From 4e639c37b4dcdc27d46111d0d0cbca966544c2cb Mon Sep 17 00:00:00 2001
From: Caolán McNamara <caolanm@redhat.com>
Date: Mon, 18 Jan 2021 16:19:10 +0000
Subject: ofz#29691 revert throw SvStreamEOFException
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

reasonably sane code like
s.ReadUInt32(a).ReadUInt32(b).ReadUInt32(c).ReadUInt32(d);
if (s.good())
    // use a, b, c d;
stopped working.

FWIW on a short read we retain whatever was in the variable before the
read, rather than overwrite it with new random data, so
sal_uInt32 a(0xdead); s.ReadUInt32(a); assert(s.good() || a == 0xdead);

the msoffice ppt/escher/xls/doc filters especially speculatively parse
and rely on a variables preinit value in the case of a short read.

commit b345a2bab0d6f981049951a86b172ce49ce7d4c2
    cid#1470786 Uncaught exception

commit 71aec4726a94dcde1169fd293dbecfeb0e840e6d
    ofz#29528 uncaught exception

commit bed03603f6cae264abb9e5b58aa2ab00448d92ff
    ofz#29414 uncaught exception

commit 684885a99a1eb7ad943e9736166d4bb1468663be
    ofz#29443 uncaught exception

commit 93574ac7768d247ed754ecda322e54e4bd447e43
    ofz#29251 Abrt

commit 413db68d95bd39d34e6a6b81a7c5c9478ced0514
    ofz#29152 short read

commit f400e883044143f999c460375a293647b4a57244
    ofz#29151 short read

commit 96ea80a725dfe4ef38993f78917c243f13e3beb5
    ofz#29129 Abrt on uncaught exception

commit 646a635efe6eecbc3d1dd3a7cbb02a278c6f3be5
    ofz#28931 Indirect-leak

commit b0e573f18629d28fe3179c12d0d434653f92fc93
    ofz#29030 Abrt in xlsfuzzer

commit 95407c39168d186ee44e67b1a6a4bcf592c58b84
    ofz#28902 uncaught exception

commit 45175d655ad3773df1c006182108cf25e87b1091
    oss-fuzz: tgafuzzer doesn't pass sanity check

commit b82fc702bae9d6190bda1b4818a47cfa197df6d8
    oss-fuzz: psdfuzzer doesn't pass sanity check

commit e7c76d604a4694e6568bf10c2a06a786f1096319
    oss-fuzz: epsfuzzer doesn't pass sanity check

commit 901e5e7c9170184e286ea3e46fce406136aa9572
    oss-fuzz: xlsfuzzer doesn't pass sanity check

commit 127bfab61c297df06fd8e71e709bc4362cb89d21
    oss-fuzz: pngfuzzer doesn't pass sanity check

commit 77387ae00ae27e3f8bcdf7bccf97fb2db8f196b7
    oss-fuzz: mtpfuzzer doesn't pass sanity check

commit 974ffa79b0fef4ca76558bb8b16bce84af3aaf6c
    oss-fuzz: xlsxfuzzer doesn't pass sanity check

commit 6d6d104cbb382d0045e1f04b12d268992fa5c624
    oss-fuzz: bmpfuzzer doesn't pass sanity check

commit a7d1d107ec58d3b00b4019c89edddcff71ca6ff3
    oss-fuzz: qpwfuzzer doesn't pass sanity check

commit 898993aa62276f59480df8af1da4bad530829b56
    oss-fuzz: pcxfuzzer doesn't pass sanity check

throw/catch parts of
commit 8c9a4ff511a3b1d84a7a6d08a1b153c07f164abb
    throw exception in SvStream when reading past end of file

Change-Id: Ic49c249768b17b64d8e868655dbc05b31906c2e6
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109621
Tested-by: Jenkins
Tested-by: Caolán McNamara <caolanm@redhat.com>
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
---
 sot/source/sdstor/stg.cxx     | 13 ++-----------
 sot/source/sdstor/stgelem.cxx |  4 ++--
 sot/source/sdstor/stgio.cxx   | 12 +-----------
 3 files changed, 5 insertions(+), 24 deletions(-)

(limited to 'sot')

diff --git a/sot/source/sdstor/stg.cxx b/sot/source/sdstor/stg.cxx
index 73a19719f86e..398e3fdb53d1 100644
--- a/sot/source/sdstor/stg.cxx
+++ b/sot/source/sdstor/stg.cxx
@@ -315,17 +315,8 @@ bool Storage::IsStorageFile( SvStream* pStream )
     {
         StgHeader aHdr;
         sal_uInt64 nPos = pStream->Tell();
-        try
-        {
-            bRet = ( aHdr.Load( *pStream ) && aHdr.Check() );
-        }
-        catch(SvStreamEOFException&)
-        {
-            // It's not a stream error if it is too small for an OLE storage header
-            pStream->ResetError();
-            pStream->Seek( nPos );
-            return false;
-        }
+        bRet = ( aHdr.Load( *pStream ) && aHdr.Check() );
+
         // It's not a stream error if it is too small for an OLE storage header
         if ( pStream->GetErrorCode() == ERRCODE_IO_CANTSEEK )
             pStream->ResetError();
diff --git a/sot/source/sdstor/stgelem.cxx b/sot/source/sdstor/stgelem.cxx
index 3b946f4c77b4..ff41d8d70f9c 100644
--- a/sot/source/sdstor/stgelem.cxx
+++ b/sot/source/sdstor/stgelem.cxx
@@ -126,9 +126,9 @@ bool StgHeader::Load( SvStream& r )
 {
     r.Seek( 0 );
     r.ReadBytes( m_cSignature, 8 );
-    ReadClsId( r, m_aClsId );                   // 08 Class ID
+    ReadClsId( r, m_aClsId );         // 08 Class ID
     r.ReadInt32( m_nVersion )                   // 1A version number
-     .ReadUInt16( m_nByteOrder )                // 1C Unicode byte order indicator
+     .ReadUInt16( m_nByteOrder )                 // 1C Unicode byte order indicator
      .ReadInt16( m_nPageSize )                  // 1E 1 << nPageSize = block size
      .ReadInt16( m_nDataPageSize );             // 20 1 << this size == data block size
     if (!r.good())
diff --git a/sot/source/sdstor/stgio.cxx b/sot/source/sdstor/stgio.cxx
index c4294924697a..7d90c490c634 100644
--- a/sot/source/sdstor/stgio.cxx
+++ b/sot/source/sdstor/stgio.cxx
@@ -55,17 +55,7 @@ bool StgIo::Load()
 {
     if( GetStrm() )
     {
-        bool bLoaded;
-        try
-        {
-            bLoaded = m_aHdr.Load(*this);
-        }
-        catch (const SvStreamEOFException&)
-        {
-            SAL_WARN("sot", "EOF");
-            bLoaded = false;
-        }
-        if (bLoaded)
+        if( m_aHdr.Load( *this ) )
         {
             if( m_aHdr.Check() )
                 SetupStreams();
-- 
cgit