CWS-TOOLING: integrate CWS fwk94_DEV300

2 files changed, 13 insertions, 4 deletions

diff --git a/sot/source/sdstor/stgelem.cxx b/sot/source/sdstor/stgelem.cxx
index 5c0a7a009e94..d6fc8ce8f241 100644
--- a/sot/source/sdstor/stgelem.cxx
+++ b/sot/source/sdstor/stgelem.cxx
@@ -7,7 +7,7 @@
  * OpenOffice.org - a multi-platform office productivity suite
  *
  * $RCSfile: stgelem.cxx,v $
- * $Revision: 1.12 $
+ * $Revision: 1.12.6.1 $
  *
  * This file is part of OpenOffice.org.
  *
@@ -158,12 +158,18 @@ BOOL StgHeader::Store( StgIo& rIo )
     return BOOL( !bDirty );
 }
 
-// Perform thorough checks also on unknown variables
+static bool lcl_wontoverflow(short shift)
+{
+    return shift >= 0 && shift < (short)sizeof(short) * 8 - 1;
+}
 
+// Perform thorough checks also on unknown variables
 BOOL StgHeader::Check()
 {
     return BOOL( memcmp( cSignature, cStgSignature, 8 ) == 0
-            &&   (short) ( nVersion >> 16 ) == 3 );
+            && (short) ( nVersion >> 16 ) == 3 )
+            && lcl_wontoverflow(nPageSize)
+            && lcl_wontoverflow(nDataPageSize);
 }
 
 INT32 StgHeader::GetFATPage( short n ) const
diff --git a/sot/source/sdstor/stgstrms.cxx b/sot/source/sdstor/stgstrms.cxx
index e3aa0ca7122d..46ae3529439c 100644
--- a/sot/source/sdstor/stgstrms.cxx
+++ b/sot/source/sdstor/stgstrms.cxx
@@ -7,7 +7,7 @@
  * OpenOffice.org - a multi-platform office productivity suite
  *
  * $RCSfile: stgstrms.cxx,v $
- * $Revision: 1.11 $
+ * $Revision: 1.11.8.1 $
  *
  * This file is part of OpenOffice.org.
  *
@@ -823,6 +823,9 @@ void* StgDataStrm::GetPtr( INT32 Pos, BOOL bForce, BOOL bDirty )
 
 INT32 StgDataStrm::Read( void* pBuf, INT32 n )
 {
+    if ( n < 0 )
+        return 0;
+
     if( ( nPos + n ) > nSize )
         n = nSize - nPos;
     INT32 nDone = 0;