From 3ec9bccaabb4a2998c9bd29992af1d1880b284d8 Mon Sep 17 00:00:00 2001 From: Caolán McNamara Date: Thu, 6 Feb 2014 21:07:19 +0000 Subject: silence coverity#1027865 Out-of-bounds access and coverity#1027864 Change-Id: Ic3d1b91ef77ab3510c7428b7135dd9f249d56b4b --- comphelper/source/misc/docpasswordhelper.cxx | 16 ++++++++++++++-- filter/source/msfilter/mscodec.cxx | 2 +- include/comphelper/docpasswordhelper.hxx | 8 ++++++++ 3 files changed, 23 insertions(+), 3 deletions(-) diff --git a/comphelper/source/misc/docpasswordhelper.cxx b/comphelper/source/misc/docpasswordhelper.cxx index 9d312a341f58..72b8636cbe7b 100644 --- a/comphelper/source/misc/docpasswordhelper.cxx +++ b/comphelper/source/misc/docpasswordhelper.cxx @@ -284,7 +284,18 @@ Sequence< sal_Int8 > DocPasswordHelper::GetXLHashAsSequence( /*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateStd97Key( const sal_uInt16 pPassData[16], const uno::Sequence< sal_Int8 >& aDocId ) { uno::Sequence< sal_Int8 > aResultKey; - if ( pPassData[0] && aDocId.getLength() == 16 ) + + if ( aDocId.getLength() == 16 ) + aResultKey = GenerateStd97Key(pPassData, (const sal_uInt8*)aDocId.getConstArray()); + + return aResultKey; +} + +// ============================================================================ +/*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateStd97Key( const sal_uInt16 pPassData[16], const sal_uInt8 pDocId[16] ) +{ + uno::Sequence< sal_Int8 > aResultKey; + if ( pPassData[0] ) { sal_uInt8 pKeyData[64]; memset( pKeyData, 0, sizeof(pKeyData) ); @@ -312,7 +323,7 @@ Sequence< sal_Int8 > DocPasswordHelper::GetXLHashAsSequence( for ( nInd = 0; nInd < 16; nInd++ ) { rtl_digest_updateMD5( hDigest, pKeyData, 5 ); - rtl_digest_updateMD5( hDigest, (const sal_uInt8*)aDocId.getConstArray(), aDocId.getLength() ); + rtl_digest_updateMD5( hDigest, pDocId, 16 ); } // Update digest with padding. @@ -334,6 +345,7 @@ Sequence< sal_Int8 > DocPasswordHelper::GetXLHashAsSequence( return aResultKey; } + // ============================================================================ /*static*/ ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue > DocPasswordHelper::requestAndVerifyDocPassword( diff --git a/filter/source/msfilter/mscodec.cxx b/filter/source/msfilter/mscodec.cxx index b9118228a742..eb5ea4c54937 100644 --- a/filter/source/msfilter/mscodec.cxx +++ b/filter/source/msfilter/mscodec.cxx @@ -331,7 +331,7 @@ void MSCodec_Std97::InitKey ( #if DEBUG_MSO_ENCRYPTION_STD97 fprintf(stdout, "MSCodec_Std97::InitKey: --begin\n");fflush(stdout); #endif - uno::Sequence< sal_Int8 > aKey = ::comphelper::DocPasswordHelper::GenerateStd97Key( pPassData, uno::Sequence< sal_Int8 >( (sal_Int8*)pDocId, 16 ) ); + uno::Sequence< sal_Int8 > aKey = ::comphelper::DocPasswordHelper::GenerateStd97Key(pPassData, pDocId); // Fill raw digest of above updates into DigestValue. if ( aKey.getLength() == sizeof(m_pDigestValue) ) diff --git a/include/comphelper/docpasswordhelper.hxx b/include/comphelper/docpasswordhelper.hxx index 8c160fd32e1f..92b2731166c2 100644 --- a/include/comphelper/docpasswordhelper.hxx +++ b/include/comphelper/docpasswordhelper.hxx @@ -220,6 +220,14 @@ public: const sal_uInt16 pPassData[16], const ::com::sun::star::uno::Sequence< sal_Int8 >& aDocId ); + /** This helper function generates a byte sequence representing the + key digest value used by MSCodec_Std97 codec. + */ + + static ::com::sun::star::uno::Sequence< sal_Int8 > GenerateStd97Key( + const sal_uInt16 pPassData[16], + const sal_uInt8 pDocId[16] ); + // ------------------------------------------------------------------------ /** This helper function tries to request and verify a password to load a -- cgit