libreoffice/0001-tidy-this-up-and-don-t-bail-out-on-mislength-records.patch

diff --git a/sw/source/filter/ww8/ww8graf.cxx b/sw/source/filter/ww8/ww8graf.cxx
index 5720af2..7807371 100644
--- a/sw/source/filter/ww8/ww8graf.cxx
+++ b/sw/source/filter/ww8/ww8graf.cxx
@@ -1052,7 +1052,7 @@
                                             Read_PicLoc(nAktId, pParams, 1);
                                         break;
                                 }
-                                aSprmIter++;
+                                aSprmIter.advance();
                             }
 
                             //if( bRead_Obj || bRead_PicLoc ) break;
diff --git a/sw/source/filter/ww8/ww8par2.cxx b/sw/source/filter/ww8/ww8par2.cxx
index 5b66561..65172b1 100644
--- a/sw/source/filter/ww8/ww8par2.cxx
+++ b/sw/source/filter/ww8/ww8par2.cxx
@@ -1964,7 +1964,7 @@ WW8TabDesc::WW8TabDesc(SwWW8ImplReader* pIoClass, WW8_CP nStartCp) :
                     default:
                         ;
                 }
-                aSprmIter++;
+                aSprmIter.advance();
             }
 
             if( !nLoop )
diff --git a/sw/source/filter/ww8/ww8scan.cxx b/sw/source/filter/ww8/ww8scan.cxx
index f2c8fd6..44f1f69 100644
--- a/sw/source/filter/ww8/ww8scan.cxx
+++ b/sw/source/filter/ww8/ww8scan.cxx
@@ -895,22 +895,17 @@ void WW8SprmIter::SetSprms(const BYTE* pSprms_, long nLen_)
     UpdateMyMembers();
 }
 
-const BYTE* WW8SprmIter::operator ++( int )
+void WW8SprmIter::advance()
 {
     if (nRemLen > 0 )
     {
-        if( nRemLen >= nAktSize )
-        {
-            pSprms += nAktSize;
-            nRemLen -= nAktSize;
-            UpdateMyMembers();
-        }
-        else
-        {
-            throw( ::std::exception() );
-        }
+        USHORT nSize = nAktSize;
+        if (nSize > nRemLen)
+            nSize = nRemLen;
+        pSprms += nSize;
+        nRemLen -= nSize;
+        UpdateMyMembers();
     }
-    return pSprms;
 }
 
 void WW8SprmIter::UpdateMyMembers()
@@ -936,7 +931,7 @@ const BYTE* WW8SprmIter::FindSprm(USHORT nId)
     {
         if( GetAktId() == nId )
             return GetAktParams();              // SPRM found!
-        operator ++(0);
+        advance();
     }
 
     return 0;                                   // SPRM _not_ found
@@ -2828,7 +2823,7 @@ bool WW8PLCFx_Fc_FKP::WW8Fkp::HasSprm(USHORT nId,
     {
         if (aIter.GetAktId() == nId)
             rResult.push_back(aIter.GetAktParams());
-        aIter++;
+        aIter.advance();
     };
     return !rResult.empty();
 }
@@ -3151,7 +3146,7 @@ bool WW8PLCFx_Fc_FKP::HasSprm(USHORT nId, std::vector<const BYTE *> &rResult)
         {
             if (aIter.GetAktId() == nId)
                 rResult.push_back(aIter.GetAktParams());
-            aIter++;
+            aIter.advance();
         };
     }
     return !rResult.empty();
diff --git a/sw/source/filter/ww8/ww8scan.hxx b/sw/source/filter/ww8/ww8scan.hxx
index cf6541f..af19986 100644
--- a/sw/source/filter/ww8/ww8scan.hxx
+++ b/sw/source/filter/ww8/ww8scan.hxx
@@ -261,7 +261,7 @@ public:
         const wwSprmParser &rSprmParser);
     void  SetSprms( const BYTE* pSprms_, long nLen_ );
     const BYTE* FindSprm(USHORT nId);
-    const BYTE*  operator ++( int );
+    void  advance();
     const BYTE* GetSprms() const 
         { return ( pSprms && (0 < nRemLen) ) ? pSprms : 0; }
     const BYTE* GetAktParams() const { return pAktParams; }
diff --git a/sw/source/filter/ww8/ww8par.cxx b/sw/source/filter/ww8/ww8par.cxx
index 801cc2f..0df3331 100644
--- a/sw/source/filter/ww8/ww8par.cxx
+++ b/sw/source/filter/ww8/ww8par.cxx
@@ -3895,7 +3895,7 @@ void SwWW8ImplReader::ReadDocInfo()
                         xDocProps->setTemplateURL( sTemplateURL );
                 }
             }
-            else // not a template
+            else if (pWwFib->lcbSttbfAssoc) // not a template, and has a SttbfAssoc
             {
                 long nCur = pTableStream->Tell();
                 Sttb aSttb;
diff --git a/sw/source/filter/ww8/ww8scan.cxx b/sw/source/filter/ww8/ww8scan.cxx
index 44f1f69..b1e0351 100644
--- a/sw/source/filter/ww8/ww8scan.cxx
+++ b/sw/source/filter/ww8/ww8scan.cxx
@@ -2561,6 +2561,7 @@ WW8PLCFx_Fc_FKP::WW8Fkp::WW8Fkp(ww::WordVersion eVersion, SvStream* pSt,
     long nOldPos = pSt->Tell();
 
     pSt->Seek(nFilePos);
+    memset(maRawData, 0, 512);
     pSt->Read(maRawData, 512);
     mnIMax = maRawData[511];
 
@@ -2605,24 +2606,36 @@ WW8PLCFx_Fc_FKP::WW8Fkp::WW8Fkp(ww::WordVersion eVersion, SvStream* pSt,
                             aEntry.mnLen = maRawData[nOfs+1];
                             nDelta++;
                         }
-
                         aEntry.mnLen *= 2;
 
                         //stylecode, std/istd
                         if (eVersion == ww::eWW2)
                         {
-                            aEntry.mnIStd = *(maRawData+nOfs+1+nDelta);
-                            aEntry.mnLen--;  //style code
-                            aEntry.mnLen-=6; //PHE
-                            //skipi stc, len byte + 6 byte PHE
-                            aEntry.mpData = maRawData + nOfs + 8;
+                            if (aEntry.mnLen >= 1)
+                            {
+                                aEntry.mnIStd = *(maRawData+nOfs+1+nDelta);
+                                aEntry.mnLen--;  //style code
+                                if (aEntry.mnLen >= 6)
+                                {
+                                    aEntry.mnLen-=6; //PHE
+                                    //skipi stc, len byte + 6 byte PHE
+                                    aEntry.mpData = maRawData + nOfs + 8;
+                                }
+                                else
+                                    aEntry.mnLen=0; //Too short
+                            }
                         }
                         else
                         {
-                            aEntry.mnIStd = SVBT16ToShort(maRawData+nOfs+1+nDelta);
-                            aEntry.mnLen-=2; //istd
-                            //skip istd, len byte + optional extra len byte
-                            aEntry.mpData = maRawData + nOfs + 3 + nDelta;
+                            if (aEntry.mnLen >= 2)
+                            {
+                                aEntry.mnIStd = SVBT16ToShort(maRawData+nOfs+1+nDelta);
+                                aEntry.mnLen-=2; //istd
+                                //skip istd, len byte + optional extra len byte
+                                aEntry.mpData = maRawData + nOfs + 3 + nDelta;
+                            }
+                            else
+                                aEntry.mnLen=0; //Too short, ignore
                         }
 
                         USHORT nSpId = aEntry.mnLen ? maSprmParser.GetSprmId(aEntry.mpData) : 0;
@@ -2666,6 +2679,17 @@ WW8PLCFx_Fc_FKP::WW8Fkp::WW8Fkp(ww::WordVersion eVersion, SvStream* pSt,
         }
 
         maEntries.push_back(aEntry);
+
+#ifdef DEBUGSPRMREADER
+        {
+            sal_Int32 nLen;
+            BYTE* pSprms = GetLenAndIStdAndSprms( nLen );
+
+            WW8SprmIter aIter(pSprms, nLen, maSprmParser);
+            while(aIter.GetSprms())
+                aIter.advance();
+        }
+#endif
     }
 
     //one more FC than grrpl entries
diff --git a/filter/source/msfilter/mstoolbar.cxx b/filter/source/msfilter/mstoolbar.cxx
index 81b73e5..daee39b 100644
--- a/filter/source/msfilter/mstoolbar.cxx
+++ b/filter/source/msfilter/mstoolbar.cxx
@@ -188,10 +188,11 @@ TBBase::indent_printf( FILE* fp, const char* format, ... )
 
 rtl::OUString TBBase::readUnicodeString( SvStream* pS, sal_Int32 nChars )
 {
-    sal_Int32 nBufSize = nChars * 2;
+    sal_Size nBufSize = nChars * 2;
     boost::scoped_array< sal_uInt8 > pArray( new sal_uInt8[ nBufSize ] );
-    pS->Read( pArray.get(), nBufSize );
-    return svt::BinFilterUtils::CreateOUStringFromUniStringArray(  reinterpret_cast< const char* >( pArray.get() ), nBufSize );
+    sal_Size nReadSize = pS->Read( pArray.get(), nBufSize );
+    OSL_ASSERT(nReadSize == nBufSize);
+    return svt::BinFilterUtils::CreateOUStringFromUniStringArray(  reinterpret_cast< const char* >( pArray.get() ), nReadSize );
 }
 
 TBCHeader::TBCHeader() : bSignature( 0x3 )
update to 4.2.3.3 [release 4.2.3.3-1mamba;Sun Apr 13 2014] 2024-01-06 05:34:37 +01:00			`diff --git a/sw/source/filter/ww8/ww8graf.cxx b/sw/source/filter/ww8/ww8graf.cxx`
			`index 5720af2..7807371 100644`
			`--- a/sw/source/filter/ww8/ww8graf.cxx`
			`+++ b/sw/source/filter/ww8/ww8graf.cxx`
			`@@ -1052,7 +1052,7 @@`
			`Read_PicLoc(nAktId, pParams, 1);`
			`break;`
			`}`
			`- aSprmIter++;`
			`+ aSprmIter.advance();`
			`}`

			`//if( bRead_Obj \|\| bRead_PicLoc ) break;`
			`diff --git a/sw/source/filter/ww8/ww8par2.cxx b/sw/source/filter/ww8/ww8par2.cxx`
			`index 5b66561..65172b1 100644`
			`--- a/sw/source/filter/ww8/ww8par2.cxx`
			`+++ b/sw/source/filter/ww8/ww8par2.cxx`
			`@@ -1964,7 +1964,7 @@ WW8TabDesc::WW8TabDesc(SwWW8ImplReader* pIoClass, WW8_CP nStartCp) :`
			`default:`
			`;`
			`}`
			`- aSprmIter++;`
			`+ aSprmIter.advance();`
			`}`

			`if( !nLoop )`
			`diff --git a/sw/source/filter/ww8/ww8scan.cxx b/sw/source/filter/ww8/ww8scan.cxx`
			`index f2c8fd6..44f1f69 100644`
			`--- a/sw/source/filter/ww8/ww8scan.cxx`
			`+++ b/sw/source/filter/ww8/ww8scan.cxx`
			`@@ -895,22 +895,17 @@ void WW8SprmIter::SetSprms(const BYTE* pSprms_, long nLen_)`
			`UpdateMyMembers();`
			`}`

			`-const BYTE* WW8SprmIter::operator ++( int )`
			`+void WW8SprmIter::advance()`
			`{`
			`if (nRemLen > 0 )`
			`{`
			`- if( nRemLen >= nAktSize )`
			`- {`
			`- pSprms += nAktSize;`
			`- nRemLen -= nAktSize;`
			`- UpdateMyMembers();`
			`- }`
			`- else`
			`- {`
			`- throw( ::std::exception() );`
			`- }`
			`+ USHORT nSize = nAktSize;`
			`+ if (nSize > nRemLen)`
			`+ nSize = nRemLen;`
			`+ pSprms += nSize;`
			`+ nRemLen -= nSize;`
			`+ UpdateMyMembers();`
			`}`
			`- return pSprms;`
			`}`

			`void WW8SprmIter::UpdateMyMembers()`
			`@@ -936,7 +931,7 @@ const BYTE* WW8SprmIter::FindSprm(USHORT nId)`
			`{`
			`if( GetAktId() == nId )`
			`return GetAktParams(); // SPRM found!`
			`- operator ++(0);`
			`+ advance();`
			`}`

			`return 0; // SPRM _not_ found`
			`@@ -2828,7 +2823,7 @@ bool WW8PLCFx_Fc_FKP::WW8Fkp::HasSprm(USHORT nId,`
			`{`
			`if (aIter.GetAktId() == nId)`
			`rResult.push_back(aIter.GetAktParams());`
			`- aIter++;`
			`+ aIter.advance();`
			`};`
			`return !rResult.empty();`
			`}`
			`@@ -3151,7 +3146,7 @@ bool WW8PLCFx_Fc_FKP::HasSprm(USHORT nId, std::vector<const BYTE *> &rResult)`
			`{`
			`if (aIter.GetAktId() == nId)`
			`rResult.push_back(aIter.GetAktParams());`
			`- aIter++;`
			`+ aIter.advance();`
			`};`
			`}`
			`return !rResult.empty();`
			`diff --git a/sw/source/filter/ww8/ww8scan.hxx b/sw/source/filter/ww8/ww8scan.hxx`
			`index cf6541f..af19986 100644`
			`--- a/sw/source/filter/ww8/ww8scan.hxx`
			`+++ b/sw/source/filter/ww8/ww8scan.hxx`
			`@@ -261,7 +261,7 @@ public:`
			`const wwSprmParser &rSprmParser);`
			`void SetSprms( const BYTE* pSprms_, long nLen_ );`
			`const BYTE* FindSprm(USHORT nId);`
			`- const BYTE* operator ++( int );`
			`+ void advance();`
			`const BYTE* GetSprms() const`
			`{ return ( pSprms && (0 < nRemLen) ) ? pSprms : 0; }`
			`const BYTE* GetAktParams() const { return pAktParams; }`
			`diff --git a/sw/source/filter/ww8/ww8par.cxx b/sw/source/filter/ww8/ww8par.cxx`
			`index 801cc2f..0df3331 100644`
			`--- a/sw/source/filter/ww8/ww8par.cxx`
			`+++ b/sw/source/filter/ww8/ww8par.cxx`
			`@@ -3895,7 +3895,7 @@ void SwWW8ImplReader::ReadDocInfo()`
			`xDocProps->setTemplateURL( sTemplateURL );`
			`}`
			`}`
			`- else // not a template`
			`+ else if (pWwFib->lcbSttbfAssoc) // not a template, and has a SttbfAssoc`
			`{`
			`long nCur = pTableStream->Tell();`
			`Sttb aSttb;`
			`diff --git a/sw/source/filter/ww8/ww8scan.cxx b/sw/source/filter/ww8/ww8scan.cxx`
			`index 44f1f69..b1e0351 100644`
			`--- a/sw/source/filter/ww8/ww8scan.cxx`
			`+++ b/sw/source/filter/ww8/ww8scan.cxx`
			`@@ -2561,6 +2561,7 @@ WW8PLCFx_Fc_FKP::WW8Fkp::WW8Fkp(ww::WordVersion eVersion, SvStream* pSt,`
			`long nOldPos = pSt->Tell();`

			`pSt->Seek(nFilePos);`
			`+ memset(maRawData, 0, 512);`
			`pSt->Read(maRawData, 512);`
			`mnIMax = maRawData[511];`

			`@@ -2605,24 +2606,36 @@ WW8PLCFx_Fc_FKP::WW8Fkp::WW8Fkp(ww::WordVersion eVersion, SvStream* pSt,`
			`aEntry.mnLen = maRawData[nOfs+1];`
			`nDelta++;`
			`}`
			`-`
			`aEntry.mnLen *= 2;`

			`//stylecode, std/istd`
			`if (eVersion == ww::eWW2)`
			`{`
			`- aEntry.mnIStd = *(maRawData+nOfs+1+nDelta);`
			`- aEntry.mnLen--; //style code`
			`- aEntry.mnLen-=6; //PHE`
			`- //skipi stc, len byte + 6 byte PHE`
			`- aEntry.mpData = maRawData + nOfs + 8;`
			`+ if (aEntry.mnLen >= 1)`
			`+ {`
			`+ aEntry.mnIStd = *(maRawData+nOfs+1+nDelta);`
			`+ aEntry.mnLen--; //style code`
			`+ if (aEntry.mnLen >= 6)`
			`+ {`
			`+ aEntry.mnLen-=6; //PHE`
			`+ //skipi stc, len byte + 6 byte PHE`
			`+ aEntry.mpData = maRawData + nOfs + 8;`
			`+ }`
			`+ else`
			`+ aEntry.mnLen=0; //Too short`
			`+ }`
			`}`
			`else`
			`{`
			`- aEntry.mnIStd = SVBT16ToShort(maRawData+nOfs+1+nDelta);`
			`- aEntry.mnLen-=2; //istd`
			`- //skip istd, len byte + optional extra len byte`
			`- aEntry.mpData = maRawData + nOfs + 3 + nDelta;`
			`+ if (aEntry.mnLen >= 2)`
			`+ {`
			`+ aEntry.mnIStd = SVBT16ToShort(maRawData+nOfs+1+nDelta);`
			`+ aEntry.mnLen-=2; //istd`
			`+ //skip istd, len byte + optional extra len byte`
			`+ aEntry.mpData = maRawData + nOfs + 3 + nDelta;`
			`+ }`
			`+ else`
			`+ aEntry.mnLen=0; //Too short, ignore`
			`}`

			`USHORT nSpId = aEntry.mnLen ? maSprmParser.GetSprmId(aEntry.mpData) : 0;`
			`@@ -2666,6 +2679,17 @@ WW8PLCFx_Fc_FKP::WW8Fkp::WW8Fkp(ww::WordVersion eVersion, SvStream* pSt,`
			`}`

			`maEntries.push_back(aEntry);`
			`+`
			`+#ifdef DEBUGSPRMREADER`
			`+ {`
			`+ sal_Int32 nLen;`
			`+ BYTE* pSprms = GetLenAndIStdAndSprms( nLen );`
			`+`
			`+ WW8SprmIter aIter(pSprms, nLen, maSprmParser);`
			`+ while(aIter.GetSprms())`
			`+ aIter.advance();`
			`+ }`
			`+#endif`
			`}`

			`//one more FC than grrpl entries`
			`diff --git a/filter/source/msfilter/mstoolbar.cxx b/filter/source/msfilter/mstoolbar.cxx`
			`index 81b73e5..daee39b 100644`
			`--- a/filter/source/msfilter/mstoolbar.cxx`
			`+++ b/filter/source/msfilter/mstoolbar.cxx`
			`@@ -188,10 +188,11 @@ TBBase::indent_printf( FILE* fp, const char* format, ... )`

			`rtl::OUString TBBase::readUnicodeString( SvStream* pS, sal_Int32 nChars )`
			`{`
			`- sal_Int32 nBufSize = nChars * 2;`
			`+ sal_Size nBufSize = nChars * 2;`
			`boost::scoped_array< sal_uInt8 > pArray( new sal_uInt8[ nBufSize ] );`
			`- pS->Read( pArray.get(), nBufSize );`
			`- return svt::BinFilterUtils::CreateOUStringFromUniStringArray( reinterpret_cast< const char* >( pArray.get() ), nBufSize );`
			`+ sal_Size nReadSize = pS->Read( pArray.get(), nBufSize );`
			`+ OSL_ASSERT(nReadSize == nBufSize);`
			`+ return svt::BinFilterUtils::CreateOUStringFromUniStringArray( reinterpret_cast< const char* >( pArray.get() ), nReadSize );`
			`}`

			`TBCHeader::TBCHeader() : bSignature( 0x3 )`