diff options
author | Samuel Mehrbrodt <samuel.mehrbrodt@allotropia.de> | 2021-01-18 15:24:48 +0100 |
---|---|---|
committer | Andras Timar <andras.timar@collabora.com> | 2021-02-02 20:08:53 +0100 |
commit | 91cf71e27e7a317b002697b1e54b749599e1d982 (patch) | |
tree | 7d950e5c9b57c945d087b3cf833e299e269d27cf /sfx2 | |
parent | 7a9b6456227c2a54b0b23cfc18679883b638e969 (diff) |
Improve macro checks
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109552
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 1dc71daf7fa7204a98c75dac680af664ab9c8edb)
Change-Id: Ie40801df8866b52c1458e020ffa9cba120720af7
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110076
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
Diffstat (limited to 'sfx2')
-rw-r--r-- | sfx2/source/doc/docmacromode.cxx | 23 | ||||
-rw-r--r-- | sfx2/source/doc/objmisc.cxx | 5 |
2 files changed, 22 insertions, 6 deletions
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx index 492bd0a63009..2fa7b968fc41 100644 --- a/sfx2/source/doc/docmacromode.cxx +++ b/sfx2/source/doc/docmacromode.cxx @@ -113,6 +113,10 @@ namespace sfx2 #endif } + void lcl_showMacrosDisabledUnsignedContentError( const Reference< XInteractionHandler >& rxHandler, bool& rbAlreadyShown ) + { + lcl_showGeneralSfxErrorOnce( rxHandler, ERRCODE_SFX_DOCUMENT_MACRO_DISABLED_CONTENT_UNSIGNED, rbAlreadyShown ); + } bool lcl_showMacroWarning( const Reference< XInteractionHandler >& rxHandler, const OUString& rDocumentLocation ) @@ -125,7 +129,8 @@ namespace sfx2 //= DocumentMacroMode DocumentMacroMode::DocumentMacroMode( IMacroDocumentAccess& rDocumentAccess ) - :m_xData( new DocumentMacroMode_Data( rDocumentAccess ) ) + :m_xData( new DocumentMacroMode_Data( rDocumentAccess ) ), + m_bNeedsContentSigned(false) { } @@ -141,7 +146,7 @@ namespace sfx2 return false; } - bool DocumentMacroMode::adjustMacroMode( const Reference< XInteractionHandler >& rxInteraction ) + bool DocumentMacroMode::adjustMacroMode( const Reference< XInteractionHandler >& rxInteraction, bool bHasValidContentSignature ) { sal_uInt16 nMacroExecutionMode = m_xData->m_rDocumentAccess.getCurrentMacroExecMode(); @@ -238,6 +243,14 @@ namespace sfx2 lcl_showDocumentMacrosDisabledError(rxInteraction, m_xData->m_bDocMacroDisabledMessageShown); return disallowMacroExecution(); } + else if ( m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading() && + bHasTrustedMacroSignature && + !bHasValidContentSignature) + { + // When macros are signed, and the document has events which call macros, the document content needs to be signed too. + lcl_showMacrosDisabledUnsignedContentError(rxInteraction, m_xData->m_bDocMacroDisabledMessageShown); + return disallowMacroExecution(); + } else if ( bHasTrustedMacroSignature ) { // there is trusted macro signature, allow macro execution @@ -392,7 +405,7 @@ namespace sfx2 } - bool DocumentMacroMode::checkMacrosOnLoading( const Reference< XInteractionHandler >& rxInteraction ) + bool DocumentMacroMode::checkMacrosOnLoading( const Reference< XInteractionHandler >& rxInteraction, bool bHasValidContentSignature ) { bool bAllow = false; if ( SvtSecurityOptions().IsMacroDisabled() ) @@ -404,7 +417,9 @@ namespace sfx2 { if (m_xData->m_rDocumentAccess.documentStorageHasMacros() || hasMacroLibrary() || m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading()) { - bAllow = adjustMacroMode( rxInteraction ); + if (m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading()) + m_bNeedsContentSigned = true; + bAllow = adjustMacroMode( rxInteraction, bHasValidContentSignature ); } else if ( !isMacroExecutionDisallowed() ) { diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx index 681940462720..a9943a959484 100644 --- a/sfx2/source/doc/objmisc.cxx +++ b/sfx2/source/doc/objmisc.cxx @@ -953,7 +953,8 @@ void SfxObjectShell::CheckSecurityOnLoading_Impl() CheckEncryption_Impl( xInteraction ); // check macro security - pImpl->aMacroMode.checkMacrosOnLoading( xInteraction ); + const bool bHasValidContentSignature = HasValidSignatures(); + pImpl->aMacroMode.checkMacrosOnLoading( xInteraction, bHasValidContentSignature ); } @@ -1620,7 +1621,7 @@ bool SfxObjectShell::AdjustMacroMode() CheckEncryption_Impl( xInteraction ); - return pImpl->aMacroMode.adjustMacroMode( xInteraction ); + return pImpl->aMacroMode.adjustMacroMode( xInteraction, true /*TODO*/ ); } vcl::Window* SfxObjectShell::GetDialogParent( SfxMedium const * pLoadingMedium ) |