tdf#105844 package: check for unexpected zip entries on loading ...
... ODF wholesome encrypted package.
There can only be "mimetype", "encrypted-package", and files in
"META-INF".
Change-Id: I5eb46ba29a1a62e25af09e189e0a075a871c71c4
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160718
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit fb9c58a2f32c352e44ffa30e721ef796dc591d33)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160794
diff --git a/package/inc/ZipPackageFolder.hxx b/package/inc/ZipPackageFolder.hxx
index cfdcd99..edc46e9 100644
--- a/package/inc/ZipPackageFolder.hxx
+++ b/package/inc/ZipPackageFolder.hxx
@@ -79,7 +79,7 @@ public:
const OUString& GetVersion() const { return m_sVersion; }
void SetVersion( const OUString& aVersion ) { m_sVersion = aVersion; }
bool LookForUnexpectedODF12Streams( std::u16string_view aPath );
bool LookForUnexpectedODF12Streams(std::u16string_view aPath, bool isWholesomeEncryption);
void setChildStreamsTypeByExtension( const css::beans::StringPair& aPair );
diff --git a/package/source/zippackage/ZipPackage.cxx b/package/source/zippackage/ZipPackage.cxx
index 459b998..8fb6c27 100644
--- a/package/source/zippackage/ZipPackage.cxx
+++ b/package/source/zippackage/ZipPackage.cxx
@@ -452,7 +452,8 @@ void ZipPackage::parseManifest()
m_xRootFolder->removeByName( sMimetype );
}
m_bInconsistent = m_xRootFolder->LookForUnexpectedODF12Streams( std::u16string_view() );
m_bInconsistent = m_xRootFolder->LookForUnexpectedODF12Streams(
std::u16string_view(), m_xRootFolder->hasByName("encrypted-package"));
bool bODF12AndNewer = ( m_xRootFolder->GetVersion().compareTo( ODFVER_012_TEXT ) >= 0 );
if ( !m_bForceRecovery && bODF12AndNewer )
diff --git a/package/source/zippackage/ZipPackageFolder.cxx b/package/source/zippackage/ZipPackageFolder.cxx
index 906f361..21c71b1 100644
--- a/package/source/zippackage/ZipPackageFolder.cxx
+++ b/package/source/zippackage/ZipPackageFolder.cxx
@@ -70,7 +70,8 @@ ZipPackageFolder::~ZipPackageFolder()
{
}
bool ZipPackageFolder::LookForUnexpectedODF12Streams( std::u16string_view aPath )
bool ZipPackageFolder::LookForUnexpectedODF12Streams(
std::u16string_view const aPath, bool const isWholesomeEncryption)
{
bool bHasUnexpected = false;
@@ -83,10 +84,14 @@ bool ZipPackageFolder::LookForUnexpectedODF12Streams( std::u16string_view aPath
// META-INF is not allowed to contain subfolders
bHasUnexpected = true;
}
else if (isWholesomeEncryption && rShortName != u"META-INF")
{
bHasUnexpected = true;
}
else
{
OUString sOwnPath = aPath + rShortName + "/";
bHasUnexpected = rInfo.pFolder->LookForUnexpectedODF12Streams( sOwnPath );
bHasUnexpected = rInfo.pFolder->LookForUnexpectedODF12Streams(sOwnPath, isWholesomeEncryption);
}
}
else
@@ -102,6 +107,10 @@ bool ZipPackageFolder::LookForUnexpectedODF12Streams( std::u16string_view aPath
// streams from META-INF with expected names are allowed not to be registered in manifest.xml
}
else if (isWholesomeEncryption && rShortName != "mimetype" && rShortName != "encrypted-package")
{
bHasUnexpected = true;
}
else if ( !rInfo.pStream->IsFromManifest() )
{
// the stream is not in META-INF and is not registered in manifest.xml,
