sot: don't leak uninitialized memory into temp file

Both valgrind and drmemory complain about this in SdExportTest::testSwappedOutImageExport() via SfxOleThumbnailProperty::ImplSave(). Syscall param pwrite64(buf) points to uninitialised byte(s) UNINITIALIZED READ: reading 0x0455b1b4-0x0455b1c8 20 byte(s) within... It appears that the stream writes out everything up to the seek position anyway (otherwise the size check wouldn't work, with sparse files) so make sure it's all zeroed. Also fix SvMemoryStream::ReAllocateMemory() to zero it. Change-Id: Id86dfa65ef6f7d1bba4810f121e01473c5fcf4c7

sot: don't leak uninitialized memory into temp file
Both valgrind and drmemory complain about this in SdExportTest::testSwappedOutImageExport() via SfxOleThumbnailProperty::ImplSave(). Syscall param pwrite64(buf) points to uninitialised byte(s) UNINITIALIZED READ: reading 0x0455b1b4-0x0455b1c8 20 byte(s) within... It appears that the stream writes out everything up to the seek position anyway (otherwise the size check wouldn't work, with sparse files) so make sure it's all zeroed. Also fix SvMemoryStream::ReAllocateMemory() to zero it. Change-Id: Id86dfa65ef6f7d1bba4810f121e01473c5fcf4c7
6a223b9a · Michael Stahl · 0c191e2b · 6a223b9a · 6a223b9a
Kaydet (Commit) 6a223b9a authored Agu 28, 2015 tarafından Michael Stahl
Hide whitespace changes
Inline Side-by-side

Showing with 18 additions and 5 deletions

stgstrms.cxx sot/source/sdstor/stgstrms.cxx +12 -3

stream.cxx tools/source/stream/stream.cxx +6 -2

No files found.
--- a/sot/source/sdstor/stgstrms.cxx
+++ b/sot/source/sdstor/stgstrms.cxx
@@ -1188,9 +1188,9 @@ void StgTmpStrm::SetSize(sal_uInt64 n)
            SvFileStream* s = new SvFileStream( aName, STREAM_READWRITE );
            sal_uLong nCur = Tell();
            sal_uLong i = nEndOfData;
+            std::unique_ptr<sal_uInt8[]> p(new sal_uInt8[ 4096 ]);
            if( i )
            {
-                std::unique_ptr<sal_uInt8[]> p(new sal_uInt8[ 4096 ]);
                Seek( 0L );
                while( i )
                {
@@ -1207,8 +1207,17 @@ void StgTmpStrm::SetSize(sal_uInt64 n)
                // We have to write one byte at the end of the file
                // if the file is bigger than the memstream to see
                // if it fits on disk
-                s->Seek( n - 1 );
+                s->Seek(nEndOfData);
-                s->Write( &i, 1 );
+                memset(p.get(), 0x00, 4096);
+                i = n - nEndOfData;
+                while (i)
+                {
+                    sal_uLong const nb = (i > 4096) ? 4096 : i;
+                    if (s->Write(p.get(), nb) == nb)
+                        i -= nb;
+                    else
+                        break; // error
+                }
                s->Flush();
                if( s->GetError() != SVSTREAM_OK )
                    i = 1;

--- a/tools/source/stream/stream.cxx
+++ b/tools/source/stream/stream.cxx
@@ -1899,9 +1899,13 @@ bool SvMemoryStream::ReAllocateMemory( long nDiff )
            if( nEndOfData >= nNewSize )
                nEndOfData = nNewSize-1L;
        }
-        else if (nSize != 0)
+        else
        {
-            memcpy( pNewBuf, pBuf, (size_t)nSize );
+            if (nSize != 0)
+            {
+                memcpy( pNewBuf, pBuf, (size_t)nSize );
+            }
+            memset(pNewBuf + nSize, 0x00, nNewSize - nSize);
        }
        FreeMemory();