Handle non-aligned FFNs

Desktop / LibreOffice - Stephan Bergmann [redhat.com] - 25 August 2015 05:01 UTC

...as found by UBSan in CppunitTest_sw_filters_test (see below), and at the same time limit reads within the pA array to its bounds.

> Testing file:///.../sw/qa/core/data/ww6/pass/crash-2.doc: > sw/source/filter/ww8/ww8scan.cxx:6473:32: runtime error: upcast of misaligned address 0x6200000e70e7 for type 'WW8_FFN_Ver6', which requires 2 byte alignment > 0x6200000e70e7: note: pointer points here > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0e 00 00 6a 00 00 00 00 0e 00 00 6a 00 00 00 6a > ^ > WW8Fonts::WW8Fonts(SvStream&, WW8Fib&) sw/source/filter/ww8/ww8scan.cxx:6473:32 > SwWW8ImplReader::CoreLoad(WW8Glossary*, SwPosition const&) sw/source/filter/ww8/ww8par.cxx:4961:20 > SwWW8ImplReader::LoadThroughDecryption(SwPaM&, WW8Glossary*) sw/source/filter/ww8/ww8par.cxx:5767:19 > SwWW8ImplReader::LoadDoc(SwPaM&, WW8Glossary*) sw/source/filter/ww8/ww8par.cxx:6039:19 > WW8Reader::Read(SwDoc&, rtl::OUString const&, SwPaM&, rtl::OUString const&) sw/source/filter/ww8/ww8par.cxx:6157:20 > SwReader::Read(Reader const&) sw/source/filter/basflt/shellio.cxx:175:18 > SwDocShell::ConvertFrom(SfxMedium&) sw/source/uibase/app/docsh.cxx:258:22 > SfxObjectShell::DoLoad(SfxMedium*) sfx2/source/doc/objstor.cxx:790:23 > SwFiltersTest::filter(rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int, bool) sw/qa/core/filters-test.cxx:112:20 > SwFiltersTest::load(rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int) sw/qa/core/filters-test.cxx:71:12 > test::FiltersTest::recursiveScan(test::filterStatus, rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int, bool) unotest/source/cpp/filters-test.cxx:129:20 > test::FiltersTest::testDir(rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int, bool) unotest/source/cpp/filters-test.cxx:154:5 > SwFiltersTest::testCVEs() sw/qa/core/filters-test.cxx:154:5

6373886 Handle non-aligned FFNs
sw/source/filter/ww8/ww8scan.cxx | 145 ++++++++++++++++++++++++++++++++------
1 file changed, 122 insertions(+), 23 deletions(-)

Upstream: cgit.freedesktop.org

Related LibreOffice Activity

cool#8789 sc lok: classify multi-selection with 2 cells as simple
Miklos Vajna

tdf#159661, tdf#160773: svgio: Add unittest
Xisco Fauli

xlsx export: never export short-hand version of range address
Justin Luth

thesauri list can be empty at preload
Caolán McNamara

Recent LibreOffice Activity

cool#8789 sc lok: classify multi-selection with 2 cells as simple
Miklos Vajna

tdf#160253: fix list identifier export decision code
Mike Kaganski

tdf#159661, tdf#160773: svgio: Add unittest
Xisco Fauli

ITEM: Add measurements for SfxItemSet usages (debug only)
Armin Le Grand (allotropia)

xlsx export: never export short-hand version of range address
Justin Luth

Handle non-aligned FFNs

Desktop / LibreOffice - Stephan Bergmann [redhat.com] - 25 August 2015 05:01 UTC

Related LibreOffice Activity

Share

Recent LibreOffice Activity