diff options
author | Kohei Yoshida <kyoshida@novell.com> | 2010-11-29 13:00:22 -0500 |
---|---|---|
committer | Kohei Yoshida <kyoshida@novell.com> | 2010-11-29 13:03:57 -0500 |
commit | 2ad4ec8e3a5960e1bbbcb0d917ac16acdf0f1729 (patch) | |
tree | 9504abe972fc5b0f9ed087524e86be7e28998ae6 | |
parent | 5e643c11ece034c6d1f0a7174fc63b1a9fa1e5d3 (diff) |
More strict parsing of external range names.
This is to prevent parsing formula strings such as '=A#REF!' as valid
external range names. Ideally we should express any formula including
invalid refs simply as '=#REF!' in all cases, but we are not there
yet. (fdo#31741)
-rw-r--r-- | sc/source/core/tool/compiler.cxx | 38 |
1 files changed, 31 insertions, 7 deletions
diff --git a/sc/source/core/tool/compiler.cxx b/sc/source/core/tool/compiler.cxx index 536bd685a..e93f25a47 100644 --- a/sc/source/core/tool/compiler.cxx +++ b/sc/source/core/tool/compiler.cxx @@ -632,7 +632,7 @@ static bool lcl_parseExternalName( if (c == '\'') { - // Move to the next chart and loop until the second single + // Move to the next char and loop until the second single // quote. cPrev = c; ++i; ++p; @@ -649,8 +649,8 @@ static bool lcl_parseExternalName( if (cPrev == '\'') { - // two consecutive quotes equals a single - // quote in the file name. + // two consecutive quotes equal a single quote in + // the file name. aTmpFile.Append(c); cPrev = 'a'; } @@ -662,12 +662,14 @@ static bool lcl_parseExternalName( if (cPrev == '\'' && j != i) { - // this is not a quote but the previous one - // is. This ends the parsing of the quoted - // segment. + // this is not a quote but the previous one is. This + // ends the parsing of the quoted segment. At this + // point, the current char must equal the separator + // char. i = j; bInName = true; + aTmpName.Append(c); // Keep the separator as part of the name. break; } aTmpFile.Append(c); @@ -705,6 +707,7 @@ static bool lcl_parseExternalName( if (c == cSep) { bInName = true; + aTmpName.Append(c); // Keep the separator as part of the name. } else { @@ -746,8 +749,29 @@ static bool lcl_parseExternalName( return false; } + xub_StrLen nNameLen = aTmpName.Len(); + if (nNameLen < 2) + { + // Name must be at least 2-char long (separator plus name). + return false; + } + + if (aTmpName.GetChar(0) != cSep) + { + // 1st char of the name must equal the separator. + return false; + } + + sal_Unicode cLast = aTmpName.GetChar(nNameLen-1); + if (cLast == sal_Unicode('!')) + { + // Check against #REF!. + if (aTmpName.EqualsAscii("#REF!")) + return false; + } + rFile = aTmpFile; - rName = aTmpName; + rName = aTmpName.Copy(1); // Skip the first char as it is always the separator. return true; } |