diff options
| author | Caolán McNamara <caolanm@redhat.com> | 2023-02-09 10:16:21 +0000 |
|---|---|---|
| committer | Caolán McNamara <caolanm@redhat.com> | 2023-02-09 12:30:04 +0000 |
| commit | ead9ff420989c7991108428a21eef5c3f0e9c362 (patch) | |
| tree | e39e3c4916645a81c7647e50c07c91df73e4abfc | |
| parent | 86c53eb59a6ada104358c9dbe3b50dac71af2dcc (diff) | |
ofz#55798 Timeout
Change-Id: Ifbff597d02da9b870ef936bdcca31e31d49cbf58
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/146684
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
| -rw-r--r-- | include/svtools/svparser.hxx | 1 | ||||
| -rw-r--r-- | svtools/source/svhtml/parhtml.cxx | 4 | ||||
| -rw-r--r-- | svtools/source/svrtf/svparser.cxx | 2 |
3 files changed, 7 insertions, 0 deletions
diff --git a/include/svtools/svparser.hxx b/include/svtools/svparser.hxx index afa4ccdeb034..e1a74840add0 100644 --- a/include/svtools/svparser.hxx +++ b/include/svtools/svparser.hxx @@ -56,6 +56,7 @@ protected: tools::Long m_nTokenIndex; // current token index to detect loops for seeking backwards tools::Long nTokenValue; // additional value (RTF) bool bTokenHasValue; // indicates whether nTokenValue is valid + bool bFuzzing; // indicates we are in Fuzzing mode SvParserState eState; // status also in derived classes rtl_TextEncoding eSrcEnc; // Source encoding diff --git a/svtools/source/svhtml/parhtml.cxx b/svtools/source/svhtml/parhtml.cxx index e705c98013e4..7031b443344e 100644 --- a/svtools/source/svhtml/parhtml.cxx +++ b/svtools/source/svhtml/parhtml.cxx @@ -1054,7 +1054,11 @@ HtmlTokenId HTMLParser::GetNextToken_() sTmpBuffer.appendUtf32( nNextCh ); nNextCh = GetNextChar(); if (std::u16string_view(sTmpBuffer) == u"![CDATA[") + break; + if (bFuzzing && sTmpBuffer.getLength() > 1024) { + SAL_WARN("svtools", "abandoning import for performance reasons with long tokens"); + eState = SvParserState::Error; break; } } while( '>' != nNextCh && '/' != nNextCh && !rtl::isAsciiWhiteSpace( nNextCh ) && diff --git a/svtools/source/svrtf/svparser.cxx b/svtools/source/svrtf/svparser.cxx index d4b22fe13f67..1a8e73d0edb6 100644 --- a/svtools/source/svrtf/svparser.cxx +++ b/svtools/source/svrtf/svparser.cxx @@ -26,6 +26,7 @@ #include <rtl/character.hxx> #include <sal/log.hxx> #include <unicode/ucsdet.h> +#include <unotools/configmgr.hxx> #include <vector> @@ -81,6 +82,7 @@ SvParser<T>::SvParser( SvStream& rIn, sal_uInt8 nStackSize ) , m_nTokenIndex(0) , nTokenValue( 0 ) , bTokenHasValue( false ) + , bFuzzing(utl::ConfigManager::IsFuzzing()) , eState( SvParserState::NotStarted ) , eSrcEnc( RTL_TEXTENCODING_DONTKNOW ) , nNextChPos(0) |