diff options
| author | Caolán McNamara <caolanm@redhat.com> | 2012-11-22 22:29:11 +0000 |
|---|---|---|
| committer | Michael Meeks <michael.meeks@suse.com> | 2012-11-24 14:14:40 +0000 |
| commit | d3a46db1103fcec615fc9dcb60b13b09c90614a4 (patch) | |
| tree | 569205008d26d55fb5462e3bfbc5b341411eebb2 | |
| parent | a41b7953f8af0b1d62d111514cd4613f40842e60 (diff) | |
Resolves: fdo#53909 STG_FREE sector locations rejected
(cherry picked from commit ef9f9b750eac2966634c385a2021716c4de0e4cd)
Conflicts:
sot/source/sdstor/stgelem.cxx
Change-Id: I6f71c7e3cfeeba8a76096d5be68838b8d401c580
Reviewed-on: https://gerrit.libreoffice.org/1150
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Tested-by: Stephan Bergmann <sbergman@redhat.com>
Signed-off-by: Petr Mladek <pmladek@suse.cz>
Signed-off-by: Michael Meeks <michael.meeks@suse.com>
| -rw-r--r-- | sot/source/sdstor/stgelem.cxx | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/sot/source/sdstor/stgelem.cxx b/sot/source/sdstor/stgelem.cxx index 7048e77061ca..c4a8c2881094 100644 --- a/sot/source/sdstor/stgelem.cxx +++ b/sot/source/sdstor/stgelem.cxx @@ -191,6 +191,14 @@ static bool lcl_wontoverflow(short shift) return shift >= 0 && shift < (short)sizeof(short) * 8 - 1; } +static bool isKnownSpecial(sal_Int32 nLocation) +{ + return (nLocation == STG_FREE || + nLocation == STG_EOF || + nLocation == STG_FAT || + nLocation == STG_MASTER); +} + // Perform thorough checks also on unknown variables sal_Bool StgHeader::Check() { @@ -202,8 +210,8 @@ sal_Bool StgHeader::Check() && nFATSize > 0 && nTOCstrm >= 0 && nThreshold > 0 - && ( nDataFAT == -2 || ( nDataFAT >= 0 && nDataFATSize > 0 ) ) - && ( nMasterChain == -2 || nMasterChain >=0 ) + && ( isKnownSpecial(nDataFAT) || ( nDataFAT >= 0 && nDataFATSize > 0 ) ) + && ( isKnownSpecial(nMasterChain) || nMasterChain >=0 ) && nMaster >= 0; } @@ -397,7 +405,7 @@ sal_Bool StgEntry::Load( const void* pFrom, sal_uInt32 nBufSize ) if (n > nMaxLegalStr) return sal_False; - if ((nSize < 0 && cType != STG_STORAGE) || (nPage1 < 0 && nPage1 != -2)) + if ((nSize < 0 && cType != STG_STORAGE) || (nPage1 < 0 && !isKnownSpecial(nPage1))) { // the size makes no sense for the substorage // TODO/LATER: actually the size should be an unsigned value, but in this case it would mean a stream of more than 2Gb |