RTF picture sizes are 32-bit signed

Desktop / LibreOffice - Stephan Bergmann [redhat.com] - 15 August 2018 08:59 EDT

...not 16-bit unsigned. Word2007RTFSpec9.docx states "A small number of control words take values in the range −2,147,483,648 to 2,147,483,647 (32-bit signed integer)." and for \picwN, \pichN, \picwgoalN, and \pichgoalN it states "The N argument is a long integer."

This was found with Clang's new -fsanitize=implicit-conversion during CppunitTest_writerfilter_rtftok, where writerfilter/qa/cppunittests/rtftok/data/pass/TCI-TN65GP-DDRHDLL-partial.rtf contains "\pich81306":

> Testing file:///home/sbergman/lo/core/writerfilter/qa/cppunittests/rtftok/data/pass/TCI-TN65GP-DDRHDLL-partial.rtf: [...] > writerfilter/source/rtftok/rtfdispatchvalue.cxx:770:48: runtime error: implicit conversion from type 'int' of value 81306 (32-bit, signed) to type 'sal_uInt16' (aka 'unsigned short') changed the value to 15770 (16-bit, unsigned) > #0 in writerfilter::rtftok::RTFDocumentImpl::dispatchValue(writerfilter::rtftok::RTFKeyword, int) at writerfilter/source/rtftok/rtfdispatchvalue.cxx:770:48 (instdir/program/libwriterfilterlo.so +0xb96f2f) > #1 in writerfilter::rtftok::RTFTokenizer::dispatchKeyword(rtl::OString const&, bool, int) at writerfilter/source/rtftok/rtftokenizer.cxx:311:29 (instdir/program/libwriterfilterlo.so +0xd86c93) > #2 in writerfilter::rtftok::RTFTokenizer::resolveKeyword() at writerfilter/source/rtftok/rtftokenizer.cxx:243:12 (instdir/program/libwriterfilterlo.so +0xd84b06) > #3 in writerfilter::rtftok::RTFTokenizer::resolveParse() at writerfilter/source/rtftok/rtftokenizer.cxx:123:27 (instdir/program/libwriterfilterlo.so +0xd8299a) > #4 in writerfilter::rtftok::RTFDocumentImpl::resolve(writerfilter::Stream&) at writerfilter/source/rtftok/rtfdocumentimpl.cxx:786:27 (instdir/program/libwriterfilterlo.so +0xbf03bd) > #5 in RtfFilter::filter(com::sun::star::uno::Sequence const&) at writerfilter/source/filter/RtfFilter.cxx:144:20 (instdir/program/libwriterfilterlo.so +0x132d911) > #6 in RtfTest::load(rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int) at writerfilter/qa/cppunittests/rtftok/testrtftok.cxx:58:27 (workdir/LinkTarget/CppunitTest/libtest_writerfilter_rtftok.so +0x15c6e) > #7 in test::FiltersTest::recursiveScan(test::filterStatus, rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int, bool) at unotest/source/cpp/filters-test.cxx:130:20 (workdir/LinkTarget/CppunitTest/../Library/libunotest.so +0x5724c) > #8 in test::FiltersTest::testDir(rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int, bool) at unotest/source/cpp/filters-test.cxx:155:5 (workdir/LinkTarget/CppunitTest/../Library/libunotest.so +0x57ec9) > #9 in RtfTest::test() at writerfilter/qa/cppunittests/rtftok/testrtftok.cxx:78:5 (workdir/LinkTarget/CppunitTest/libtest_writerfilter_rtftok.so +0x16214)

(Needs to add o3tl::clamp as a compatibility wrapper for C++17 std::clamp.)

Change-Id: I515e70a435c2585777062fd5a27d1de8ddbe1b74 Reviewed-on: https://gerrit.libreoffice.org/59038

2d2ccd18ead8 RTF picture sizes are 32-bit signed
include/o3tl/clamp.hxx | 43 ++++++++++++++++++++++++++
writerfilter/source/rtftok/rtfdocumentimpl.cxx | 9 ++++--
writerfilter/source/rtftok/rtfdocumentimpl.hxx | 8 ++---
3 files changed, 54 insertions(+), 6 deletions(-)

Upstream: cgit.freedesktop.org


  • Share