9da3d5cbcbaeca9096b5
Author:     Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Thu Feb 1 11:20:18 2024 +0100
Commit:     Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Tue Feb 6 20:34:30 2024 +0100

    check that rtl_random_getBytes() was successful
    
    ... everywhere it is used to generate material for encryption.
    
    Change-Id: Id3390376bb2f3a5fa1bbfd735850fce886ef7db2
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/162873
    Tested-by: Jenkins
    Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
    (cherry picked from commit b85c2459ced6a41915dbaf567613fb5e244a0ada)
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/162890
    Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>

diff --git a/comphelper/source/misc/docpasswordhelper.cxx 
b/comphelper/source/misc/docpasswordhelper.cxx
index 0adb6eff9a4a..1f73bd8d7026 100644
--- a/comphelper/source/misc/docpasswordhelper.cxx
+++ b/comphelper/source/misc/docpasswordhelper.cxx
@@ -427,7 +427,10 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
     uno::Sequence< sal_Int8 > aResult( nLength );
 
     rtlRandomPool aRandomPool = rtl_random_createPool ();
-    rtl_random_getBytes ( aRandomPool, aResult.getArray(), nLength );
+    if (rtl_random_getBytes(aRandomPool, aResult.getArray(), nLength) != 
rtl_Random_E_None)
+    {
+        throw uno::RuntimeException("rtl_random_getBytes failed");
+    }
     rtl_random_destroyPool ( aRandomPool );
 
     return aResult;
diff --git a/comphelper/source/misc/storagehelper.cxx 
b/comphelper/source/misc/storagehelper.cxx
index 9d3dbcd22732..c190d099ea00 100644
--- a/comphelper/source/misc/storagehelper.cxx
+++ b/comphelper/source/misc/storagehelper.cxx
@@ -446,7 +446,10 @@ uno::Sequence< beans::NamedValue > 
OStorageHelper::CreateGpgPackageEncryptionDat
 
     // get 32 random chars out of it
     uno::Sequence < sal_Int8 > aVector(32);
-    rtl_random_getBytes( aRandomPool, aVector.getArray(), aVector.getLength() 
);
+    if (rtl_random_getBytes(aRandomPool, aVector.getArray(), 
aVector.getLength()) != rtl_Random_E_None)
+    {
+        throw uno::RuntimeException("rtl_random_getBytes failed");
+    }
 
     rtl_random_destroyPool(aRandomPool);
 
diff --git a/oox/source/crypto/Standard2007Engine.cxx 
b/oox/source/crypto/Standard2007Engine.cxx
index b588fc5c8fd0..9fe18ad17e0c 100644
--- a/oox/source/crypto/Standard2007Engine.cxx
+++ b/oox/source/crypto/Standard2007Engine.cxx
@@ -28,7 +28,10 @@ namespace
 void lclRandomGenerateValues(sal_uInt8* aArray, sal_uInt32 aSize)
 {
     rtlRandomPool aRandomPool = rtl_random_createPool();
-    rtl_random_getBytes(aRandomPool, aArray, aSize);
+    if (rtl_random_getBytes(aRandomPool, aArray, aSize) != rtl_Random_E_None)
+    {
+        throw css::uno::RuntimeException("rtl_random_getBytes failed");
+    }
     rtl_random_destroyPool(aRandomPool);
 }
 
diff --git a/package/source/zippackage/ZipPackageStream.cxx 
b/package/source/zippackage/ZipPackageStream.cxx
index d3068a666519..a5d4a0f7ce3d 100644
--- a/package/source/zippackage/ZipPackageStream.cxx
+++ b/package/source/zippackage/ZipPackageStream.cxx
@@ -592,8 +592,14 @@ bool ZipPackageStream::saveChild(
                 uno::Sequence<sal_Int8> aSalt(16);
                 // note: for GCM it's particularly important that IV is unique
                 uno::Sequence<sal_Int8> aVector(GetIVSize());
-                rtl_random_getBytes ( rRandomPool, aSalt.getArray(), 16 );
-                rtl_random_getBytes ( rRandomPool, aVector.getArray(), 
aVector.getLength() );
+                if (rtl_random_getBytes(rRandomPool, aSalt.getArray(), 16) != 
rtl_Random_E_None)
+                {
+                    throw uno::RuntimeException("rtl_random_getBytes failed");
+                }
+                if (rtl_random_getBytes(rRandomPool, aVector.getArray(), 
aVector.getLength()) != rtl_Random_E_None)
+                {
+                    throw uno::RuntimeException("rtl_random_getBytes failed");
+                }
                 if ( !m_bHaveOwnKey )
                 {
                     m_aEncryptionKey = rEncryptionKey;
diff --git a/sc/source/filter/excel/xeroot.cxx 
b/sc/source/filter/excel/xeroot.cxx
index ce281890f837..c1959767d97d 100644
--- a/sc/source/filter/excel/xeroot.cxx
+++ b/sc/source/filter/excel/xeroot.cxx
@@ -317,8 +317,10 @@ uno::Sequence< beans::NamedValue > 
XclExpRoot::GenerateEncryptionData( std::u16s
     {
         rtlRandomPool aRandomPool = rtl_random_createPool ();
         sal_uInt8 pnDocId[16];
-        rtl_random_getBytes( aRandomPool, pnDocId, 16 );
-
+        if (rtl_random_getBytes(aRandomPool, pnDocId, 16) != rtl_Random_E_None)
+        {
+            throw uno::RuntimeException("rtl_random_getBytes failed");
+        }
         rtl_random_destroyPool( aRandomPool );
 
         sal_uInt16 pnPasswd[16] = {};
diff --git a/sc/source/filter/excel/xestream.cxx 
b/sc/source/filter/excel/xestream.cxx
index 4158fa2c153d..a70e4e08bd71 100644
--- a/sc/source/filter/excel/xestream.cxx
+++ b/sc/source/filter/excel/xestream.cxx
@@ -564,7 +564,10 @@ void XclExpBiff8Encrypter::Init( const Sequence< 
NamedValue >& rEncryptionData )
 
     // generate the salt here
     rtlRandomPool aRandomPool = rtl_random_createPool ();
-    rtl_random_getBytes( aRandomPool, mpnSalt, 16 );
+    if (rtl_random_getBytes(aRandomPool, mpnSalt, 16) != rtl_Random_E_None)
+    {
+        throw uno::RuntimeException("rtl_random_getBytes failed");
+    }
     rtl_random_destroyPool( aRandomPool );
 
     memset( mpnSaltDigest, 0, sizeof( mpnSaltDigest ) );
diff --git a/svl/source/passwordcontainer/passwordcontainer.cxx 
b/svl/source/passwordcontainer/passwordcontainer.cxx
index 333e2921b493..90b27c29f7b0 100644
--- a/svl/source/passwordcontainer/passwordcontainer.cxx
+++ b/svl/source/passwordcontainer/passwordcontainer.cxx
@@ -654,7 +654,10 @@ OUString PasswordContainer::createIV()
 {
     rtlRandomPool randomPool = mRandomPool.get();
     unsigned char iv[RTL_DIGEST_LENGTH_MD5];
-    rtl_random_getBytes(randomPool, iv, RTL_DIGEST_LENGTH_MD5);
+    if (rtl_random_getBytes(randomPool, iv, RTL_DIGEST_LENGTH_MD5) != 
rtl_Random_E_None)
+    {
+        throw uno::RuntimeException("rtl_random_getBytes failed");
+    }
     OUStringBuffer aBuffer;
     for (sal_uInt8 i : iv)
     {
diff --git a/sw/source/filter/ww8/wrtww8.cxx b/sw/source/filter/ww8/wrtww8.cxx
index 38fbfb21666a..74e9d27c09ea 100644
--- a/sw/source/filter/ww8/wrtww8.cxx
+++ b/sw/source/filter/ww8/wrtww8.cxx
@@ -3517,8 +3517,10 @@ bool SwWW8Writer::InitStd97CodecUpdateMedium( 
::msfilter::MSCodec_Std97& rCodec
                 // Generate random number with a seed of time as salt.
                 rtlRandomPool aRandomPool = rtl_random_createPool ();
                 sal_uInt8 pDocId[ 16 ];
-                rtl_random_getBytes( aRandomPool, pDocId, 16 );
-
+                if (rtl_random_getBytes(aRandomPool, pDocId, 16) != 
rtl_Random_E_None)
+                {
+                    throw uno::RuntimeException("rtl_random_getBytes failed");
+                }
                 rtl_random_destroyPool( aRandomPool );
 
                 sal_uInt16 aPassword[16] = {};
diff --git a/sw/source/filter/ww8/ww8par.cxx b/sw/source/filter/ww8/ww8par.cxx
index c36097898495..10ccaa487816 100644
--- a/sw/source/filter/ww8/ww8par.cxx
+++ b/sw/source/filter/ww8/ww8par.cxx
@@ -5664,8 +5664,10 @@ namespace
 
                 rtlRandomPool aRandomPool = rtl_random_createPool();
                 sal_uInt8 pDocId[ 16 ];
-                rtl_random_getBytes( aRandomPool, pDocId, 16 );
-
+                if (rtl_random_getBytes(aRandomPool, pDocId, 16) != 
rtl_Random_E_None)
+                {
+                    throw uno::RuntimeException("rtl_random_getBytes failed");
+                }
                 rtl_random_destroyPool( aRandomPool );
 
                 sal_uInt16 pStd97Pass[16] = {};
diff --git a/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx 
b/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx
index c3bbfdb0f2ef..e5f2a89d113d 100644
--- a/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx
+++ b/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx
@@ -326,7 +326,10 @@ uno::Sequence< ::sal_Int8 > SAL_CALL 
OCipherContext::finalizeCipherContextAndDis
         if ( nPaddingSize > 1 )
         {
             rtlRandomPool aRandomPool = rtl_random_createPool();
-            rtl_random_getBytes( aRandomPool, pLastBlock + nOldLastBlockLen, 
nPaddingSize - 1 );
+            if (rtl_random_getBytes(aRandomPool, pLastBlock + 
nOldLastBlockLen, nPaddingSize - 1) != rtl_Random_E_None)
+            {
+                throw uno::RuntimeException("rtl_random_getBytes failed");
+            }
             rtl_random_destroyPool ( aRandomPool );
         }
         pLastBlock[m_aLastBlock.getLength() - 1] = static_cast< sal_Int8 >( 
nPaddingSize );

Reply via email to