diff options
| author | Caolán McNamara <caolanm@redhat.com> | 2020-12-30 21:19:15 +0000 |
|---|---|---|
| committer | Michael Stahl <michael.stahl@allotropia.de> | 2021-11-17 19:19:33 +0100 |
| commit | 01d5bf354a57ae53f6404c9c858cbb447a3ca0d4 (patch) | |
| tree | 1596df6b4a0b84df89afc04fa41ecdece06fabb4 | |
| parent | Add back still-relevant part of external/graphite/ubsan.patch (diff) | |
| download | core-01d5bf354a57ae53f6404c9c858cbb447a3ca0d4.tar.gz core-01d5bf354a57ae53f6404c9c858cbb447a3ca0d4.zip | |
ofz#29113 short read
Change-Id: I107d8abeac419ba4e70a5880054c9195c60464ad
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108527
Tested-by: Caolán McNamara <caolanm@redhat.com>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit ab3829bf74667044d9b0f5b96903bbafda5171f6)
| -rw-r--r-- | vcl/source/gdi/jobset.cxx | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/vcl/source/gdi/jobset.cxx b/vcl/source/gdi/jobset.cxx index 95c8669a7f97..6ef1d51b3ff0 100644 --- a/vcl/source/gdi/jobset.cxx +++ b/vcl/source/gdi/jobset.cxx @@ -261,6 +261,13 @@ SvStream& ReadJobSetup( SvStream& rIStream, JobSetup& rJobSetup ) if ( nSystem == JOBSET_FILE364_SYSTEM || nSystem == JOBSET_FILE605_SYSTEM ) { + if (nRead < sizeof(ImplOldJobSetupData) + sizeof(Impl364JobSetupData)) + { + SAL_WARN("vcl", "Parsing error: " << sizeof(ImplOldJobSetupData) + sizeof(Impl364JobSetupData) << + " required, but " << nRead << " available"); + return rIStream; + } + Impl364JobSetupData* pOldJobData = reinterpret_cast<Impl364JobSetupData*>(pTempBuf.get() + sizeof( ImplOldJobSetupData )); sal_uInt16 nOldJobDataSize = SVBT16ToShort( pOldJobData->nSize ); rJobData.SetSystem( SVBT16ToShort( pOldJobData->nSystem ) ); |