diff options
| author | Caolán McNamara <caolanm@redhat.com> | 2011-07-20 09:57:31 +0100 |
|---|---|---|
| committer | Caolán McNamara <caolanm@redhat.com> | 2011-07-20 10:03:54 +0100 |
| commit | e9c8beb4467fe352ff1ac482d5b99116607d11ce (patch) | |
| tree | 1771eeb6cf38c45e224110ef8d5793c06e6f2aa0 | |
| parent | 5393c0d0d3170fc1ba03f2ac86e107ceeb999305 (diff) | |
check for short reads
| -rw-r--r-- | sw/source/filter/ww8/WW8Sttbf.cxx | 17 | ||||
| -rw-r--r-- | sw/source/filter/ww8/ww8scan.cxx | 22 |
2 files changed, 24 insertions, 15 deletions
diff --git a/sw/source/filter/ww8/WW8Sttbf.cxx b/sw/source/filter/ww8/WW8Sttbf.cxx index f8edb7f68a..5325ddaf21 100644 --- a/sw/source/filter/ww8/WW8Sttbf.cxx +++ b/sw/source/filter/ww8/WW8Sttbf.cxx @@ -29,6 +29,7 @@ #include <iostream> #include <dbgoutsw.hxx> #include "WW8Sttbf.hxx" +#include "ww8scan.hxx" #include <cstdio> #include <osl/endian.h> #include <rtl/ustrbuf.hxx> @@ -40,17 +41,19 @@ namespace ww8 { WW8Struct::WW8Struct(SvStream& rSt, sal_uInt32 nPos, sal_uInt32 nSize) - : mn_offset(0), mn_size(nSize) + : mn_offset(0), mn_size(0) { - rSt.Seek(nPos); - - mp_data.reset(new sal_uInt8[nSize]); - rSt.Read(mp_data.get(), nSize); + if (checkSeek(rSt, nPos)) + { + mp_data.reset(new sal_uInt8[nSize]); + mn_size = rSt.Read(mp_data.get(), nSize); + } + OSL_ENSURE(mn_size == nSize, "short read in WW8Struct::WW8Struct"); } WW8Struct::WW8Struct(WW8Struct * pStruct, sal_uInt32 nPos, sal_uInt32 nSize) - : mp_data(pStruct->mp_data), mn_offset(pStruct->mn_offset + nPos), - mn_size(nSize) + : mp_data(pStruct->mp_data), mn_offset(pStruct->mn_offset + nPos) + , mn_size(nSize) { } diff --git a/sw/source/filter/ww8/ww8scan.cxx b/sw/source/filter/ww8/ww8scan.cxx index 485083d133..5bfd5de008 100644 --- a/sw/source/filter/ww8/ww8scan.cxx +++ b/sw/source/filter/ww8/ww8scan.cxx @@ -1518,31 +1518,36 @@ WW8_FC WW8ScannerBase::WW8Cp2Fc(WW8_CP nCpPos, bool* pIsUnicode, WW8PLCFpcd* WW8ScannerBase::OpenPieceTable( SvStream* pStr, const WW8Fib* pWwF ) { if ( ((8 > pWw8Fib->nVersion) && !pWwF->fComplex) || !pWwF->lcbClx ) - return 0; + return NULL; WW8_FC nClxPos = pWwF->fcClx; sal_Int32 nClxLen = pWwF->lcbClx; sal_Int32 nLeft = nClxLen; sal_Int16 nGrpprl = 0; - sal_uInt8 clxt; - pStr->Seek( nClxPos ); + if (!checkSeek(*pStr, nClxPos)) + return NULL; + while( 1 ) // Zaehle Zahl der Grpprls { + sal_uInt8 clxt(2); *pStr >> clxt; nLeft--; if( 2 == clxt ) // PLCFfpcd ? break; // PLCFfpcd gefunden if( 1 == clxt ) // clxtGrpprl ? nGrpprl++; - sal_uInt16 nLen; + sal_uInt16 nLen(0); *pStr >> nLen; nLeft -= 2 + nLen; if( nLeft < 0 ) return 0; // schiefgegangen pStr->SeekRel( nLen ); // ueberlies grpprl } - pStr->Seek( nClxPos ); + + if (!checkSeek(*pStr, nClxPos)) + return NULL; + nLeft = nClxLen; pPieceGrpprls = new sal_uInt8*[nGrpprl + 1]; memset( pPieceGrpprls, 0, ( nGrpprl + 1 ) * sizeof(sal_uInt8 *) ); @@ -1550,11 +1555,12 @@ WW8PLCFpcd* WW8ScannerBase::OpenPieceTable( SvStream* pStr, const WW8Fib* pWwF ) sal_Int16 nAktGrpprl = 0; // lies Grpprls ein while( 1 ) { + sal_uInt8 clxt(2); *pStr >> clxt; nLeft--; if( 2 == clxt) // PLCFfpcd ? break; // PLCFfpcd gefunden - sal_uInt16 nLen; + sal_uInt16 nLen(0); *pStr >> nLen; nLeft -= 2 + nLen; if( nLeft < 0 ) @@ -1570,10 +1576,10 @@ WW8PLCFpcd* WW8ScannerBase::OpenPieceTable( SvStream* pStr, const WW8Fib* pWwF ) pStr->SeekRel( nLen ); // ueberlies nicht-Grpprl } // lies Piece Table PLCF ein - sal_Int32 nPLCFfLen; + sal_Int32 nPLCFfLen(0); if (pWwF->GetFIBVersion() <= ww::eWW2) { - sal_Int16 nWordTwoLen; + sal_Int16 nWordTwoLen(0); *pStr >> nWordTwoLen; nPLCFfLen = nWordTwoLen; } |