diff options
author | Samuel Mehrbrodt <samuel.mehrbrodt@allotropia.de> | 2021-01-18 15:24:48 +0100 |
---|---|---|
committer | Christian Lohmaier <lohmaier+LibreOffice@googlemail.com> | 2021-01-30 14:18:32 +0100 |
commit | fe69915020518bcee87e29e3623ad50a73b9b5da (patch) | |
tree | 39325c5a5a3cc25455a791550b9a033aa9a483f2 /sfx2 | |
parent | 3170c655e93e9068ae9e8823240fd3003ac13d61 (diff) |
Improve macro checks
Change-Id: Ie40801df8866b52c1458e020ffa9cba120720af7
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109552
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 1dc71daf7fa7204a98c75dac680af664ab9c8edb)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110056
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Diffstat (limited to 'sfx2')
-rw-r--r-- | sfx2/source/doc/docmacromode.cxx | 23 | ||||
-rw-r--r-- | sfx2/source/doc/objmisc.cxx | 5 |
2 files changed, 22 insertions, 6 deletions
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx index bbb3b629de2b..c49f7cec00c6 100644 --- a/sfx2/source/doc/docmacromode.cxx +++ b/sfx2/source/doc/docmacromode.cxx @@ -111,6 +111,10 @@ namespace sfx2 #endif } + void lcl_showMacrosDisabledUnsignedContentError( const Reference< XInteractionHandler >& rxHandler, bool& rbAlreadyShown ) + { + lcl_showGeneralSfxErrorOnce( rxHandler, ERRCODE_SFX_DOCUMENT_MACRO_DISABLED_CONTENT_UNSIGNED, rbAlreadyShown ); + } bool lcl_showMacroWarning( const Reference< XInteractionHandler >& rxHandler, const OUString& rDocumentLocation ) @@ -123,7 +127,8 @@ namespace sfx2 //= DocumentMacroMode DocumentMacroMode::DocumentMacroMode( IMacroDocumentAccess& rDocumentAccess ) - :m_xData( std::make_shared<DocumentMacroMode_Data>( rDocumentAccess ) ) + :m_xData( std::make_shared<DocumentMacroMode_Data>( rDocumentAccess ) ), + m_bNeedsContentSigned(false) { } @@ -139,7 +144,7 @@ namespace sfx2 return false; } - bool DocumentMacroMode::adjustMacroMode( const Reference< XInteractionHandler >& rxInteraction ) + bool DocumentMacroMode::adjustMacroMode( const Reference< XInteractionHandler >& rxInteraction, bool bHasValidContentSignature ) { sal_uInt16 nMacroExecutionMode = m_xData->m_rDocumentAccess.getCurrentMacroExecMode(); @@ -237,6 +242,14 @@ namespace sfx2 lcl_showDocumentMacrosDisabledError(rxInteraction, m_xData->m_bDocMacroDisabledMessageShown); return disallowMacroExecution(); } + else if ( m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading() && + bHasTrustedMacroSignature && + !bHasValidContentSignature) + { + // When macros are signed, and the document has events which call macros, the document content needs to be signed too. + lcl_showMacrosDisabledUnsignedContentError(rxInteraction, m_xData->m_bDocMacroDisabledMessageShown); + return disallowMacroExecution(); + } else if ( bHasTrustedMacroSignature ) { // there is trusted macro signature, allow macro execution @@ -391,7 +404,7 @@ namespace sfx2 } - bool DocumentMacroMode::checkMacrosOnLoading( const Reference< XInteractionHandler >& rxInteraction ) + bool DocumentMacroMode::checkMacrosOnLoading( const Reference< XInteractionHandler >& rxInteraction, bool bHasValidContentSignature ) { bool bAllow = false; if ( SvtSecurityOptions().IsMacroDisabled() ) @@ -403,7 +416,9 @@ namespace sfx2 { if (m_xData->m_rDocumentAccess.documentStorageHasMacros() || hasMacroLibrary() || m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading()) { - bAllow = adjustMacroMode( rxInteraction ); + if (m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading()) + m_bNeedsContentSigned = true; + bAllow = adjustMacroMode( rxInteraction, bHasValidContentSignature ); } else if ( !isMacroExecutionDisallowed() ) { diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx index 10be78bfe98d..75d8e1505987 100644 --- a/sfx2/source/doc/objmisc.cxx +++ b/sfx2/source/doc/objmisc.cxx @@ -943,7 +943,8 @@ void SfxObjectShell::CheckSecurityOnLoading_Impl() CheckEncryption_Impl( xInteraction ); // check macro security - pImpl->aMacroMode.checkMacrosOnLoading( xInteraction ); + const bool bHasValidContentSignature = HasValidSignatures(); + pImpl->aMacroMode.checkMacrosOnLoading( xInteraction, bHasValidContentSignature ); } @@ -1599,7 +1600,7 @@ bool SfxObjectShell::AdjustMacroMode() CheckEncryption_Impl( xInteraction ); - return pImpl->aMacroMode.adjustMacroMode( xInteraction ); + return pImpl->aMacroMode.adjustMacroMode( xInteraction, true /*TODO*/ ); } vcl::Window* SfxObjectShell::GetDialogParent( SfxMedium const * pLoadingMedium ) |