core.git: Branch 'distro/collabora/co-23.05' - sw/qa sw/source

Fri, 04 Oct 2024 06:58:11 -0700 

 sw/qa/extras/ooxmlexport/data/too_many_styles.odt |binary
 sw/qa/extras/ooxmlexport/ooxmlexport18.cxx        |    7 +++++++
 sw/source/filter/ww8/docxattributeoutput.cxx      |    2 +-
 3 files changed, 8 insertions(+), 1 deletion(-)

New commits:
commit 14b24b022d004def4d33920461cbf2fa1d906611
Author:     Mike Kaganski <mike.kagan...@collabora.com>
AuthorDate: Tue Aug 6 17:32:55 2024 +0500
Commit:     Miklos Vajna <vmik...@collabora.com>
CommitDate: Fri Oct 4 15:57:41 2024 +0200

    tdf#162370: check if nNext is valid, too
    
    0xfff is a special value for a style slot on MS formats export: see
    MSWordStyles::GetSlot and BuildGetSlot. The slot in nNext must be
    checked the same way as nBase and nLink around it.
    
    Change-Id: I94836bc3f624eb99655e005217707e0ea7210c8c
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171547
    Tested-by: Jenkins
    Reviewed-by: Mike Kaganski <mike.kagan...@collabora.com>
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171562
    Reviewed-by: Miklos Vajna <vmik...@collabora.com>
    Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
    (cherry picked from commit 5797d70b10fff42b7ae0b94cd3b25e75139f7be4)
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/174483

diff --git a/sw/qa/extras/ooxmlexport/data/too_many_styles.odt 
b/sw/qa/extras/ooxmlexport/data/too_many_styles.odt
new file mode 100644
index 000000000000..c3260792eee7
Binary files /dev/null and b/sw/qa/extras/ooxmlexport/data/too_many_styles.odt 
differ
diff --git a/sw/qa/extras/ooxmlexport/ooxmlexport18.cxx 
b/sw/qa/extras/ooxmlexport/ooxmlexport18.cxx
index 7541d831c6ed..9e9589dcab42 100644
--- a/sw/qa/extras/ooxmlexport/ooxmlexport18.cxx
+++ b/sw/qa/extras/ooxmlexport/ooxmlexport18.cxx
@@ -841,6 +841,13 @@ CPPUNIT_TEST_FIXTURE(Test, testTdf158971)
     }
 }
 
+CPPUNIT_TEST_FIXTURE(Test, testTdf162370)
+{
+    // This must not crash on save; without the fix, it would fail with
+    // "Assertion failed: vector subscript out of range"
+    loadAndSave("too_many_styles.odt");
+}
+
 CPPUNIT_PLUGIN_IMPLEMENT();
 
 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/sw/source/filter/ww8/docxattributeoutput.cxx 
b/sw/source/filter/ww8/docxattributeoutput.cxx
index 1ae2a8ae6071..86ec8a634b7b 100644
--- a/sw/source/filter/ww8/docxattributeoutput.cxx
+++ b/sw/source/filter/ww8/docxattributeoutput.cxx
@@ -6664,7 +6664,7 @@ void DocxAttributeOutput::StartStyle( const OUString& 
rName, StyleType eType,
                 FSNS( XML_w, XML_val ), m_rExport.m_pStyles->GetStyleId(nBase) 
);
     }
 
-    if ( nNext != nSlot && eType != STYLE_TYPE_LIST)
+    if (nNext != nSlot && nNext != 0x0FFF && eType != STYLE_TYPE_LIST)
     {
         m_pSerializer->singleElementNS( XML_w, XML_next,
                 FSNS( XML_w, XML_val ), m_rExport.m_pStyles->GetStyleId(nNext) 
);

Reply via email to