diff options
| author | Caolán McNamara <caolanm@redhat.com> | 2017-11-29 16:15:04 +0000 |
|---|---|---|
| committer | Caolán McNamara <caolanm@redhat.com> | 2017-11-29 21:42:15 +0100 |
| commit | 91f645f5e3bf7412c54c9ddd6d66dd440d4fab26 (patch) | |
| tree | dd8ba71a02a5bfdda7158cce9b19fecb802b6f2a /oox | |
| parent | ba4a124b0c0c66fd275f5147d55eeec27ce78da9 (diff) | |
ofz: handle bad key len and subsequent PK11_ImportSymKey failure
Change-Id: Ied93745f924cbcbc674b5c9a78545aa1f79fc61e
Reviewed-on: https://gerrit.libreoffice.org/45513
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
Diffstat (limited to 'oox')
| -rw-r--r-- | oox/source/crypto/CryptTools.cxx | 12 | ||||
| -rw-r--r-- | oox/source/crypto/Standard2007Engine.cxx | 2 |
2 files changed, 11 insertions, 3 deletions
diff --git a/oox/source/crypto/CryptTools.cxx b/oox/source/crypto/CryptTools.cxx index 2c7c5f794fa3..6de4363c59f4 100644 --- a/oox/source/crypto/CryptTools.cxx +++ b/oox/source/crypto/CryptTools.cxx @@ -34,9 +34,12 @@ Crypto::~Crypto() EVP_CIPHER_CTX_cleanup( &mContext ); #endif #if USE_TLS_NSS - PK11_DestroyContext( mContext, PR_TRUE ); - PK11_FreeSymKey( mSymKey ); - SECITEM_FreeItem( mSecParam, PR_TRUE ); + if (mContext) + PK11_DestroyContext(mContext, PR_TRUE); + if (mSymKey) + PK11_FreeSymKey(mSymKey); + if (mSecParam) + SECITEM_FreeItem(mSecParam, PR_TRUE); #endif } @@ -101,6 +104,9 @@ void Crypto::setupContext(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& i keyItem.len = key.size(); mSymKey = PK11_ImportSymKey(pSlot, mechanism, PK11_OriginUnwrap, CKA_ENCRYPT, &keyItem, nullptr); + if (!mSymKey) + throw css::uno::RuntimeException("NSS SymKey failure", css::uno::Reference<css::uno::XInterface>()); + mSecParam = PK11_ParamFromIV(mechanism, pIvItem); mContext = PK11_CreateContextBySymKey(mechanism, operation, mSymKey, mSecParam); } diff --git a/oox/source/crypto/Standard2007Engine.cxx b/oox/source/crypto/Standard2007Engine.cxx index 3a3fa457106d..1f39a9aab410 100644 --- a/oox/source/crypto/Standard2007Engine.cxx +++ b/oox/source/crypto/Standard2007Engine.cxx @@ -113,6 +113,8 @@ bool Standard2007Engine::calculateEncryptionKey(const OUString& rPassword) buffer[i] ^= hash[i]; hash = comphelper::Hash::calculateHash(buffer.data(), buffer.size(), comphelper::HashType::SHA1); + if (mKey.size() > hash.size()) + return false; std::copy(hash.begin(), hash.begin() + mKey.size(), mKey.begin()); return true; |