summaryrefslogtreecommitdiffstats
path: root/external/liborcus/forcepoint-83.patch.1
diff options
context:
space:
mode:
authorCaolán McNamara <caolanm@redhat.com>2022-03-23 16:49:03 +0000
committerMichael Stahl <michael.stahl@allotropia.de>2022-05-13 14:14:26 +0200
commitf0416a5215ae80822d1689f080b8eb1f675d007d (patch)
treefe9dfefd37e106a74238b568c3144eae7b902471 /external/liborcus/forcepoint-83.patch.1
parentforcepoint#82 back() called on empty vector (diff)
downloadcore-f0416a5215ae80822d1689f080b8eb1f675d007d.tar.gz
core-f0416a5215ae80822d1689f080b8eb1f675d007d.zip
liborcus: forcepoint#83/84/87/95
forcepoint#83 Invalid read of size 1 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/131989 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 7cccd1f732db8d451e9036800c9947509105a60a) forcepoint#84 Invalid read of size 1 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/131991 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit d6a02a99eaa3690c0aa5c33fea3a4c710813a0de) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132315 Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 59ce428e794eb4874e8be337e31a2a14aef4593a) forcepoint#83 forcepoint#84 update to upstream fix Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132055 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 2323fa29617e4919226517d50abbb9ad33b320ca) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132412 Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 3e57f46c67ae06c30ec2da2c37c602d34af24dab) forcepoint#87 Assertion 'mp_char <= mp_end' failed Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132097 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 32019baffa19a8f79cacf93d5dd5a95c7d416657) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132413 Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> Tested-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit efed5861b51cd54182e2c173a0fc98dee2a7742f) Change-Id: I434928cb2425a2e8eb9440dff67f52cda241b2d9 forcepoint#95 read past end of malformed document Change-Id: I8b2c558c733af3d7662f668af47e962e252ee339 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132311 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 0b9892fee990b7f6d0457ab6191f87c3991580e6) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132414 Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 50f0dc8d49d52a9c8bc2079c69bd5feb150cd71a) (cherry picked from commit 4cf400964b292b5102a8c110c9b8f54a487fbaaf)
Diffstat (limited to 'external/liborcus/forcepoint-83.patch.1')
-rw-r--r--external/liborcus/forcepoint-83.patch.138
1 files changed, 38 insertions, 0 deletions
diff --git a/external/liborcus/forcepoint-83.patch.1 b/external/liborcus/forcepoint-83.patch.1
new file mode 100644
index 000000000000..905289ffd40f
--- /dev/null
+++ b/external/liborcus/forcepoint-83.patch.1
@@ -0,0 +1,38 @@
+From 4d58816e995a562f26f3cc5006ae9ddd46b1bbed Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
+Date: Wed, 23 Mar 2022 16:44:00 +0000
+Subject: [PATCH] forcepoint#83 Invalid read of size 1
+
+==343916== Invalid read of size 1
+==343916== at 0x11A7B2F0: orcus::parser_base::cur_char() const (parser_base.hpp:79)
+==343916== by 0x11B7B112: orcus::sax_parser<orcus::sax_ns_parser<orcus::sax_token_parser<orcus::xml_stream_handler>::handler_wrapper>::handler_wrapper, orcus::sax_parser_default_config>::element_open(long) (sax_parser.hpp:258)
+==343916== by 0x11B7A2C7: orcus::sax_parser<orcus::sax_ns_parser<orcus::sax_token_parser<orcus::xml_stream_handler>::handler_wrapper>::handler_wrapper, orcus::sax_parser_default_config>::element() (sax_parser.hpp:246)
+==343916== by 0x11B7A197: orcus::sax_parser<orcus::sax_ns_parser<orcus::sax_token_parser<orcus::xml_stream_handler>::handler_wrapper>::handler_wrapper, orcus::sax_parser_default_config>::body() (sax_parser.hpp:214)
+==343916== by 0x11B79FD9: orcus::sax_parser<orcus::sax_ns_parser<orcus::sax_token_parser<orcus::xml_stream_handler>::handler_wrapper>::handler_wrapper, orcus::sax_parser_default_config>::parse() (sax_parser.hpp:182)
+==343916== by 0x11B79F8B: orcus::sax_ns_parser<orcus::sax_token_parser<orcus::xml_stream_handler>::handler_wrapper>::parse() (sax_ns_parser.hpp:277)
+==343916== by 0x11B79768: orcus::sax_token_parser<orcus::xml_stream_handler>::parse() (sax_token_parser.hpp:215)
+==343916== by 0x11B79406: orcus::xml_stream_parser::parse() (xml_stream_parser.cpp:68)
+==343916== by 0x11BE3805: orcus::orcus_xlsx::detect(unsigned char const*, unsigned long) (orcus_xlsx.cpp:188)
+==343916== by 0x11AB2482: orcus::detect(unsigned char const*, unsigned long) (format_detection.cpp:60)
+==343916== by 0x30E60945: (anonymous namespace)::OrcusFormatDetect::detect(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue>&) (filterdetect.cxx:83)
+==343916== by 0x30E60ABE: non-virtual thunk to (anonymous namespace)::OrcusFormatDetect::detect(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue>&) (filterdetect.cxx:0)
+---
+ include/orcus/sax_parser.hpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/include/orcus/sax_parser.hpp b/include/orcus/sax_parser.hpp
+index 15e8d917..2e707568 100644
+--- a/include/orcus/sax_parser.hpp
++++ b/include/orcus/sax_parser.hpp
+@@ -255,7 +255,7 @@ void sax_parser<_Handler,_Config>::element_open(std::ptrdiff_t begin_pos)
+ while (true)
+ {
+ blank();
+- char c = cur_char();
++ char c = cur_char_checked();
+ if (c == '/')
+ {
+ // Self-closing element: <element/>
+--
+2.35.1
+
generated by cgit (git 2.34.1) at 2024-05-22 19:23:32 +0000