summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSamuel Mehrbrodt <samuel.mehrbrodt@allotropia.de>2021-01-18 15:24:48 +0100
committerThorsten Behrens <thorsten.behrens@allotropia.de>2021-01-29 23:43:22 +0100
commit7df8b437b721b25561995346abfb55dca0d500b5 (patch)
tree08af82986feb44492bce67f5db9fe6dc653efdd5
parente6a367b07f23810c649804145a03ef4a16751773 (diff)
Improve macro checks
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109552 Tested-by: Jenkins Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de> (cherry picked from commit 1dc71daf7fa7204a98c75dac680af664ab9c8edb) Change-Id: Ie40801df8866b52c1458e020ffa9cba120720af7
-rw-r--r--include/sfx2/docmacromode.hxx7
-rw-r--r--sfx2/source/doc/docmacromode.cxx23
-rw-r--r--sfx2/source/doc/objmisc.cxx3
3 files changed, 26 insertions, 7 deletions
diff --git a/include/sfx2/docmacromode.hxx b/include/sfx2/docmacromode.hxx
index 7e1511625086..19199f7a410e 100644
--- a/include/sfx2/docmacromode.hxx
+++ b/include/sfx2/docmacromode.hxx
@@ -218,7 +218,8 @@ namespace sfx2
<TRUE/> if and only if macro execution in this document is allowed.
*/
bool adjustMacroMode(
- const css::uno::Reference< css::task::XInteractionHandler >& _rxInteraction
+ const css::uno::Reference< css::task::XInteractionHandler >& _rxInteraction,
+ bool bHasValidContentSignature = false
);
/** determines whether macro execution is disallowed
@@ -284,11 +285,13 @@ namespace sfx2
*/
bool
checkMacrosOnLoading(
- const css::uno::Reference< css::task::XInteractionHandler >& _rxInteraction
+ const css::uno::Reference< css::task::XInteractionHandler >& _rxInteraction,
+ bool bHasValidContentSignature = false
);
private:
std::shared_ptr< DocumentMacroMode_Data > m_xData;
+ bool m_bNeedsContentSigned;
};
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
index dc84f4e58598..4c27b767c80d 100644
--- a/sfx2/source/doc/docmacromode.cxx
+++ b/sfx2/source/doc/docmacromode.cxx
@@ -111,6 +111,10 @@ namespace sfx2
#endif
}
+ void lcl_showMacrosDisabledUnsignedContentError( const Reference< XInteractionHandler >& rxHandler, bool& rbAlreadyShown )
+ {
+ lcl_showGeneralSfxErrorOnce( rxHandler, ERRCODE_SFX_DOCUMENT_MACRO_DISABLED, rbAlreadyShown );
+ }
bool lcl_showMacroWarning( const Reference< XInteractionHandler >& rxHandler,
const OUString& rDocumentLocation )
@@ -123,7 +127,8 @@ namespace sfx2
//= DocumentMacroMode
DocumentMacroMode::DocumentMacroMode( IMacroDocumentAccess& rDocumentAccess )
- :m_xData( new DocumentMacroMode_Data( rDocumentAccess ) )
+ :m_xData( new DocumentMacroMode_Data( rDocumentAccess ) ),
+ m_bNeedsContentSigned(false)
{
}
@@ -139,7 +144,7 @@ namespace sfx2
return false;
}
- bool DocumentMacroMode::adjustMacroMode( const Reference< XInteractionHandler >& rxInteraction )
+ bool DocumentMacroMode::adjustMacroMode( const Reference< XInteractionHandler >& rxInteraction, bool bHasValidContentSignature )
{
sal_uInt16 nMacroExecutionMode = m_xData->m_rDocumentAccess.getCurrentMacroExecMode();
@@ -236,6 +241,14 @@ namespace sfx2
lcl_showDocumentMacrosDisabledError(rxInteraction, m_xData->m_bDocMacroDisabledMessageShown);
return disallowMacroExecution();
}
+ else if ( m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading() &&
+ bHasTrustedMacroSignature &&
+ !bHasValidContentSignature)
+ {
+ // When macros are signed, and the document has events which call macros, the document content needs to be signed too.
+ lcl_showMacrosDisabledUnsignedContentError(rxInteraction, m_xData->m_bDocMacroDisabledMessageShown);
+ return disallowMacroExecution();
+ }
else if ( bHasTrustedMacroSignature )
{
// there is trusted macro signature, allow macro execution
@@ -395,7 +408,7 @@ namespace sfx2
}
- bool DocumentMacroMode::checkMacrosOnLoading( const Reference< XInteractionHandler >& rxInteraction )
+ bool DocumentMacroMode::checkMacrosOnLoading( const Reference< XInteractionHandler >& rxInteraction, bool bHasValidContentSignature )
{
bool bAllow = false;
if ( SvtSecurityOptions().IsMacroDisabled() )
@@ -407,7 +420,9 @@ namespace sfx2
{
if (m_xData->m_rDocumentAccess.documentStorageHasMacros() || hasMacroLibrary() || m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading())
{
- bAllow = adjustMacroMode( rxInteraction );
+ if (m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading())
+ m_bNeedsContentSigned = true;
+ bAllow = adjustMacroMode( rxInteraction, bHasValidContentSignature );
}
else if ( !isMacroExecutionDisallowed() )
{
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index 7473a23e3783..91817a637620 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -937,7 +937,8 @@ void SfxObjectShell::CheckSecurityOnLoading_Impl()
CheckEncryption_Impl( xInteraction );
// check macro security
- pImpl->aMacroMode.checkMacrosOnLoading( xInteraction );
+ const bool bHasValidContentSignature = HasValidSignatures();
+ pImpl->aMacroMode.checkMacrosOnLoading( xInteraction, bHasValidContentSignature );
}