diff options
author | Caolán McNamara <caolanm@redhat.com> | 2015-04-20 10:56:30 +0100 |
---|---|---|
committer | Caolán McNamara <caolanm@redhat.com> | 2015-04-20 10:58:00 +0100 |
commit | 9107bb354bdeb5496c4bf61e3068ff80f5fd009b (patch) | |
tree | 63750801dac7a680cf88a708856dfe6bd38dce54 /sw/source/filter/ww8/ww8par3.cxx | |
parent | de4c419c730befb25655811b6582607b8b7bcd4e (diff) |
sanitize strings with invalid high/low surrogate sequences
Change-Id: I9ad1aa651b6971526dd924630fe5606b7632f2dc
Diffstat (limited to 'sw/source/filter/ww8/ww8par3.cxx')
-rw-r--r-- | sw/source/filter/ww8/ww8par3.cxx | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/sw/source/filter/ww8/ww8par3.cxx b/sw/source/filter/ww8/ww8par3.cxx index 9f7415f11c42..96c4181e55a6 100644 --- a/sw/source/filter/ww8/ww8par3.cxx +++ b/sw/source/filter/ww8/ww8par3.cxx @@ -79,6 +79,7 @@ #include <IMark.hxx> #include <unotools/fltrcfg.hxx> +#include <rtl/surrogates.h> #include <xmloff/odffields.hxx> #include <stdio.h> @@ -493,6 +494,31 @@ static void lcl_CopyGreaterEight(OUString &rDest, OUString &rSrc, } } +OUString sanitizeString(const OUString& rString) +{ + sal_Int32 i=0; + while (i < rString.getLength()) + { + sal_Unicode c = rString[i]; + if (isHighSurrogate(c)) + { + if (i+1 == rString.getLength() || !isLowSurrogate(rString[i+1])) + { + SAL_WARN("sw.ww8", "Surrogate error: high without low"); + return rString.copy(0, i); + } + ++i; //skip correct low + } + if (isLowSurrogate(c)) //bare low without preceeding high + { + SAL_WARN("sw.ww8", "Surrogate error: low without high"); + return rString.copy(0, i); + } + ++i; + } + return rString; +} + bool WW8ListManager::ReadLVL(SwNumFmt& rNumFmt, SfxItemSet*& rpItemSet, sal_uInt16 nLevelStyle, bool bSetStartNo, std::deque<bool> &rNotReallyThere, sal_uInt16 nLevel, @@ -703,7 +729,7 @@ bool WW8ListManager::ReadLVL(SwNumFmt& rNumFmt, SfxItemSet*& rpItemSet, // 4. den Nummerierungsstring einlesen: ergibt Prefix und Postfix - OUString sNumString(read_uInt16_PascalString(rSt)); + OUString sNumString(sanitizeString(read_uInt16_PascalString(rSt))); // 5. gelesene Werte in Writer Syntax umwandeln |