rpms/openoffice.org/FC-3 6438334-macros-so7-sfx2.diff, NONE, 1.1 disable-java-applets.diff, NONE, 1.1 sax+source+expatwrap+xml2utf.cxx.diff, NONE, 1.1 openoffice.org.spec, 1.64, 1.65 redhat-fixes.patch, 1.35, 1.36
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon Jun 26 14:24:20 UTC 2006
Author: caolanm
Update of /cvs/dist/rpms/openoffice.org/FC-3
In directory cvs.devel.redhat.com:/tmp/cvs-serv1404
Modified Files:
openoffice.org.spec redhat-fixes.patch
Added Files:
6438334-macros-so7-sfx2.diff disable-java-applets.diff
sax+source+expatwrap+xml2utf.cxx.diff
Log Message:
port from RHEL
6438334-macros-so7-sfx2.diff:
inc/objsh.hxx | 0
sfx2/inc/objsh.hxx | 1
sfx2/source/doc/objmisc.cxx | 79 +++++++++++++++++++++++++++++++++++
sfx2/source/doc/objstor.cxx | 16 -------
sfx2/source/doc/sfxbasemodel.cxx | 86 +++++++++++++++++++++++++++++++--------
source/doc/objmisc.cxx | 0
source/doc/objstor.cxx | 0
source/doc/sfxbasemodel.cxx | 0
8 files changed, 149 insertions(+), 33 deletions(-)
--- NEW FILE 6438334-macros-so7-sfx2.diff ---
Index: inc/objsh.hxx
===================================================================
RCS file: /cvs/framework/sfx2/inc/objsh.hxx,v
retrieving revision 1.32.12.3
diff -u -p -r1.32.12.3 objsh.hxx
--- sfx2/inc/objsh.hxx.orig 21 Apr 2004 09:42:09 -0000 1.32.12.3
+++ sfx2/inc/objsh.hxx 13 Jun 2006 12:14:45 -0000
@@ -569,6 +569,7 @@ public:
#if _SOLAR__PRIVATE
static SEQUENCE< OUSTRING > GetEventNames_Impl();
void InitBasicManager_Impl( SvStorage *pStor, const String* pName = NULL );
+ void CheckMacrosOnLoading_Impl();
SfxObjectShell_Impl* Get_Impl() { return pImp; }
const SfxObjectShell_Impl* Get_Impl() const { return pImp; }
Index: source/doc/objmisc.cxx
===================================================================
RCS file: /cvs/framework/sfx2/source/doc/objmisc.cxx,v
retrieving revision 1.33.12.1
diff -u -p -r1.33.12.1 objmisc.cxx
--- sfx2/source/doc/objmisc.cxx.orig 21 Apr 2004 09:42:21 -0000 1.33.12.1
+++ sfx2/source/doc/objmisc.cxx 13 Jun 2006 12:16:28 -0000
@@ -126,6 +126,7 @@
#include <svtools/securityoptions.hxx>
+using namespace ::com::sun::star;
using namespace ::com::sun::star::uno;
using namespace ::com::sun::star::ucb;
using namespace ::com::sun::star::document;
@@ -181,6 +182,8 @@ using namespace ::com::sun::star::docume
#include "helper.hxx"
#include "doc.hrc"
+#include <scriptcont.hxx>
+
// class SfxHeaderAttributes_Impl ----------------------------------------
class SfxHeaderAttributes_Impl : public SvKeyValueIterator
@@ -1008,6 +1011,80 @@ void SfxObjectShell::SetAutoLoad(
}
}
+//-------------------------------------------------------------------------
+
+void SfxObjectShell::CheckMacrosOnLoading_Impl()
+{
+ const SfxFilter* pFilter = pMedium->GetFilter();
+ sal_Bool bHasStorage = IsOwnStorageFormat_Impl( *pMedium );
+
+ if ( GetError() != ERRCODE_NONE )
+ return;
+
+ sal_Bool bHasMacros = sal_False;
+
+ if ( bHasStorage && ( !pFilter || !( pFilter->GetFilterFlags() & SFX_FILTER_STARONEFILTER ) ) )
+ {
+ SvStorageRef xStorage( pMedium->GetStorage() );
+ if ( xStorage.Is() )
+ {
+ if ( xStorage->IsOLEStorage() )
+ bHasMacros = BasicManager::HasBasicWithModules( *xStorage );
+ else
+ bHasMacros = xStorage->IsStorage( String::CreateFromAscii("Basic") );
+ }
+ else
+ SetError( ERRCODE_IO_GENERAL );
+ }
+
+ if ( !bHasMacros && pImp->pBasicLibContainer != 0 )
+ {
+ // a library container exists; check if it's empty
+
+ // if there are libraries except "Standard" library
+ // we assume that they are not empty (because they have been created by the user)
+ try
+ {
+ if ( pImp->pBasicLibContainer->hasElements() )
+ {
+ ::rtl::OUString aStdLibName( RTL_CONSTASCII_USTRINGPARAM( "Standard" ) );
+ uno::Sequence< ::rtl::OUString > aElements = pImp->pBasicLibContainer->getElementNames();
+ if ( aElements.getLength() )
+ {
+ if ( aElements.getLength() > 1 || !aElements[0].equals( aStdLibName ) )
+ bHasMacros = sal_True;
+ else
+ {
+ // usually a "Standard" library is always present (design)
+ // for this reason we must check if it's empty
+ uno::Reference < container::XNameAccess > xLib;
+ uno::Any aAny = pImp->pBasicLibContainer->getByName( aStdLibName );
+ aAny >>= xLib;
+ if ( xLib.is() )
+ bHasMacros = xLib->hasElements();
+ }
+ }
+ }
+ }
+ catch( uno::Exception& )
+ {}
+ }
+
+ if ( GetError() != ERRCODE_NONE )
+ return;
+
+ if ( bHasMacros )
+ {
+ AdjustMacroMode( String() ); // if macros are disabled the message will be shown here
+ }
+ else
+ {
+ // if macros will be added by the user later, the security check is obsolete
+ pImp->nMacroMode = MacroExecMode::ALWAYS_EXECUTE_NO_WARN;
+ }
+}
+//-------------------------------------------------------------------------
+
void SfxObjectShell::FinishedLoading( sal_uInt16 nFlags )
{
sal_Bool bSetModifiedTRUE = sal_False;
@@ -1028,6 +1105,8 @@ void SfxObjectShell::FinishedLoading( sa
SfxStringItem, SID_DOC_SALVAGE, sal_False );
if ( pSalvageItem )
bSetModifiedTRUE = sal_True;
+
+ CheckMacrosOnLoading_Impl();
}
if( ( nFlags & SFX_LOADED_IMAGES ) &&
Index: source/doc/objstor.cxx
===================================================================
RCS file: /cvs/framework/sfx2/source/doc/objstor.cxx,v
retrieving revision 1.118.16.3
diff -u -p -r1.118.16.3 objstor.cxx
--- sfx2/source/doc/objstor.cxx.orig 25 Mar 2004 12:07:10 -0000 1.118.16.3
+++ sfx2/source/doc/objstor.cxx 13 Jun 2006 12:16:34 -0000
@@ -607,22 +607,6 @@ sal_Bool SfxObjectShell::DoLoad( SfxMedi
xStor->FillInfoList( &aList );
if ( !aList.Count() && !xStor->IsOLEStorage() )
SetError( ERRCODE_IO_BROKENPACKAGE );
- else
- {
- BOOL bHasMacros = FALSE;
- if ( xStor->IsOLEStorage() )
- bHasMacros = BasicManager::HasBasicWithModules( *xStor );
- else
- bHasMacros = xStor->IsStorage( String::CreateFromAscii("Basic") );
-
- if ( bHasMacros )
- AdjustMacroMode( String() );
- else
- {
- // if macros will be added by the user later, the security check is obsolete
- pImp->nMacroMode = MacroExecMode::ALWAYS_EXECUTE_NO_WARN;
- }
- }
}
// Load
Index: source/doc/sfxbasemodel.cxx
===================================================================
RCS file: /cvs/framework/sfx2/source/doc/sfxbasemodel.cxx,v
retrieving revision 1.51.10.1
diff -u -p -r1.51.10.1 sfxbasemodel.cxx
--- sfx2/source/doc/sfxbasemodel.cxx.orig 9 Jan 2004 17:44:22 -0000 1.51.10.1
+++ sfx2/source/doc/sfxbasemodel.cxx 13 Jun 2006 12:16:42 -0000
@@ -103,6 +103,10 @@
#include <com/sun/star/view/PaperOrientation.hpp>
#endif
+#ifndef _COM_SUN_STAR_SCRIPT_XLIBRARYCONTAINER_HPP_
+#include <com/sun/star/script/XLibraryContainer.hpp>
+#endif
+
#ifndef _CPPUHELPER_INTERFACECONTAINER_HXX_
#include <cppuhelper/interfacecontainer.hxx>
#endif
@@ -578,6 +582,7 @@ SEQUENCE< sal_Int8 > SAL_CALL SfxBaseMod
REFERENCE< XSTARBASICACCESS > implGetStarBasicAccess( SfxObjectShell* pObjectShell )
{
+ // is not used
REFERENCE< XSTARBASICACCESS > xRet;
if( pObjectShell )
{
@@ -593,13 +598,20 @@ REFERENCE< XNAMECONTAINER > SAL_CALL Sfx
if ( impl_isDisposed() )
throw DISPOSEDEXCEPTION();
- REFERENCE< XSTARBASICACCESS >& rxAccess = m_pData->m_xStarBasicAccess;
- if( !rxAccess.is() )
- rxAccess = implGetStarBasicAccess( m_pData->m_pObjectShell );
+// the document library container must be used directly
+// REFERENCE< XSTARBASICACCESS >& rxAccess = m_pData->m_xStarBasicAccess;
+// if( !rxAccess.is() )
+// rxAccess = implGetStarBasicAccess( m_pData->m_pObjectShell );
+//
+// REFERENCE< XNAMECONTAINER > xRet;
+// if( rxAccess.is() )
+// xRet = rxAccess->getLibraryContainer();
+// return xRet;
REFERENCE< XNAMECONTAINER > xRet;
- if( rxAccess.is() )
- xRet = rxAccess->getLibraryContainer();
+ if( m_pData->m_pObjectShell )
+ xRet = REFERENCE< XNAMECONTAINER >( m_pData->m_pObjectShell->GetBasicContainer(), UNO_QUERY );
+
return xRet;
}
@@ -614,12 +626,32 @@ void SAL_CALL SfxBaseModel::createLibrar
if ( impl_isDisposed() )
throw DISPOSEDEXCEPTION();
- REFERENCE< XSTARBASICACCESS >& rxAccess = m_pData->m_xStarBasicAccess;
- if( !rxAccess.is() )
- rxAccess = implGetStarBasicAccess( m_pData->m_pObjectShell );
-
- if( rxAccess.is() )
- rxAccess->createLibrary( LibName, Password, ExternalSourceURL, LinkTargetURL );
+ if( m_pData->m_pObjectShell )
+ {
+ Reference< ::com::sun::star::script::XLibraryContainer > xContainer = m_pData->m_pObjectShell->GetBasicContainer();
+ if ( xContainer.is() )
+ {
+ // insert a dummy library to let library existance be detected
+ // it is a hack to fix 136937
+ try
+ {
+ ::rtl::OUString aDummy( RTL_CONSTASCII_USTRINGPARAM( "Dummy" ) );
+ if ( !xContainer->hasByName( aDummy ) )
+ xContainer->createLibrary( aDummy );
+ }
+ catch( uno::Exception& )
+ {
+ return;
+ }
+
+ REFERENCE< XSTARBASICACCESS >& rxAccess = m_pData->m_xStarBasicAccess;
+ if( !rxAccess.is() )
+ rxAccess = implGetStarBasicAccess( m_pData->m_pObjectShell );
+
+ if( rxAccess.is() )
+ rxAccess->createLibrary( LibName, Password, ExternalSourceURL, LinkTargetURL );
+ }
+ }
}
/**___________________________________________________________________________________________________
@@ -633,12 +665,32 @@ void SAL_CALL SfxBaseModel::addModule( c
if ( impl_isDisposed() )
throw DISPOSEDEXCEPTION();
- REFERENCE< XSTARBASICACCESS >& rxAccess = m_pData->m_xStarBasicAccess;
- if( !rxAccess.is() )
- rxAccess = implGetStarBasicAccess( m_pData->m_pObjectShell );
-
- if( rxAccess.is() )
- rxAccess->addModule( LibraryName, ModuleName, Language, Source );
+ if( m_pData->m_pObjectShell )
+ {
+ Reference< ::com::sun::star::script::XLibraryContainer > xContainer = m_pData->m_pObjectShell->GetBasicContainer();
+ if ( xContainer.is() )
+ {
+ // insert a dummy library to let library existance be detected
+ // it is a hack to fix 136937
+ try
+ {
+ ::rtl::OUString aDummy( RTL_CONSTASCII_USTRINGPARAM( "Dummy" ) );
+ if ( !xContainer->hasByName( aDummy ) )
+ xContainer->createLibrary( aDummy );
+ }
+ catch( uno::Exception& )
+ {
+ return;
+ }
+
+ REFERENCE< XSTARBASICACCESS >& rxAccess = m_pData->m_xStarBasicAccess;
+ if( !rxAccess.is() )
+ rxAccess = implGetStarBasicAccess( m_pData->m_pObjectShell );
+
+ if( rxAccess.is() )
+ rxAccess->addModule( LibraryName, ModuleName, Language, Source );
+ }
+ }
}
/**___________________________________________________________________________________________________
disable-java-applets.diff:
data/org/openoffice/Office/Common.xcu | 7 +++++++
schema/org/openoffice/Office/Common.xcs | 1 -
2 files changed, 7 insertions(+), 1 deletion(-)
--- NEW FILE disable-java-applets.diff ---
--- officecfg/registry/data/org/openoffice/Office/Common.xcu.orig 2004-05-09 11:22:21.000000000 -0400
+++ officecfg/registry/data/org/openoffice/Office/Common.xcu 2006-06-26 09:09:33.000000000 -0400
@@ -61,6 +61,13 @@
************************************************************************ -->
<!DOCTYPE oor:component-data SYSTEM "../../../../component-update.dtd">
<oor:component-data oor:name="Common" oor:package="org.openoffice.Office" xmlns:oor="http://openoffice.org/2001/registry" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <node oor:name="Java">
+ <node oor:name="Applet">
+ <prop oor:name="Enable" oor:type="xs:boolean">
+ <value>false</value>
+ </prop>
+ </node>
+ </node>
<node oor:name="View">
<node oor:name="Localisation">
<prop oor:name="AutoMnemonic">
--- officecfg/registry/schema/org/openoffice/Office/Common.xcs.orig 2004-04-27 12:35:22.000000000 -0400
+++ officecfg/registry/schema/org/openoffice/Office/Common.xcs 2006-06-26 09:07:52.000000000 -0400
@@ -7070,7 +7070,6 @@
<label xml:lang="af">Words with two initial capital letters - Add automatically</label>
<label xml:lang="zu">Words with two initial capital letters - Add automatically</label>
</info>
- <value>true</value>
</prop>
<prop oor:name="CapitalAtStartSentence" oor:type="xs:boolean">
<!-- OldPath: AutoCorrect/Options/All -->
sax+source+expatwrap+xml2utf.cxx.diff:
xml2utf.cxx | 37 +++++++++++++++++++------------------
1 files changed, 19 insertions(+), 18 deletions(-)
--- NEW FILE sax+source+expatwrap+xml2utf.cxx.diff ---
diff -urN -x CVS -x unxlngi6.pro sax.orig/source/expatwrap/xml2utf.cxx sax/source/expatwrap/xml2utf.cxx
--- sax.orig/source/expatwrap/xml2utf.cxx 2005-09-08 14:05:22.000000000 +0200
+++ sax/source/expatwrap/xml2utf.cxx 2006-06-22 11:04:22.000000000 +0200
@@ -78,24 +78,26 @@
// ensure that enough data is available to parse encoding
if( seqStart.getLength() )
{
- seq.realloc( seqStart.getLength() + seq.getLength() );
- memcpy( (sal_Int8*)seq.getConstArray() + seqStart.getLength() ,
- seq.getConstArray() ,
- seq.getLength() );
- memcpy( (sal_Int8*)seq.getConstArray() ,
- seqStart.getConstArray(),
- seqStart.getLength() );
+ // prefix with what we had so far.
+ sal_Int32 nLength = seq.getLength();
+ seq.realloc( seqStart.getLength() + nLength );
+
+ memmove (seq.getArray() + seqStart.getLength(),
+ seq.getConstArray(),
+ nLength);
+ memcpy (seq.getArray(),
+ seqStart.getConstArray(),
+ seqStart.getLength());
}
// autodetection with the first bytes
if( ! isEncodingRecognizable( seq ) )
{
- seqStart.realloc( seqStart.getLength() + seq.getLength() );
- memcpy( (sal_Int8*)seqStart.getConstArray() + seqStart.getLength(),
- seq.getConstArray(),
- seq.getLength());
- // read more !
- continue;
+ // remember what we have so far.
+ seqStart = seq;
+
+ // read more !
+ continue;
}
if( scanForEncoding( seq ) || m_sEncoding.getLength() ) {
// initialize decoding
@@ -291,7 +293,7 @@
// simply add the byte order mark !
seq.realloc( seq.getLength() + 2 );
- memmove( &( seq.getArray()[2] ) , seq.getArray() , seq.getLength() );
+ memmove( &( seq.getArray()[2] ) , seq.getArray() , seq.getLength() - 2 );
((sal_uInt8*)seq.getArray())[0] = 0xFE;
((sal_uInt8*)seq.getArray())[1] = 0xFF;
@@ -302,7 +304,7 @@
// The byte order mark is simply added
seq.realloc( seq.getLength() + 2 );
- memmove( &( seq.getArray()[2] ) , seq.getArray() , seq.getLength() );
+ memmove( &( seq.getArray()[2] ) , seq.getArray() , seq.getLength() - 2 );
((sal_uInt8*)seq.getArray())[0] = 0xFF;
((sal_uInt8*)seq.getArray())[1] = 0xFE;
@@ -511,9 +513,7 @@
// In general when surrogates are used, they should be rarely
// cut off between two convert()-calls. So this code is used
// rarely and the extra copy is acceptable.
- nSourceSize += m_seqSource.getLength();
-
- puTempMem = new sal_Unicode[ nSourceSize ];
+ puTempMem = new sal_Unicode[ nSourceSize + m_seqSource.getLength()];
memcpy( puTempMem ,
m_seqSource.getConstArray() ,
m_seqSource.getLength() * sizeof( sal_Unicode ) );
@@ -522,6 +522,7 @@
puSource ,
nSourceSize*sizeof( sal_Unicode ) );
puSource = puTempMem;
+ nSourceSize += m_seqSource.getLength();
m_seqSource = Sequence< sal_Unicode > ();
}
Index: openoffice.org.spec
===================================================================
RCS file: /cvs/dist/rpms/openoffice.org/FC-3/openoffice.org.spec,v
retrieving revision 1.64
retrieving revision 1.65
diff -u -r1.64 -r1.65
--- openoffice.org.spec 15 Jul 2005 13:11:35 -0000 1.64
+++ openoffice.org.spec 26 Jun 2006 14:24:17 -0000 1.65
@@ -219,6 +219,9 @@
# rh#147395# drop G_GNUC_CONST usage
Patch25: patches-OOO_1_1-evoab2-crash.diff
+Patch26: 6438334-macros-so7-sfx2.diff
+Patch27: disable-java-applets.diff
+Patch28: sax+source+expatwrap+xml2utf.cxx.diff
##################################
# Description
##################################
@@ -306,6 +309,9 @@
ln -s %{PATCH22} patches/vclplug/
ln -s %{PATCH23} patches/OOO_1_1/
ln -s %{PATCH24} patches/OOO_1_1/
+ln -s %{PATCH26} patches/OOO_1_1/
+ln -s %{PATCH27} patches/OOO_1_1/
+ln -s %{PATCH28} patches/OOO_1_1/
# autogen here only needed when sources come from intermediate CVS releases,
# not release from ooo.ximian.com
@@ -572,9 +578,11 @@
# Changelog
##################################
%changelog
-* Fri Jul 12 2005 Dan Williams <dcbw at redhat.com> - 1.1.3-12
+* Mon Jun 26 2006 Caolan McNamara <caolanm at redhat.com> - 1.1.3-12
- add a fix for rh#147395#/ooo#52023# (caolanm)
-- UNBUILT
+- CVE-2006-2198 macro security
+- CVE-2006-2199 java applets
+- CVE-2006-3117 corrupt file format
* Tue Apr 12 2005 Dan Williams <dcbw at redhat.com> - 1.1.3-11
- Fix CAN-2005-0941 (sot module overflow in .doc parsing)
redhat-fixes.patch:
bin/build-ooo | 30 ++++++++++++
bin/install-dictionaries | 44 +-----------------
bin/ooo-wrapper.in | 40 ----------------
configure.in | 4 -
patches/OOO_1_1/gui-menu-new-wizard-translations.diff | 39 ---------------
patches/OOO_1_1/sc-filter-hide-filteredrows.diff | 1
patches/OOO_1_1_3/apply | 22 +++++++--
7 files changed, 56 insertions(+), 124 deletions(-)
Index: redhat-fixes.patch
===================================================================
RCS file: /cvs/dist/rpms/openoffice.org/FC-3/redhat-fixes.patch,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -r1.35 -r1.36
--- redhat-fixes.patch 12 Apr 2005 14:16:42 -0000 1.35
+++ redhat-fixes.patch 26 Jun 2006 14:24:17 -0000 1.36
@@ -280,12 +280,15 @@
[ FilePickers ]
#
-@@ -461,6 +466,9 @@
+@@ -461,6 +466,12 @@
# Make Tools->Options less confused in pt_BR locales #rh124877#
tools-options-pt_BR-fix.diff
+# Fix CAN-2005-0941 (overflow in sot module .doc parsing code)
+patches-OOO_1_1-sot-overflow.diff
++6438334-macros-so7-sfx2.diff
++disable-java-applets.diff
++sax+source+expatwrap+xml2utf.cxx.diff
+
[ GnomeVFS ]
More information about the fedora-cvs-commits
mailing list