basic/source/runtime/methods.cxx | 8 ++++++++
configure.ac | 2 +-
desktop/source/app/cmdlineargs.cxx | 2 +-
shell/Library_syssh.mk | 4 ++++
shell/source/win32/SysShExec.cxx | 9 +++++++++
5 files changed, 23 insertions(+), 2 deletions(-)
New commits:
commit c3d622f2380566b30e443c7e73da6e643756d7c6
Author: Andras Timar <andras.ti...@collabora.com>
AuthorDate: Wed Feb 19 12:13:25 2025 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Wed Feb 19 12:13:25 2025 +0100
Bump version to 7.6.7.6
Change-Id: I636b615773ee9609195743b4a0e1dbf79d1b4189
diff --git a/configure.ac b/configure.ac
index 52320ca7fd98..90a8dc775fd1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -9,7 +9,7 @@ dnl in order to create a configure script.
# several non-alphanumeric characters, those are split off and used only for
the
# ABOUTBOXPRODUCTVERSIONSUFFIX in openoffice.lst. Why that is necessary, no
idea.
-AC_INIT([LibreOffice],[7.6.7.5],[],[],[http://documentfoundation.org/])
+AC_INIT([LibreOffice],[7.6.7.6],[],[],[http://documentfoundation.org/])
dnl libnumbertext needs autoconf 2.68, but that can pick up autoconf268 just
fine if it is installed
dnl whereas aclocal (as run by autogen.sh) insists on using autoconf and fails
hard
commit 77eba8bf1b6d0997ef6a8138fb210a97fc8ef7e5
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Thu Jan 30 12:11:10 2025 +0000
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Wed Feb 19 12:12:53 2025 +0100
disable SbRtl_Shell by default in kit-mode
Change-Id: I645c776bf59a718f4946c2c70edd9194f039e471
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/180969
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
diff --git a/basic/source/runtime/methods.cxx b/basic/source/runtime/methods.cxx
index 986860c935a3..79f201411266 100644
--- a/basic/source/runtime/methods.cxx
+++ b/basic/source/runtime/methods.cxx
@@ -44,6 +44,7 @@
#include <rtl/string.hxx>
#include <sal/log.hxx>
#include <comphelper/DirectoryHelper.hxx>
+#include <comphelper/lok.hxx>
#include <runtime.hxx>
#include <sbunoobj.hxx>
@@ -3487,6 +3488,13 @@ void SbRtl_Shell(StarBASIC *, SbxArray & rPar, bool)
}
else
{
+ // Just go straight to error in this case
+ if (comphelper::LibreOfficeKit::isActive())
+ {
+ StarBASIC::Error(ERRCODE_BASIC_FILE_NOT_FOUND);
+ return;
+ }
+
oslProcessOption nOptions = osl_Process_SEARCHPATH |
osl_Process_DETACHED;
OUString aCmdLine = rPar.Get(1)->GetOUString();
commit fb33ab332d46f2bb22d7e959fea31bc3dd081d0f
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Thu Jan 30 20:37:38 2025 +0000
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Wed Feb 19 12:12:41 2025 +0100
Filter out more unwanted command URIs
Change-Id: I24c95d73b4fee89bdf044d5dd6efc9cd89627c54
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/181014
Reviewed-by: Miklos Vajna <vmik...@collabora.com>
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
(cherry picked from commit 75c1c3a25a36065d25f56a472ad3fcaf645c0041)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/181072
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
diff --git a/desktop/source/app/cmdlineargs.cxx
b/desktop/source/app/cmdlineargs.cxx
index e7f315204048..fc791631bb0e 100644
--- a/desktop/source/app/cmdlineargs.cxx
+++ b/desktop/source/app/cmdlineargs.cxx
@@ -166,7 +166,7 @@ CommandLineEvent CheckOfficeURI(/* in,out */ OUString& arg,
CommandLineEvent cur
if (nURIlen < 0)
nURIlen = rest2.getLength();
auto const uri = rest2.subView(0, nURIlen);
- if (INetURLObject(uri).GetProtocol() == INetProtocol::Macro) {
+ if (INetURLObject(uri).IsExoticProtocol()) {
// Let the "Open" machinery process the full command URI (leading to
failure, by intention,
// as the "Open" machinery does not know about those command URI
schemes):
curEvt = CommandLineEvent::Open;
commit 280179268086a6170853ee82b2d53a69f9ddc10a
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Tue Jan 7 08:59:25 2025 +0000
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Wed Feb 19 12:12:03 2025 +0100
check if non-file uris could be interpreted as a file system pathname
Change-Id: If283bec44ad1d648c68a5d0f028855e09c09017e
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/179868
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 400970acf4241632d084f66275161fc4b4ac1b21)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/180012
Reviewed-by: Andras Timar <andras.ti...@collabora.com>
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
diff --git a/shell/Library_syssh.mk b/shell/Library_syssh.mk
index 72ff73842dc3..27657c4456aa 100644
--- a/shell/Library_syssh.mk
+++ b/shell/Library_syssh.mk
@@ -25,6 +25,10 @@ $(eval $(call gb_Library_use_system_win32_libs,syssh,\
shell32 \
))
+$(eval $(call gb_Library_use_libraries,syssh,\
+ tl \
+))
+
$(eval $(call
gb_Library_set_componentfile,syssh,shell/source/win32/syssh,services))
$(eval $(call gb_Library_add_exception_objects,syssh,\
diff --git a/shell/source/win32/SysShExec.cxx b/shell/source/win32/SysShExec.cxx
index 57e59f96b6f0..0a171a9ca3ee 100644
--- a/shell/source/win32/SysShExec.cxx
+++ b/shell/source/win32/SysShExec.cxx
@@ -38,6 +38,7 @@
#include <o3tl/runtimetooustring.hxx>
#include <o3tl/safeCoInitUninit.hxx>
#include <o3tl/string_view.hxx>
+#include <tools/urlobj.hxx>
#include <prewin.h>
#include <Shlobj.h>
@@ -360,6 +361,14 @@ void SAL_CALL CSysShExec::execute( const OUString&
aCommand, const OUString& aPa
}
}
}
+ } else {
+ // Filter out input that technically is a non-file URI, but could
be interpreted by
+ // ShellExecuteExW as a file system pathname.
+ if (INetURLObject(aCommand, INetProtocol::File).GetProtocol() ==
INetProtocol::File) {
+ throw css::lang::IllegalArgumentException(
+ "XSystemShellExecute.execute URIS_ONLY with non-URI
pathname " + aCommand,
+ static_cast< cppu::OWeakObject * >(this), 0);
+ }
}
}
