From 280a5166ad4032a618c5e29db701330f7dbdfbff Mon Sep 17 00:00:00 2001 From: Eike Rathke Date: Thu, 16 Nov 2017 17:07:58 +0100 Subject: Straighten use of MAXSTRLEN to be maximum string length ... plus limiting 0-character, and not buffer length in (only) some cases where max len then was MAXSTRLEN-1, accompanied by a mix of >= and > comparisons. Change-Id: I5b8452db52b1d464eb1410e31990043f7997af20 --- sc/inc/compiler.hxx | 4 ++-- sc/source/core/tool/compiler.cxx | 30 +++++++++++++++--------------- sc/source/core/tool/token.cxx | 4 ++-- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/sc/inc/compiler.hxx b/sc/inc/compiler.hxx index d09f8a0af140..6d1db7e8c1e1 100644 --- a/sc/inc/compiler.hxx +++ b/sc/inc/compiler.hxx @@ -131,7 +131,7 @@ public: } sharedstring; ScMatrix* pMat; FormulaError nError; - sal_Unicode cStr[ MAXSTRLEN+1 ]; // string (up to 255 characters + 0) + sal_Unicode cStr[ MAXSTRLEN+1 ]; // string (up to MAXSTRLEN characters + 0) short nJump[ FORMULA_MAXJUMPCOUNT + 1 ]; // If/Chose token }; @@ -273,7 +273,7 @@ private: // For CONV_XL_OOX, may be set via API by MOOXML filter. css::uno::Sequence maExternalLinks; - sal_Unicode cSymbol[MAXSTRLEN]; // current Symbol + sal_Unicode cSymbol[MAXSTRLEN+1]; // current Symbol + 0 OUString aFormula; // formula source code sal_Int32 nSrcPos; // tokenizer position (source code) mutable ScRawToken maRawToken; diff --git a/sc/source/core/tool/compiler.cxx b/sc/source/core/tool/compiler.cxx index 1228c22110f3..65780e5ad1e2 100644 --- a/sc/source/core/tool/compiler.cxx +++ b/sc/source/core/tool/compiler.cxx @@ -2000,7 +2000,7 @@ static bool lcl_isUnicodeIgnoreAscii( const sal_Unicode* p1, const char* p2, siz sal_Int32 ScCompiler::NextSymbol(bool bInArray) { - cSymbol[MAXSTRLEN-1] = 0; // end + cSymbol[MAXSTRLEN] = 0; // end sal_Unicode* pSym = cSymbol; const sal_Unicode* const pStart = aFormula.getStr(); const sal_Unicode* pSrc = pStart + nSrcPos; @@ -2175,7 +2175,7 @@ Label_MaskStateMachine: { if ( nMask & ScCharFlags::Ident ) { // This catches also $Sheet1.A$1, for example. - if( pSym == &cSymbol[ MAXSTRLEN-1 ] ) + if( pSym == &cSymbol[ MAXSTRLEN ] ) { SetError(FormulaError::StringOverflow); eState = ssStop; @@ -2195,7 +2195,7 @@ Label_MaskStateMachine: int i = 0; for ( ; i<5; ++i) { - if( pSym == &cSymbol[ MAXSTRLEN-1 ] ) + if( pSym == &cSymbol[ MAXSTRLEN ] ) { SetError(FormulaError::StringOverflow); eState = ssStop; @@ -2215,7 +2215,7 @@ Label_MaskStateMachine: // One range operator may form Sheet1.A:A, which we need to // pass as one entity to IsReference(). mnRangeOpPosInSymbol = pSym - &cSymbol[0]; - if( pSym == &cSymbol[ MAXSTRLEN-1 ] ) + if( pSym == &cSymbol[ MAXSTRLEN ] ) { SetError(FormulaError::StringOverflow); eState = ssStop; @@ -2253,7 +2253,7 @@ Label_MaskStateMachine: break; case ssGetValue : { - if( pSym == &cSymbol[ MAXSTRLEN-1 ] ) + if( pSym == &cSymbol[ MAXSTRLEN ] ) { SetError(FormulaError::StringOverflow); eState = ssStop; @@ -2324,7 +2324,7 @@ Label_MaskStateMachine: } if ( !bQuote ) { - if( pSym == &cSymbol[ MAXSTRLEN-1 ] ) + if( pSym == &cSymbol[ MAXSTRLEN ] ) { SetError(FormulaError::StringOverflow); eState = ssSkipString; @@ -2382,7 +2382,7 @@ Label_MaskStateMachine: --pSrc; else { - if (pSym == &cSymbol[ MAXSTRLEN-1 ]) + if (pSym == &cSymbol[ MAXSTRLEN ]) { SetError( FormulaError::StringOverflow); eState = ssStop; @@ -2397,7 +2397,7 @@ Label_MaskStateMachine: // Scan whatever up to the next ']' closer. if (c != ']') { - if( pSym == &cSymbol[ MAXSTRLEN-1 ] ) + if( pSym == &cSymbol[ MAXSTRLEN ] ) { SetError( FormulaError::StringOverflow); eState = ssStop; @@ -2417,7 +2417,7 @@ Label_MaskStateMachine: // Scan whatever up to the next unescaped ']' closer. if (c != ']' || cLast == '\'') { - if( pSym == &cSymbol[ MAXSTRLEN-1 ] ) + if( pSym == &cSymbol[ MAXSTRLEN ] ) { SetError( FormulaError::StringOverflow); eState = ssStop; @@ -2433,7 +2433,7 @@ Label_MaskStateMachine: } break; case ssGetReference: - if( pSym == &cSymbol[ MAXSTRLEN-1 ] ) + if( pSym == &cSymbol[ MAXSTRLEN ] ) { SetError( FormulaError::StringOverflow); eState = ssSkipReference; @@ -2666,10 +2666,10 @@ Label_MaskStateMachine: } } while ( bi18n && nErr == FormulaError::NONE ); sal_Int32 nLen = aSymbol.getLength(); - if ( nLen >= MAXSTRLEN ) + if ( nLen > MAXSTRLEN ) { SetError( FormulaError::StringOverflow ); - nLen = MAXSTRLEN-1; + nLen = MAXSTRLEN; if (mnRangeOpPosInSymbol > nLen) mnRangeOpPosInSymbol = -1; } @@ -2988,7 +2988,7 @@ bool ScCompiler::IsString() p++; sal_Int32 nLen = sal::static_int_cast( p - cSymbol - 1 ); bool bQuote = ((cSymbol[0] == '"') && (cSymbol[nLen] == '"')); - if ((bQuote ? nLen-2 : nLen) > MAXSTRLEN-1) + if ((bQuote ? nLen-2 : nLen) > MAXSTRLEN) { SetError(FormulaError::StringOverflow); return false; @@ -3917,8 +3917,8 @@ void ScCompiler::AutoCorrectParsedSymbol() ((GetCharTableFlags(aCorrectedSymbol[nPos], aCorrectedSymbol[nPos-1]) & (ScCharFlags::Word | ScCharFlags::CharDontCare)) == ScCharFlags::NONE)) ) nPos--; - if ( nPos == MAXSTRLEN - 2 ) - aCorrectedSymbol = aCorrectedSymbol.replaceAt( nPos, 1, OUString(cQuote) ); // '"' the 255th character + if ( nPos == MAXSTRLEN - 1 ) + aCorrectedSymbol = aCorrectedSymbol.replaceAt( nPos, 1, OUString(cQuote) ); // '"' the MAXSTRLENth character else aCorrectedSymbol = aCorrectedSymbol.replaceAt( nPos + 1, 0, OUString(cQuote) ); bCorrected = true; diff --git a/sc/source/core/tool/token.cxx b/sc/source/core/tool/token.cxx index 865f384ddaf2..696bbe8705cb 100644 --- a/sc/source/core/tool/token.cxx +++ b/sc/source/core/tool/token.cxx @@ -354,8 +354,8 @@ void ScRawToken::SetExternal( const sal_Unicode* pStr ) eOp = ocExternal; eType = svExternal; sal_Int32 nLen = GetStrLen( pStr ) + 1; - if( nLen >= MAXSTRLEN ) - nLen = MAXSTRLEN-1; + if( nLen > MAXSTRLEN ) + nLen = MAXSTRLEN; // Leave space for byte parameter! memcpy( cStr+1, pStr, nLen * sizeof(sal_Unicode) ); cStr[ nLen+1 ] = 0; -- cgit v1.2.3