Make XclRange::GetCol/RowCount more robust

Under (new-in-Clang) -fsanitize=implicit-signed-integer-truncation, CppunitTest_sc_filters_test failed with > Testing file:///.../sc/qa/unit/data/xls/pass/crash-7.xls: > warn:sc:27699:27699:sc/source/filter/excel/xlroot.cxx:158: XclRootData::XclRootData - cannot get output device info: N3com3sun4star3uno9ExceptionE msg: invalid attempt to assign an empty interface of type com.sun.star.frame.XFrame! > warn:legacy.osl:27699:27699:sc/source/filter/excel/xilink.cxx:631: XclImpSupbook::XclImpSupbook - unknown special SUPBOOK type > warn:sc:27699:27699:sc/source/filter/excel/xilink.cxx:703: XclImpSupbook::GetExternName - index must be >0 > warn:legacy.osl:27699:27699:sc/source/filter/excel/xistream.cxx:802: XclImpStream::Ignore - record overread > sc/source/filter/inc/xladdress.hxx:72:47: runtime error: implicit conversion from type 'int' of value -511 (32-bit, signed) to type 'sal_uInt16' (aka 'unsigned short') changed the value to 65025 (16-bit, unsigned) > #0 in XclRange::GetColCount() const at sc/source/filter/inc/xladdress.hxx:72:47 (instdir/program/libscfiltlo.so +0x2510655) > #1 in ImportExcel::ReadDimensions() at sc/source/filter/excel/impop.cxx:255:27 (instdir/program/libscfiltlo.so +0x24e52c4) > #2 in ImportExcel8::Read() at sc/source/filter/excel/read.cxx:1110:49 (instdir/program/libscfiltlo.so +0x2589a90) > #3 in ScFormatFilterPluginImpl::ScImportExcel(SfxMedium&, ScDocument*, EXCIMPFORMAT) at sc/source/filter/excel/excel.cxx:145:35 (instdir/program/libscfiltlo.so +0x230df62) > #4 in ScDocShell::ConvertFrom(SfxMedium&) at sc/source/ui/docshell/docsh.cxx:1265:52 (instdir/program/libsclo.so +0xcc8db50) > #5 in SfxObjectShell::DoLoad(SfxMedium*) at sfx2/source/doc/objstor.cxx:787:23 (instdir/program/libsfxlo.so +0x389f0df) > #6 in ScBootstrapFixture::load(bool, rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned long, rtl::OUString const*) at sc/qa/unit/helper/qahelper.cxx:582:21 (workdir/LinkTarget/CppunitTest/../Library/libscqahelper.so +0x869b5) > #7 in ScBootstrapFixture::load(rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned long, rtl::OUString const*) at sc/qa/unit/helper/qahelper.cxx:597:12 (workdir/LinkTarget/CppunitTest/../Library/libscqahelper.so +0x86fa6) > #8 in ScFiltersTest::load(rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int) at sc/qa/unit/filters-test.cxx:125:51 (workdir/LinkTarget/CppunitTest/libtest_sc_filters_test.so +0x4623a) > #9 in test::FiltersTest::recursiveScan(test::filterStatus, rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int, bool) at unotest/source/cpp/filters-test.cxx:130:20 (workdir/LinkTarget/CppunitTest/../Library/libunotest.so +0x7526d) > #10 in test::FiltersTest::testDir(rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned int, bool) at unotest/source/cpp/filters-test.cxx:155:5 (workdir/LinkTarget/CppunitTest/../Library/libunotest.so +0x79127) > #11 in ScFiltersTest::testCVEs() at sc/qa/unit/filters-test.cxx:146:5 (workdir/LinkTarget/CppunitTest/libtest_sc_filters_test.so +0x4729d) [...] so it smells like the given XclRange (with maFirst.mnCol=512, maFirst.mnRow=0, maLast.mnCol=0, maLast.mnRow=0) already is the result of some previous lenient parsing of invalid input. Change-Id: Ib7915eac5526fc295e7fbbc1c001549b991ddbf7 Reviewed-on: https://gerrit.libreoffice.org/63200 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
author: Stephan Bergmann <sbergman@redhat.com> 2018-11-09 16:41:55 +0100
committer: Stephan Bergmann <sbergman@redhat.com> 2018-11-09 18:11:52 +0100
commit: d75563504643f4b4f8275cb754ec5ab4d786b7ad (patch)
tree: 0590fefd92bca92b0556e61eb914da8a61073825
parent: aa641600fcb81865217fe5db0a6ed79a71e45cd0 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/sc/source/filter/inc/xladdress.hxx b/sc/source/filter/inc/xladdress.hxx
index 141faeb6c71f..da72035a2c89 100644
--- a/sc/source/filter/inc/xladdress.hxx
+++ b/sc/source/filter/inc/xladdress.hxx
@@ -69,8 +69,14 @@ struct XclRange
     void         Set( sal_uInt16 nCol1, sal_uInt32 nRow1, sal_uInt16 nCol2, sal_uInt32 nRow2 )
                             { maFirst.Set( nCol1, nRow1 ); maLast.Set( nCol2, nRow2 ); }
 
-    sal_uInt16   GetColCount() const { return maLast.mnCol - maFirst.mnCol + 1; }
-    sal_uInt32   GetRowCount() const { return maLast.mnRow - maFirst.mnRow + 1; }
+    sal_uInt16   GetColCount() const {
+        return maFirst.mnCol <= maLast.mnCol && maFirst.mnRow <= maLast.mnRow
+            ? maLast.mnCol - maFirst.mnCol + 1 : 0;
+    }
+    sal_uInt32   GetRowCount() const {
+        return maFirst.mnCol <= maLast.mnCol && maFirst.mnRow <= maLast.mnRow
+            ? maLast.mnRow - maFirst.mnRow + 1 : 0;
+    }
     bool                Contains( const XclAddress& rPos ) const;
 
     void                Read( XclImpStream& rStrm, bool bCol16Bit = true );
author	Stephan Bergmann <sbergman@redhat.com>	2018-11-09 16:41:55 +0100
committer	Stephan Bergmann <sbergman@redhat.com>	2018-11-09 18:11:52 +0100
commit	d75563504643f4b4f8275cb754ec5ab4d786b7ad (patch)
tree	0590fefd92bca92b0556e61eb914da8a61073825
parent	aa641600fcb81865217fe5db0a6ed79a71e45cd0 (diff)