Avoid further downstream overflow

Desktop / LibreOffice - Stephan Bergmann [redhat.com] - 17 August 2018 20:47 EDT

...after 004304eb2fd1703d22dec0abf0170bb2ce493d0c "try to avoid overflows in some compare functions" had changed the return type of just one function, but not its callers. Found with Clang's new -fsanitize=implicit-conversion during CppunitTest_sd_filters_test:

> Testing file:///home/sbergman/lo/core/sd/qa/unit/data/ppt/pass/hang-17.ppt: [...] > sot/source/sdstor/stgdir.cxx:101:19: runtime error: implicit conversion from type 'sal_Int32' (aka 'int') of value -57120 (32-bit, signed) to type 'short' changed the value to 8416 (16-bit, signed) > #0 in StgDirEntry::Compare(StgAvlNode const*) const at sot/source/sdstor/stgdir.cxx:101:19 (instdir/program/libsotlo.so +0x217699) > #1 in StgAvlNode::Find(StgAvlNode const*) at sot/source/sdstor/stgavl.cxx:43:29 (instdir/program/libsotlo.so +0x1db72b) > #2 in StgDirStrm::Find(StgDirEntry&, rtl::OUString const&) at sot/source/sdstor/stgdir.cxx:907:57 (instdir/program/libsotlo.so +0x22f2dc) > #3 in Storage::IsStream(rtl::OUString const&) const at sot/source/sdstor/stg.cxx:773:39 (instdir/program/libsotlo.so +0x1d2cdf) > #4 in SotStorage::IsStream(rtl::OUString const&) const at sot/source/sdstor/storage.cxx:654:27 (instdir/program/libsotlo.so +0x29ebdb) > #5 in PropRead::PropRead(SotStorage&, rtl::OUString const&) at sd/source/filter/ppt/propread.cxx:543:19 (instdir/program/libsdfiltlo.so +0x6b72ee) > #6 in ImplSdPPTImport::Import() at sd/source/filter/ppt/pptin.cxx:262:32 (instdir/program/libsdfiltlo.so +0x5d0dc4) > #7 in SdPPTImport::Import() at sd/source/filter/ppt/pptin.cxx:167:21 (instdir/program/libsdfiltlo.so +0x5cf733) > #8 in ImportPPT at sd/source/filter/ppt/pptin.cxx:2761:26 (instdir/program/libsdfiltlo.so +0x618f64) > #9 in SdPPTFilter::Import() at sd/source/filter/sdpptwrp.cxx:106:32 (instdir/program/libsdlo.so +0x2877ed3) > #10 in sd::DrawDocShell::ConvertFrom(SfxMedium&) at sd/source/ui/docshell/docshel4.cxx:474:46 (instdir/program/libsdlo.so +0x2e1607c) > #11 in SfxObjectShell::DoLoad(SfxMedium*) at sfx2/source/doc/objstor.cxx:786:23 (instdir/program/libsfxlo.so +0x2c8c762) > #12 in SdFiltersTest::load(rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int) at sd/qa/unit/filters-test.cxx:75:31 (workdir/LinkTarget/CppunitTest/libtest_sd_filters_test.so +0x19771) > #13 in test::FiltersTest::recursiveScan(test::filterStatus, rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int, bool) at unotest/source/cpp/filters-test.cxx:130:20 (workdir/LinkTarget/CppunitTest/../Library/libunotest.so +0x5724c) > #14 in test::FiltersTest::testDir(rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int, bool) at unotest/source/cpp/filters-test.cxx:155:5 (workdir/LinkTarget/CppunitTest/../Library/libunotest.so +0x57ec9) > #15 in SdFiltersTest::testCVEs() at sd/qa/unit/filters-test.cxx:83:5 (workdir/LinkTarget/CppunitTest/libtest_sd_filters_test.so +0x19d6d)

Change-Id: Iaffd35d33f0e1109195e3bd56538104d395af01b Reviewed-on: https://gerrit.libreoffice.org/59274

4cb69cf33b5b Avoid further downstream overflow
sot/source/sdstor/stgavl.cxx | 12 ++++++------
sot/source/sdstor/stgavl.hxx | 4 ++--
sot/source/sdstor/stgdir.cxx | 4 ++--
sot/source/sdstor/stgdir.hxx | 2 +-
4 files changed, 11 insertions(+), 11 deletions(-)

Upstream: cgit.freedesktop.org


  • Share