summaryrefslogtreecommitdiff
path: root/sc
diff options
context:
space:
mode:
authorMichael Stahl <mstahl@redhat.com>2016-06-24 18:24:24 +0200
committerCaolán McNamara <caolanm@redhat.com>2016-06-26 20:10:45 +0000
commiteb7364fffe39c1aecddcab6b9cf238475fa2013c (patch)
treed99d1ac3ecb55bd186bbb0f4d01b7ef4567e2a80 /sc
parent169e9fb16f025bc5791d3ea5242596e3dcc4f023 (diff)
tdf#84834 sc: stricter type detection for dBASE files
The detection is rather sloppy, the bugdoc gets erroneously detected as dBASE because it starts with '0', has a not-too-large header size at offset 4, and a '\r' at a 32-byte alignment towards the start of the the not-too-large header. Add a plausibility check for the number of records in the file, which helps for this bugdoc. Change-Id: I466dfae18aa32fd62b79b9f524f22bea719721be (cherry picked from commit 4e3ff19b33c84557fd20e68960499933b4e52638) Reviewed-on: https://gerrit.libreoffice.org/26644 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com>
Diffstat (limited to 'sc')
-rw-r--r--sc/source/ui/unoobj/scdetect.cxx23
1 files changed, 23 insertions, 0 deletions
diff --git a/sc/source/ui/unoobj/scdetect.cxx b/sc/source/ui/unoobj/scdetect.cxx
index 3bd8ffc60ced..bb2c407c3f9a 100644
--- a/sc/source/ui/unoobj/scdetect.cxx
+++ b/sc/source/ui/unoobj/scdetect.cxx
@@ -219,14 +219,37 @@ static bool lcl_MayBeDBase( SvStream& rStream )
if ( nSize < nEmptyDbf )
return false;
+ // count of records at 4
+ rStream.Seek(4);
+ sal_uInt32 nRecords(0);
+ rStream.ReadUInt32(nRecords);
+
// length of header starts at 8
rStream.Seek(8);
sal_uInt16 nHeaderLen;
rStream.ReadUInt16( nHeaderLen );
+ // size of record at 10
+ sal_uInt16 nRecordSize(0);
+ rStream.ReadUInt16(nRecordSize);
+
if ( nHeaderLen < nEmptyDbf || nSize < nHeaderLen )
return false;
+ // see DTable.cxx ODbaseTable::readHeader()
+ if (0 == nRecordSize)
+ return false;
+
+ // see DTable.cxx ODbaseTable::construct() line 546
+ if (0 == nRecords)
+ {
+ nRecords = (nSize - nHeaderLen) / nRecordSize;
+ }
+
+ // tdf#84834 sanity check of size
+ if (0 == nRecords || nSize < nHeaderLen + nRecords * sal_uInt64(nRecordSize))
+ return false;
+
// Last byte of header must be 0x0d, this is how it's specified.
// #i9581#,#i26407# but some applications don't follow the specification
// and pad the header with one byte 0x00 to reach an