From 8b55d1ca2ef8ac63b43980dde4efac57dc54fa18 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
Date: Thu, 20 Apr 2023 20:58:21 +0100
Subject: [PATCH] [3/3] CVE-2023-2255 assume IFrame script/macro support isn't
 needed
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

seems undocumented at least

Change-Id: I316e4f4f25ddb7cf6b7bac4d856a721b987207a3
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/151020
Tested-by: Jenkins
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/152152
Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
bug: https://www.libreoffice.org/about-us/security/advisories/cve-2023-2255/
bug-debian-security: https://security-tracker.debian.org/tracker/CVE-2023-2255

Gbp-Pq: Name 0080-3-3-CVE-2023-2255-assume-IFrame-script-macro-support.patch
---
 sfx2/source/doc/iframe.cxx | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/sfx2/source/doc/iframe.cxx b/sfx2/source/doc/iframe.cxx
index 8fa65269dfd..0cb8f96951d 100644
--- a/sfx2/source/doc/iframe.cxx
+++ b/sfx2/source/doc/iframe.cxx
@@ -167,20 +167,16 @@ sal_Bool SAL_CALL IFrameObject::load(
         uno::Reference < util::XURLTransformer > xTrans( util::URLTransformer::create( mxContext ) );
         xTrans->parseStrict( aTargetURL );
 
+        INetURLObject aURLObject(aTargetURL.Complete);
+        if (aURLObject.GetProtocol() == INetProtocol::Macro || aURLObject.isSchemeEqualTo(u"vnd.sun.star.script"))
+            return false;
+
         uno::Reference<frame::XFramesSupplier> xParentFrame = xFrame->getCreator();
         SfxObjectShell* pDoc = SfxMacroLoader::GetObjectShell(xParentFrame);
 
-        if (INetURLObject(aTargetURL.Complete).GetProtocol() == INetProtocol::Macro)
-        {
-            if (pDoc && !pDoc->AdjustMacroMode())
-                return false;
-        }
-
         bool bUpdateAllowed(true);
         if (pDoc)
         {
-            // perhaps should only check for file targets, but lets default to making it strong
-            // unless there is a known need to distinguish
             comphelper::EmbeddedObjectContainer& rEmbeddedObjectContainer = pDoc->getEmbeddedObjectContainer();
             bUpdateAllowed = rEmbeddedObjectContainer.getUserAllowsLinkUpdate();
         }
-- 
2.30.2