[PATCH] Conform AlignEngine parsing to what section 2.3.4.10 of the spec has

Change-Id: Ibb9162b1ce7993ef74665ec0329c95b423fa8174
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/201944
Reviewed-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com>
Tested-by: Jenkins
Gbp-Pq: Name Conform-AlignEngine-parsing-to-spec.diff

diff --git a/oox/source/crypto/AgileEngine.cxx b/oox/source/crypto/AgileEngine.cxx
index f7518498171da4a9c342d46b3a3dd387fecc971a..7691cb8c39b6b351d6076b6d2687942178b636cd 100644 (file)
--- a/oox/source/crypto/AgileEngine.cxx
+++ b/oox/source/crypto/AgileEngine.cxx
@@ -8,6 +8,8 @@
  *
  */
 
+#include <o3tl/safeint.hxx>
+#include <sal/log.hxx>
 #include <oox/crypto/AgileEngine.hxx>
 
 #include <oox/helper/binaryinputstream.hxx>
@@ -537,8 +539,21 @@ bool AgileEngine::readEncryptionInfo(uno::Reference<io::XInputStream> & rxInputS
     if (0 > mInfo.spinCount || mInfo.spinCount > 10000000)
         return false;
 
-    if (1 > mInfo.saltSize|| mInfo.saltSize > 65536) // Check
+    // [MS-OFFCRYPTO] 2.3.4.10: saltSize "MUST be at least 1 and no greater than 65,536"
+    if (1 > mInfo.saltSize || mInfo.saltSize > 65536)
+    {
+        SAL_WARN("oox", "AgileEngine::readEncryptionInfo(): saltSize out of range: " << mInfo.saltSize);
+        return false;
+    }
+
+    // [MS-OFFCRYPTO] 2.3.4.10: "The number of bytes required to decode the saltValue
+    // attribute MUST be equal to the value of the saltSize attribute"
+    if (mInfo.keyDataSalt.size() != o3tl::make_unsigned(mInfo.saltSize))
+    {
+        SAL_WARN("oox", "AgileEngine::readEncryptionInfo(): keyDataSalt size " << mInfo.keyDataSalt.size()
+                 << " does not match saltSize " << mInfo.saltSize);
         return false;
+    }
 
     // AES 128 CBC with SHA1
     if (mInfo.keyBits         == 128 &&