core.git: vcl/source

Fri, 08 Nov 2024 13:00:31 -0800 

 vcl/source/gdi/embeddedfontshelper.cxx |   16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

New commits:
commit 383067b41647e70e0a304bddf529aacfe015099f
Author:     Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Fri Nov 8 16:51:47 2024 +0000
Commit:     Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Fri Nov 8 22:00:00 2024 +0100

    be conservative on allowed temp font names
    
    Change-Id: Iefdc1a8c9b4c7e8c08c84f747f8287ac3c419839
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/176286
    Tested-by: Jenkins
    Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
    Reviewed-by: Michael Stahl <michael.st...@allotropia.de>

diff --git a/vcl/source/gdi/embeddedfontshelper.cxx 
b/vcl/source/gdi/embeddedfontshelper.cxx
index a6a2b61676f7..8053d80bc455 100644
--- a/vcl/source/gdi/embeddedfontshelper.cxx
+++ b/vcl/source/gdi/embeddedfontshelper.cxx
@@ -19,6 +19,7 @@
 #include <vcl/svapp.hxx>
 #include <vcl/embeddedfontshelper.hxx>
 #include <com/sun/star/io/XInputStream.hpp>
+#include <comphelper/storagehelper.hxx>
 
 #include <font/PhysicalFontFaceCollection.hxx>
 #include <font/PhysicalFontCollection.hxx>
@@ -223,10 +224,6 @@ void EmbeddedFontsHelper::activateFonts()
 
 OUString EmbeddedFontsHelper::fileUrlForTemporaryFont( const OUString& 
fontName, std::u16string_view extra )
 {
-    OUString path = u"${$BRAND_BASE_DIR/" LIBO_ETC_FOLDER "/" SAL_CONFIGFILE( 
"bootstrap") "::UserInstallation}"_ustr;
-    rtl::Bootstrap::expandMacros( path );
-    path += "/user/temp/embeddedfonts/fromdocs/";
-    osl::Directory::createPath( path );
     OUString filename = fontName;
     static int uniqueCounter = 0;
     if( extra == u"?" )
@@ -234,6 +231,17 @@ OUString EmbeddedFontsHelper::fileUrlForTemporaryFont( 
const OUString& fontName,
     else
         filename += extra;
     filename += ".ttf"; // TODO is it always ttf?
+
+    if (!::comphelper::OStorageHelper::IsValidZipEntryFileName(filename, 
false))
+    {
+        SAL_WARN( "vcl.fonts", "Cannot use filename: " << filename << " for 
temporary font");
+        filename = "font" + OUString::number(uniqueCounter++) + ".ttf";
+    }
+
+    OUString path = u"${$BRAND_BASE_DIR/" LIBO_ETC_FOLDER "/" SAL_CONFIGFILE( 
"bootstrap") "::UserInstallation}"_ustr;
+    rtl::Bootstrap::expandMacros( path );
+    path += "/user/temp/embeddedfonts/fromdocs/";
+    osl::Directory::createPath( path );
     return path + filename;
 }

Reply via email to