Improve macro checks

Change-Id: Ie40801df8866b52c1458e020ffa9cba120720af7 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109552 Tested-by: Jenkins Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de> (cherry picked from commit 1dc71daf7fa7204a98c75dac680af664ab9c8edb) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110056 Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
author: Samuel Mehrbrodt <samuel.mehrbrodt@allotropia.de> 2021-01-18 15:24:48 +0100
committer: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com> 2021-01-30 14:18:32 +0100
commit: fe69915020518bcee87e29e3623ad50a73b9b5da (patch)
tree: 39325c5a5a3cc25455a791550b9a033aa9a483f2 /sfx2
parent: 3170c655e93e9068ae9e8823240fd3003ac13d61 (diff)
2 files changed, 22 insertions, 6 deletions
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
index bbb3b629de2b..c49f7cec00c6 100644
--- a/sfx2/source/doc/docmacromode.cxx
+++ b/sfx2/source/doc/docmacromode.cxx
@@ -111,6 +111,10 @@ namespace sfx2
 #endif
         }
 
+        void lcl_showMacrosDisabledUnsignedContentError( const Reference< XInteractionHandler >& rxHandler, bool& rbAlreadyShown )
+        {
+            lcl_showGeneralSfxErrorOnce( rxHandler, ERRCODE_SFX_DOCUMENT_MACRO_DISABLED_CONTENT_UNSIGNED, rbAlreadyShown );
+        }
 
         bool lcl_showMacroWarning( const Reference< XInteractionHandler >& rxHandler,
             const OUString& rDocumentLocation )
@@ -123,7 +127,8 @@ namespace sfx2
 
     //= DocumentMacroMode
     DocumentMacroMode::DocumentMacroMode( IMacroDocumentAccess& rDocumentAccess )
-        :m_xData( std::make_shared<DocumentMacroMode_Data>( rDocumentAccess ) )
+        :m_xData( std::make_shared<DocumentMacroMode_Data>( rDocumentAccess ) ),
+        m_bNeedsContentSigned(false)
     {
     }
 
@@ -139,7 +144,7 @@ namespace sfx2
         return false;
     }
 
-    bool DocumentMacroMode::adjustMacroMode( const Reference< XInteractionHandler >& rxInteraction )
+    bool DocumentMacroMode::adjustMacroMode( const Reference< XInteractionHandler >& rxInteraction, bool bHasValidContentSignature )
     {
         sal_uInt16 nMacroExecutionMode = m_xData->m_rDocumentAccess.getCurrentMacroExecMode();
 
@@ -237,6 +242,14 @@ namespace sfx2
                         lcl_showDocumentMacrosDisabledError(rxInteraction, m_xData->m_bDocMacroDisabledMessageShown);
                     return disallowMacroExecution();
                 }
+                else if ( m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading() &&
+                          bHasTrustedMacroSignature &&
+                          !bHasValidContentSignature)
+                {
+                    // When macros are signed, and the document has events which call macros, the document content needs to be signed too.
+                    lcl_showMacrosDisabledUnsignedContentError(rxInteraction, m_xData->m_bDocMacroDisabledMessageShown);
+                    return disallowMacroExecution();
+                }
                 else if ( bHasTrustedMacroSignature )
                 {
                     // there is trusted macro signature, allow macro execution
@@ -391,7 +404,7 @@ namespace sfx2
     }
 
 
-    bool DocumentMacroMode::checkMacrosOnLoading( const Reference< XInteractionHandler >& rxInteraction )
+    bool DocumentMacroMode::checkMacrosOnLoading( const Reference< XInteractionHandler >& rxInteraction, bool bHasValidContentSignature )
     {
         bool bAllow = false;
         if ( SvtSecurityOptions().IsMacroDisabled() )
@@ -403,7 +416,9 @@ namespace sfx2
         {
             if (m_xData->m_rDocumentAccess.documentStorageHasMacros() || hasMacroLibrary() || m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading())
             {
-                bAllow = adjustMacroMode( rxInteraction );
+                if (m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading())
+                    m_bNeedsContentSigned = true;
+                bAllow = adjustMacroMode( rxInteraction, bHasValidContentSignature );
             }
             else if ( !isMacroExecutionDisallowed() )
             {
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index 10be78bfe98d..75d8e1505987 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -943,7 +943,8 @@ void SfxObjectShell::CheckSecurityOnLoading_Impl()
     CheckEncryption_Impl( xInteraction );
 
     // check macro security
-    pImpl->aMacroMode.checkMacrosOnLoading( xInteraction );
+    const bool bHasValidContentSignature = HasValidSignatures();
+    pImpl->aMacroMode.checkMacrosOnLoading( xInteraction, bHasValidContentSignature );
 }
 
 
@@ -1599,7 +1600,7 @@ bool SfxObjectShell::AdjustMacroMode()
 
     CheckEncryption_Impl( xInteraction );
 
-    return pImpl->aMacroMode.adjustMacroMode( xInteraction );
+    return pImpl->aMacroMode.adjustMacroMode( xInteraction, true /*TODO*/ );
 }
 
 vcl::Window* SfxObjectShell::GetDialogParent( SfxMedium const * pLoadingMedium )
author	Samuel Mehrbrodt <samuel.mehrbrodt@allotropia.de>	2021-01-18 15:24:48 +0100
committer	Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>	2021-01-30 14:18:32 +0100
commit	fe69915020518bcee87e29e3623ad50a73b9b5da (patch)
tree	39325c5a5a3cc25455a791550b9a033aa9a483f2 /sfx2
parent	3170c655e93e9068ae9e8823240fd3003ac13d61 (diff)