coverity#1242895 Untrusted loop bound

Change-Id: If01f0edecca8988087386507717ea8222058bab8
author: Caolán McNamara <caolanm@redhat.com> 2014-12-12 12:27:07 +0000
committer: Caolán McNamara <caolanm@redhat.com> 2014-12-12 12:27:07 +0000
commit: 24d2831e69b86023ee4786a970cb988cbf610f9d (patch)
tree: dca9c945f5c46379abb4c4922e0d6342c4ea1fb4 /sc
parent: 886f962d3a0875729d02a4ba4f169f7ab9400a42 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/sc/source/filter/starcalc/scflt.cxx b/sc/source/filter/starcalc/scflt.cxx
index 25b350dcf64a..03557014c1b6 100644
--- a/sc/source/filter/starcalc/scflt.cxx
+++ b/sc/source/filter/starcalc/scflt.cxx
@@ -1456,6 +1456,13 @@ void Sc10Import::LoadTables()
             return;
         }
         rStream.ReadUInt16( DataCount );
+        const sal_Size nMaxPossibleRecords = rStream.remainingSize() / (sizeof(sal_uInt16)*2);
+        if (DataCount > nMaxPossibleRecords)
+        {
+            SAL_WARN("sc", "Parsing error: " << nMaxPossibleRecords <<
+                     " max possible pairs, but " << DataCount << " claimed, truncating");
+            DataCount = nMaxPossibleRecords;
+        }
         DataStart = 0;
         for (i=0; i < DataCount; i++)
         {
author	Caolán McNamara <caolanm@redhat.com>	2014-12-12 12:27:07 +0000
committer	Caolán McNamara <caolanm@redhat.com>	2014-12-12 12:27:07 +0000
commit	24d2831e69b86023ee4786a970cb988cbf610f9d (patch)
tree	dca9c945f5c46379abb4c4922e0d6342c4ea1fb4 /sc
parent	886f962d3a0875729d02a4ba4f169f7ab9400a42 (diff)