[Libreoffice-commits] core.git: 2 commits - filter/qa filter/source

Thu, 17 Apr 2014 04:35:39 -0700 

 filter/qa/cppunit/data/pcx/fail/CVE-2007-3741-1.pcx |binary
 filter/source/graphicfilter/itiff/itiff.cxx         |   17 +++++++++--------
 2 files changed, 9 insertions(+), 8 deletions(-)

New commits:
commit 3c7d17aa6fb8393452cbcbcc032f3a6c5ea928cc
Author: Caolán McNamara <caol...@redhat.com>
Date:   Thu Apr 17 12:33:00 2014 +0100

    add testcase for CVE-2007-3741
    
    Change-Id: I33561649dc5cde240bc7a18dff082245c76543b1

diff --git a/filter/qa/cppunit/data/pcx/fail/CVE-2007-3741-1.pcx 
b/filter/qa/cppunit/data/pcx/fail/CVE-2007-3741-1.pcx
new file mode 100644
index 0000000..915f38a
Binary files /dev/null and 
b/filter/qa/cppunit/data/pcx/fail/CVE-2007-3741-1.pcx differ
commit 5535d6ee7d3f5e7d7d86642a1dec85bce78a6f0c
Author: Caolán McNamara <caol...@redhat.com>
Date:   Thu Apr 17 12:28:01 2014 +0100

    zero a few more things out
    
    Change-Id: Ief743978876885745431c59a0f56f065cbd61ace

diff --git a/filter/source/graphicfilter/itiff/itiff.cxx 
b/filter/source/graphicfilter/itiff/itiff.cxx
index 0949e23..03c324c 100644
--- a/filter/source/graphicfilter/itiff/itiff.cxx
+++ b/filter/source/graphicfilter/itiff/itiff.cxx
@@ -282,13 +282,14 @@ sal_uLong TIFFReader::ReadIntData()
 
 double TIFFReader::ReadDoubleData()
 {
-    sal_uInt32 nulong;
     double  nd;
 
     if ( nDataType == 5 )
     {
+        sal_uInt32 nulong(0);
         pTIFF->ReadUInt32( nulong );
         nd = (double)nulong;
+        nulong = 0;
         pTIFF->ReadUInt32( nulong );
         if ( nulong != 0 )
             nd /= (double)nulong;
@@ -298,8 +299,6 @@ double TIFFReader::ReadDoubleData()
     return nd;
 }
 
-
-
 void TIFFReader::ReadTagData( sal_uInt16 nTagType, sal_uInt32 nDataLen)
 {
     if ( bStatus == sal_False )
@@ -644,7 +643,7 @@ sal_Bool TIFFReader::ReadMap( sal_uLong nMinPercent, 
sal_uLong nMaxPercent )
     else if ( nCompression == 32773 )
     {
         sal_uLong nStrip,nRecCount,nRowBytesLeft,ny,np,i;
-        sal_uInt8 * pdst, nRecHeader, nRecData;
+        sal_uInt8 * pdst;
         nStrip = 0;
         if ( nStrip >= nNumStripOffsets )
             return sal_False;
@@ -664,6 +663,7 @@ sal_Bool TIFFReader::ReadMap( sal_uLong nMinPercent, 
sal_uLong nMaxPercent )
                 pdst=pMap[ np ];
                 do
                 {
+                    sal_uInt8 nRecHeader(0);
                     pTIFF->ReadUChar( nRecHeader );
                     if ((nRecHeader&0x80)==0)
                     {
@@ -685,6 +685,7 @@ sal_Bool TIFFReader::ReadMap( sal_uLong nMinPercent, 
sal_uLong nMaxPercent )
 //                          return;
 
                         }
+                        sal_uInt8 nRecData(0);
                         pTIFF->ReadUChar( nRecData );
                         for ( i = 0; i < nRecCount; i++ )
                             *(pdst++) = nRecData;
@@ -1122,8 +1123,8 @@ void TIFFReader::MakePalCol( void )
 
 void TIFFReader::ReadHeader()
 {
-    sal_uInt8 nbyte1, nbyte2;
-    sal_uInt16 nushort;
+    sal_uInt8 nbyte1(0), nbyte2(0);
+    sal_uInt16 nushort(0);
 
     pTIFF->ReadUChar( nbyte1 );
     if ( nbyte1 == 'I' )
@@ -1152,10 +1153,10 @@ bool TIFFReader::HasAlphaChannel() const
 
 bool TIFFReader::ReadTIFF(SvStream & rTIFF, Graphic & rGraphic )
 {
-    sal_uInt16  i, nNumTags, nTagType;
+    sal_uInt16  i, nNumTags(0), nTagType(0);
     sal_uInt64  nMaxPos;
     sal_uLong   nPos;
-    sal_uInt32 nFirstIfd, nDataLen;
+    sal_uInt32 nFirstIfd(0), nDataLen;
 
     bStatus = sal_True;
     nLastPercent = 0;

_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

Reply via email to