From fb295e046297db896583f74ee78736d656d25f75 Mon Sep 17 00:00:00 2001 From: Luboš Luňák Date: Tue, 23 Apr 2019 15:48:41 +0200 Subject: lazy image loading shouldn't read the entire .xls file (tdf#124828) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit b11188835d3b87cd changed msfilter to use GraphicFilter::ImportUnloadedGraphic() to lazy-load images from the document. However, that function in some cases simply reads the entire rest of the passed SvStream, which in this case is the entire .xls file. And the document from tdf#124828 is ~50MiB and contains ~4000 images => 100+ GiB memory required. Reviewed-on: https://gerrit.libreoffice.org/71136 Tested-by: Jenkins Reviewed-by: Miklos Vajna (cherry picked from commit af84fc9d906626255aaf136eefc5e55236e0e8a6) Reviewed-on: https://gerrit.libreoffice.org/71221 Reviewed-by: Xisco Faulí Signed-off-by: Xisco Fauli Change-Id: I74926383204ec642eabb28b62e2cf2e1ff8054a9 Reviewed-on: https://gerrit.libreoffice.org/71225 Tested-by: Jenkins Reviewed-by: Miklos Vajna (cherry picked from commit cf01389718fb2ef84697542d69a7ee2c25e544fc) Reviewed-on: https://gerrit.libreoffice.org/71239 Reviewed-by: Michael Stahl Tested-by: Michael Stahl --- filter/source/msfilter/msdffimp.cxx | 6 +++++- include/vcl/graphicfilter.hxx | 3 ++- vcl/source/filter/graphicfilter.cxx | 4 ++-- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/filter/source/msfilter/msdffimp.cxx b/filter/source/msfilter/msdffimp.cxx index 96db3884ddbf..62dcebdea248 100644 --- a/filter/source/msfilter/msdffimp.cxx +++ b/filter/source/msfilter/msdffimp.cxx @@ -6552,7 +6552,11 @@ bool SvxMSDffManager::GetBLIPDirect( SvStream& rBLIPStream, Graphic& rData, tool else { // and unleash our filter GraphicFilter& rGF = GraphicFilter::GetGraphicFilter(); - Graphic aGraphic = rGF.ImportUnloadedGraphic(*pGrStream); + // ImportUnloadedGraphic() may simply read the entire rest of the stream, + // which may be very large if the whole document is large. Limit the read + // size to the size of this record. + sal_uInt64 maxSize = pGrStream == &rBLIPStream ? nLength : 0; + Graphic aGraphic = rGF.ImportUnloadedGraphic(*pGrStream, maxSize); if (aGraphic) { rData = aGraphic; diff --git a/include/vcl/graphicfilter.hxx b/include/vcl/graphicfilter.hxx index 2f24cf10e085..34083e41d153 100644 --- a/include/vcl/graphicfilter.hxx +++ b/include/vcl/graphicfilter.hxx @@ -294,7 +294,8 @@ public: css::uno::Sequence< css::beans::PropertyValue >* pFilterData, WmfExternal const *pExtHeader = nullptr ); - Graphic ImportUnloadedGraphic(SvStream& rIStream); + // Setting sizeLimit limits how much will be read from the stream. + Graphic ImportUnloadedGraphic(SvStream& rIStream, sal_uInt64 sizeLimit = 0); const FilterErrorEx& GetLastError() const { return *pErrorEx;} void ResetLastError(); diff --git a/vcl/source/filter/graphicfilter.cxx b/vcl/source/filter/graphicfilter.cxx index 072c1c31e5c8..cad4d4ae1fd5 100644 --- a/vcl/source/filter/graphicfilter.cxx +++ b/vcl/source/filter/graphicfilter.cxx @@ -1439,7 +1439,7 @@ void GraphicFilter::ImportGraphics(std::vector< std::shared_ptr >& rGra } } -Graphic GraphicFilter::ImportUnloadedGraphic(SvStream& rIStream) +Graphic GraphicFilter::ImportUnloadedGraphic(SvStream& rIStream, sal_uInt64 sizeLimit) { Graphic aGraphic; sal_uInt16 nFormat = GRFILTER_FORMAT_DONTKNOW; @@ -1454,7 +1454,7 @@ Graphic GraphicFilter::ImportUnloadedGraphic(SvStream& rIStream) ErrCode nStatus = ImpTestOrFindFormat("", rIStream, nFormat); rIStream.Seek(nStreamBegin); - const sal_uInt32 nStreamLength(rIStream.Seek(STREAM_SEEK_TO_END) - nStreamBegin); + const sal_uInt32 nStreamLength( sizeLimit ? sizeLimit : rIStream.Seek(STREAM_SEEK_TO_END) - nStreamBegin); OUString aFilterName = pConfig->GetImportFilterName(nFormat); OUString aExternalFilterName = pConfig->GetExternalFilterName(nFormat, false); -- cgit v1.2.3