| Age | Commit message (Collapse) | Author |
|---|
|
Opening cdr/fdo53278-4.cdr as obtained by
bin/get-bugzilla-attachments-by-mimetype (i.e., the attachment at
<https://bugs.documentfoundation.org/show_bug.cgi?id=53278#c14>) under
-fsanitize=undefined causes
> CDRPath.cpp:821:34: runtime error: -173.908 is outside the range of representable values of type 'unsigned int'
> #0 in libcdr::CDRPath::writeOut(librevenge::RVNGString&, librevenge::RVNGString&, double&) const at workdir/UnpackedTarball/libcdr/src/lib/CDRPath.cpp:821:34 (instdir/program/../program/libwpftdrawlo.so +0x2380015)
> #1 in libcdr::CDRContentCollector::_lineProperties(librevenge::RVNGPropertyList&) at workdir/UnpackedTarball/libcdr/src/lib/CDRContentCollector.cpp:1118:17 (instdir/program/../program/libwpftdrawlo.so +0x2090b54)
> #2 in libcdr::CDRContentCollector::_flushCurrentPath() at workdir/UnpackedTarball/libcdr/src/lib/CDRContentCollector.cpp:240:5 (instdir/program/../program/libwpftdrawlo.so +0x2070a9e)
> #3 in libcdr::CDRContentCollector::collectLevel(unsigned int) at workdir/UnpackedTarball/libcdr/src/lib/CDRContentCollector.cpp:563:5 (instdir/program/../program/libwpftdrawlo.so +0x209243d)
> #4 in libcdr::CDRParser::parseRecord(librevenge::RVNGInputStream*, std::vector<unsigned int, std::allocator<unsigned int> > const&, unsigned int) at workdir/UnpackedTarball/libcdr/src/lib/CDRParser.cpp:514:18 (instdir/program/../program/libwpftdrawlo.so +0x213bdff)
> #5 in libcdr::CDRParser::parseRecords(librevenge::RVNGInputStream*, std::vector<unsigned int, std::allocator<unsigned int> > const&, unsigned int) at workdir/UnpackedTarball/libcdr/src/lib/CDRParser.cpp:500:10 (instdir/program/../program/libwpftdrawlo.so +0x213b93f)
[...]
Change-Id: Ie73965851102689ebb7895d61edb3d32ff47c60c
Reviewed-on: https://gerrit.libreoffice.org/73181
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
(but which requires a little upstream master patch)
Change-Id: I4bea938c402b03d8b05b6e70694ecc0184544b81
Reviewed-on: https://gerrit.libreoffice.org/73179
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
...as seen during CppunitTest_sw_layoutwriter:
> testUserFieldTypeLanguage::TestBody finished in: 1271ms
[...]
> workdir/UnpackedTarball/zlib/trees.c:873:42: runtime error: null pointer passed as argument 2, which is declared to never be null
> /usr/include/string.h:43:28: note: nonnull attribute specified here
> #0 in _tr_stored_block at workdir/UnpackedTarball/zlib/trees.c:873:5
> #1 in deflate at workdir/UnpackedTarball/zlib/deflate.c:1025:17
> #2 in ZipUtils::ThreadedDeflater::Task::doWork() at package/source/zipapi/ThreadedDeflater.cxx:163:15
[...]
Change-Id: I7d4b68ab2c4fb3080fc48211236cb33ca4bf7126
Reviewed-on: https://gerrit.libreoffice.org/73143
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
gb_LinkTarget_set_precompiled_header sets PCH_CXXFLAGS, so add_cxxflags
must go after it.
Change-Id: I527906661dcecff56a24d5733bd87b4c9bf96215
Reviewed-on: https://gerrit.libreoffice.org/73000
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
|
|
Change-Id: I6c6246d14e11507e2b24a91304a2fef7ac3b9e22
Reviewed-on: https://gerrit.libreoffice.org/72965
Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
Tested-by: Julien Nabet <serval2412@yahoo.fr>
|
|
As in, really disable, so that they do not even show. This moreover
avoids tons of D9025 warnings from MSVC about overriding -W4 with -w.
Change-Id: Ia2e72fd72d883d91bdd89e467ee42f259e2ae033
Reviewed-on: https://gerrit.libreoffice.org/72899
Tested-by: Jenkins
Reviewed-by: Luboš Luňák <l.lunak@collabora.com>
|
|
Change-Id: I363a02d7115ea54bb4aedb38071a249e145ee471
Reviewed-on: https://gerrit.libreoffice.org/72742
Tested-by: Jenkins
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
|
|
Fixes CVE-2019-5435. It looks like this is not a problem on 32-bit
Windows because fortunately we don't use /LARGEADDRESSAWARE flag
to set IMAGE_FILE_LARGE_ADDRESS_AWARE... but on 32-bit Linux
the user-space VM is 3GB so an exploit might be possible.
Apparently there's no code in LO that uses the CURLU_URLENCODE flag.
The other one, CVE-2019-5436, doesn't matter because we disable tftp.
Change-Id: I0d4f087befa5a3c4fb21ec36761dad68932425d9
Reviewed-on: https://gerrit.libreoffice.org/72732
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
|
|
Change-Id: I5987fcc04396e4e22640d6b09b52fa7b08460369
Reviewed-on: https://gerrit.libreoffice.org/72687
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Jenkins
|
|
Change-Id: Ie4c42943445813c7c50bf06cb710cedf2a61f3a9
Reviewed-on: https://gerrit.libreoffice.org/72619
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
Make RefUpdateContext and ScColumn::UpdateReferenceOnCopy() use the same
sc::ColumnBlockPositionSet that CopyFromClipContext uses. Without it
pathological cases like in tdf#112000 trigger quadratic cost because
of repeated mdds searches from the start.
Includes also an mdds patch that allows it to search backwards
from a position hint. Without it, this would be very difficult to fix
otherwise, as CopyFromClip() in ScDocument::CopyBlockFromClip()
moves the position hint past the area that UpdateReferenceOnCopy()
would use. It also just plain makes sense to try to go backwards
in an std::vector.
Change-Id: I985e3a40e4abf1a824e55c76d82579882fa75cc2
Reviewed-on: https://gerrit.libreoffice.org/72424
Tested-by: Jenkins
Reviewed-by: Luboš Luňák <l.lunak@collabora.com>
|
|
Change-Id: I5d515255018cc2015423beade456b64543a0cdcf
Reviewed-on: https://gerrit.libreoffice.org/72528
Tested-by: Jenkins
Reviewed-by: Luboš Luňák <l.lunak@collabora.com>
|
|
Change-Id: I6b482abc7fae6131d9a904cb6eafd33050d2548b
Reviewed-on: https://gerrit.libreoffice.org/72527
Tested-by: Jenkins
Reviewed-by: Luboš Luňák <l.lunak@collabora.com>
|
|
Change-Id: Ifa64e7b995e7b9cc576fdc19fb4c8822309a57a1
Reviewed-on: https://gerrit.libreoffice.org/72524
Tested-by: Jenkins
Reviewed-by: Luboš Luňák <l.lunak@collabora.com>
|
|
It's an external library, but it's a large C++ lib and it's built
using gbuild, so this helps too. Here with Clang it cuts build
time from ~2:40 to ~1:25 (and about halves the CPU user time).
Hopefully it also helps to reduce the build time for Windows gerrit builds.
Change-Id: Ieef0ea28e0fe1fd216592fca70410075d95ddc54
Reviewed-on: https://gerrit.libreoffice.org/72517
Tested-by: Jenkins
Reviewed-by: Luboš Luňák <l.lunak@collabora.com>
|
|
...which fixes an issue encountered when compiling with Clang against trunk
libstdc++ (which contains pre-C++17-only code that triggers
<https://bugs.llvm.org/show_bug.cgi?id=41896> "Bogus 'error: no return statement
in constexpr function' when void return type is 'templated'")
Change-Id: I33368996c8ac8cf32893ba1b631ace2a606dafb1
Reviewed-on: https://gerrit.libreoffice.org/72409
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
Change-Id: I9d0a7e782b1bd5955cb524153b8a7bdea9e174e7
|
|
Change-Id: I26deeefc8cf335f53aa55c8523cd08687f27b63b
|
|
These are larger C++ libs and without gdb-index gdb takes a moment
to load such libs.
Change-Id: I555a629199f761060199a528415f7d5fbe9d9533
Reviewed-on: https://gerrit.libreoffice.org/71822
Tested-by: Jenkins
Reviewed-by: Luboš Luňák <l.lunak@collabora.com>
|
|
...after eeeec33ada5923f1f534334b22c15d6e2c6f1d35 "merge
--enable-selective-debuginfo into --enable-symbols" had removed it
Change-Id: I83aed6e21c4b983d8645707daa65bd85ec16ff6b
Reviewed-on: https://gerrit.libreoffice.org/71798
Tested-by: Jenkins
Reviewed-by: Luboš Luňák <l.lunak@collabora.com>
|
|
https://github.com/anholt/libepoxy/issues/180 sounds very similar and
1.5.3 apparently fixes that
Change-Id: I009f5bc82f9e8326a7028ed29d86733cce649d15
Reviewed-on: https://gerrit.libreoffice.org/71733
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
...with latest Clang trunk towards Clang 9. All the no-longer necessary hacks
are made conditional on new NEED_CLANG_LINUX_UBSAN_RTTI_VISIBILITY, which is
still set for UBSan builds with older Clang on Linux (but which should
eventually be purged).
Various classes needed additional SAL_DLLPUBLIC_RTTI annotations, as building
with UBSan instrumentation can generate references to RTTI symbols from
additional places like outside a dynamic library that used to hide those symbols
by default (but used to not hide them for old UBSan builds thanks to the
-fvisibility-ms-compat hack).
The odr-violation suppressions in solenv/sanitizers/asan-suppressions (which is
not referenced from anywhere in the code base, but meant to be included in an
ASan/UBSan build's ASAN_OPTIONS env var) are also no longer needed when
NEED_CLANG_LINUX_UBSAN_RTTI_VISIBILITY is false.
Change-Id: I24ec3e388b0cbab50dbe2bf008d9569bff7bf25a
Reviewed-on: https://gerrit.libreoffice.org/70829
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
(had caused a "patch unexpectedly ends in middle of line" warning)
Change-Id: I10860a25266d1672f1fdd0ce89f3de37b260a5fb
Reviewed-on: https://gerrit.libreoffice.org/71509
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
Building against libstdc++ effectively always requires -pthread anyway (as
various standard C++ headers require it, see the comment added to
solenv/gbuild/platform/unxgcc.mk), so many explicit uses of -pthread/-lpthread
can be removed.
Doing a (partial) test build on Linux with Clang -stdlib=libc++ suggests that
libc++ indeed doesn't need -pthread as libstdc++ does.
The remaining uses of -pthread/-lpthread are mostly in configure.ac for the
various BSDs (which somebody else might want to clean up now), and related to
external projects. I tried to be careful to remove -pthread/-lpthread from
makefiles only when C++ object files are involved (so -pthread will now be
included on the link command line by default).
Change-Id: I936e082839cb9a434bd273ce5a1f187a4245dfa1
Reviewed-on: https://gerrit.libreoffice.org/71291
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
in its javac invocations, so we apparently need to set those variables instead
of ant.build.javac.source/target (which are documented at
<https://ant.apache.org/manual/javacprops.html> to be supported since Ant 1.7,
but are apparently not used here). (Found when doing a test build with Java 12
and JAVA_SOURCE/TARGET_VER explicitly configured as 7 with
<https://gerrit.libreoffice.org/#/c/71218/> "Allow to pass
JAVA_SOURCE/TARGET_VER into configure", which caused building
external/languagetool to nevertheless complain about unsupported 1.6
source/target switches.)
Change-Id: I624f77b65ef81bc592a78559e67062a42cfff05a
Reviewed-on: https://gerrit.libreoffice.org/71219
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
Change-Id: I496204ead6c495c4fee2cee18a5b9d0fd22eb8c0
Reviewed-on: https://gerrit.libreoffice.org/70951
Tested-by: Jenkins
Reviewed-by: David Tardon <dtardon@redhat.com>
|
|
On Windows, gpgme expects gpgme-w32spawn.exe to be in the same directory as the current
process executable. This assumption might be wrong, e.g., for bundled python, which is
in instdir/program/python-core-x.y.z/bin, while gpgme-w32spawn.exe is in instdir/program.
In this case, if an operation in a python script requires initializing gpgme, it will be
interrupted by a modal warning box telling that gpgme-w32spawn.exe was not found.
If we can't find gpgme-w32spawn.exe in the current executable location, then try to find
the spawn executable, and inform gpgme about actual location using gpgme_set_global_flag.
Change-Id: Ie30a0d4a6666767e8c54f1bdc67b67570d6ea47a
Reviewed-on: https://gerrit.libreoffice.org/71014
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
|
|
Change-Id: I3fe30de8140dce3d81cdfae7d41e0bd465b1d5f4
Reviewed-on: https://gerrit.libreoffice.org/70879
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
|
|
calloc,free,clock,time,ceil,frexp,fabs,ldex,access,getpid for C4013
__FUNCTION__ for C4117
Change-Id: I71e1894893f3aa9cf0e5ac699e44586144a14743
Reviewed-on: https://gerrit.libreoffice.org/70423
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
|
|
Change-Id: I8e08efb549ebd52c37183a1185d6de73f2b00601
Reviewed-on: https://gerrit.libreoffice.org/64630
Reviewed-by: himajin100000 <himajin100000@gmail.com>
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Tested-by: Michael Stahl <Michael.Stahl@cib.de>
|
|
The Pass.cpp triggers an infinite loop in clang when not optimizing (ie.
with the debugging buildls), at least with this version:
> ~/Android/Sdk/ndk-bundle/toolchains/llvm/prebuilt/linux-x86_64/bin/clang++ --version
Android (5058415 based on r339409) clang version 8.0.2 (https://android.googlesource.com/toolchain/clang 40173bab62ec746213857d083c0e8b0abb568790) (https://android.googlesource.com/toolchain/llvm 7a6618d69e7e8111e1d49dc9e7813767c5ca756a) (based on LLVM 8.0.2svn)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /local/home/kendy/Android/Sdk/ndk-bundle/toolchains/llvm/prebuilt/linux-x86_64/bin
Change-Id: Ib4984f8838fc733be6da4e24eb10915d3efbf79e
|
|
So that it does not get defined to SetFormA() or SetFormW() and still
requires no patching.
Change-Id: I4364b02306633733d8536ebd8d7d42273dfeef74
Reviewed-on: https://gerrit.libreoffice.org/70150
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
Change-Id: I0ed447dcbafb605f81c6b8c34fa2a1e5ec4bd9b8
Reviewed-on: https://gerrit.libreoffice.org/69777
Tested-by: Jenkins
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
Change-Id: I8de0e8e91d785d51b65ce884caddcc05d86bd47d
Reviewed-on: https://gerrit.libreoffice.org/69755
Tested-by: Jenkins
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
Change-Id: I1afbe64fdd8847b0a826be58ee81f218308a0ef5
Reviewed-on: https://gerrit.libreoffice.org/69661
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: Iaa4ff5cd30d3163e7a44f162bbe296c59a7111cb
Reviewed-on: https://gerrit.libreoffice.org/69514
Tested-by: Jenkins
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
Change-Id: Iaaac797812b2addd1e5693dbb4338fc1c506a26d
Reviewed-on: https://gerrit.libreoffice.org/69134
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
Fixes CVE-2019-7310.
Add patch to fix CVE-2019-9200 too.
CVE-2018-20662 looks irrelevant because we don't build pdfunite tool.
Change-Id: I5e7ddabbb341f6bfefb376d552b50c4006f41906
Reviewed-on: https://gerrit.libreoffice.org/69094
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
|
|
Change-Id: Ibc16c4e9c4a305d6fff764fcf3964a63c5322e14
Reviewed-on: https://gerrit.libreoffice.org/68921
Tested-by: Jenkins
Reviewed-by: Khaled Hosny <khaledhosny@eglug.org>
|
|
HarfBuzz 2.x has native support for AAT fonts which is, according to Chrome
developers, sgnificantly faster that HarfBuzz Core Text integration.
Change-Id: I4d5e861a1958402a6e3ccb720b10f40828c3db6a
Reviewed-on: https://gerrit.libreoffice.org/68919
Tested-by: Jenkins
Reviewed-by: Khaled Hosny <khaledhosny@eglug.org>
|
|
Change-Id: I77beadee964f08f87f2fe7cc0daef5cb91151b72
Reviewed-on: https://gerrit.libreoffice.org/68912
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: I3aea7c64acfc933e4df901d4de349708a3331bcd
Reviewed-on: https://gerrit.libreoffice.org/68811
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
After the blind fix attempt of 490f07cf7235ab3c5dc4be13c53832e3266bd8e6 "Extend
libtool RPATH outsmarting hack to external/librevenge", appears that
<https://ci.libreoffice.org/job/lo_daily_update_gandalf/596/> also needs
runpath_var=LD_RUN_PATH to be reset. (See also how
<https://src.fedoraproject.org/cgit/rpms/librevenge.git/tree/librevenge.spec
?id=4960d4c6c190885b20f56ce9ee1ad2ad92b87021#n46> addresses the same problem for
Fedora builds of librevenge.)
Change-Id: I5cff145605cd05a8b87360c1edc3574e3364139b
Reviewed-on: https://gerrit.libreoffice.org/68800
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
Change-Id: I47277272170508e9af7617e9b774bbdca05e9ec3
Reviewed-on: https://gerrit.libreoffice.org/68766
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
As a side-effect, this gets rid of some Clang
-fsanitize=implicit-signed-integer-truncation warnings.
The various external/harfbuzz/*.patch no longer applied and appear not to be
necessary any more. (But a new external/harfbuzz/msvc.patch became necessary.)
<https://dev-www.libreoffice.org/src/harfbuzz-2.3.1.tar.bz2> was downloaded from
<https://www.freedesktop.org/software/harfbuzz/release/harfbuzz-2.3.1.tar.bz2>,
and HARFBUZZ_SHA256SUM in download.lst matches <https://www.freedesktop.org/
software/harfbuzz/release/harfbuzz-2.3.1.tar.bz2.sha256>.
Change-Id: Ic85acd14b4f488b3d88ce1bafc93be271928006e
Reviewed-on: https://gerrit.libreoffice.org/68731
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
...at least some of which have presumably been missing from
ce43d0ae9279edbf1ad108fe0d8325327a038d49 "use consistent #define checks for the
Windows platform" by accident (and some just clean up comments)
Change-Id: I5532685c7df96ae3c8a25b73d8064d7433964a9b
Reviewed-on: https://gerrit.libreoffice.org/68580
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Tested-by: Stephan Bergmann <sbergman@redhat.com>
|
|
Change-Id: I9e36cb78e3e945f6531a31e0ddf73d9c8d655f7d
|
|
Apple can't afford the costly GPG licenses to sign releases apparently,
but the sha256 matches some OpenWRT and FreshPorts repos...
Fixes CVE-2015-7988.
Removing windows build patches, fixed upstream (except for the last hunk
of the SOCKET patch, but that is in code that is only used on MacOSX).
Change-Id: I9fdba5929badb75f995c66da0850d188780e7beb
Reviewed-on: https://gerrit.libreoffice.org/68092
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
|
|
Eike says that no LO code should use ICU number parser/formatter, but
meanwhile ICU is also used in the externals firebird, harfbuzz,
hunspell, libcdr, libebook, libfreehand, libmspub, libqxp, libivsio,
libxml2, libzmf, pdfium, xmlsec, so let's just patch it to be sure.
Change-Id: I3e1a76d7ceefadbe3c514ad7f1384a4daa196f36
Reviewed-on: https://gerrit.libreoffice.org/68098
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Tested-by: Michael Stahl <Michael.Stahl@cib.de>
|
|
This fixes some minor CVEs.
Not including the fix for CVE-2018-18064, which does not affect LO
because we use the default implementation of FT_Memory which uses
free/malloc.
Change-Id: Ic047ed52cff3fdeba068f1b8d303c6c96c69addd
Reviewed-on: https://gerrit.libreoffice.org/68088
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
|
