diff options
| author | Caolán McNamara <caolanm@redhat.com> | 2022-04-25 21:11:40 +0100 |
|---|---|---|
| committer | Caolán McNamara <caolanm@redhat.com> | 2022-04-26 11:49:19 +0200 |
| commit | cda53485ec0f2c666c86c0ac99e7af4b0f2b352f (patch) | |
| tree | fa64d311ff63a9d4467d1d9b755e77e8d9a1fcca /vcl | |
| parent | 675788b208a7c775f8eaa51cd90528b1bb92ed79 (diff) | |
ofz#46906 Integer-overflow
Change-Id: Ic4c6b34b8fb2ddfbb606871f48e2b504fd24336d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/133421
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Diffstat (limited to 'vcl')
| -rw-r--r-- | vcl/source/filter/svm/SvmReader.cxx | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/vcl/source/filter/svm/SvmReader.cxx b/vcl/source/filter/svm/SvmReader.cxx index fe05c3439719..bd69e7ece142 100644 --- a/vcl/source/filter/svm/SvmReader.cxx +++ b/vcl/source/filter/svm/SvmReader.cxx @@ -22,6 +22,7 @@ #include <tools/stream.hxx> #include <tools/vcompat.hxx> +#include <unotools/configmgr.hxx> #include <vcl/filter/SvmReader.hxx> #include <vcl/TypeSerializer.hxx> #include <vcl/dibtools.hxx> @@ -705,7 +706,21 @@ rtl::Reference<MetaAction> SvmReader::TextArrayHandler(const ImplMetaReadData* p } if (!aArray.empty()) + { + static const bool bFuzzing = utl::ConfigManager::IsFuzzing(); + if (bFuzzing) + { + for (size_t i = 0, nLen = aArray.size(); i < nLen; ++i) + { + if (aArray[i] < -4096 || aArray[i] > 4096) + { + SAL_WARN("vcl.gdi", "suspicious dx of: " << aArray[i]); + aArray[i] = 0; + } + } + } pAction->SetDXArray(std::move(aArray)); + } return pAction; } |