From 11e8d7c48abbe546f591a8b141f711d5cecfeffd Mon Sep 17 00:00:00 2001 From: Debao Zhang Date: Thu, 12 Dec 2013 15:50:45 +0800 Subject: [PATCH] Prevent while() from causing potential infinite loops If xml files don't have proper close tags, don't generate an infinite loop in our library. --- src/xlsx/xlsxcontenttypes.cpp | 4 ++-- src/xlsx/xlsxdocpropsapp.cpp | 2 +- src/xlsx/xlsxdocpropscore.cpp | 2 +- src/xlsx/xlsxrelationships.cpp | 2 +- src/xlsx/xlsxsharedstrings.cpp | 8 +++---- src/xlsx/xlsxstyles.cpp | 44 ++++++++++++++++------------------ src/xlsx/xlsxworkbook.cpp | 4 ++-- src/xlsx/xlsxworksheet.cpp | 26 ++++++++++---------- 8 files changed, 44 insertions(+), 48 deletions(-) diff --git a/src/xlsx/xlsxcontenttypes.cpp b/src/xlsx/xlsxcontenttypes.cpp index 8c3f877..6b4cf8e 100755 --- a/src/xlsx/xlsxcontenttypes.cpp +++ b/src/xlsx/xlsxcontenttypes.cpp @@ -121,7 +121,7 @@ void ContentTypes::saveToXmlFile(QIODevice *device) { QMapIterator it(m_defaults); - while(it.hasNext()) { + while (it.hasNext()) { it.next(); writer.writeStartElement(QStringLiteral("Default")); writer.writeAttribute(QStringLiteral("Extension"), it.key()); @@ -132,7 +132,7 @@ void ContentTypes::saveToXmlFile(QIODevice *device) { QMapIterator it(m_overrides); - while(it.hasNext()) { + while (it.hasNext()) { it.next(); writer.writeStartElement(QStringLiteral("Override")); writer.writeAttribute(QStringLiteral("PartName"), it.key()); diff --git a/src/xlsx/xlsxdocpropsapp.cpp b/src/xlsx/xlsxdocpropsapp.cpp index 806d777..e51d841 100755 --- a/src/xlsx/xlsxdocpropsapp.cpp +++ b/src/xlsx/xlsxdocpropsapp.cpp @@ -144,7 +144,7 @@ DocPropsApp DocPropsApp::loadFromXmlFile(QIODevice *device) { DocPropsApp props; QXmlStreamReader reader(device); - while(!reader.atEnd()) { + while (!reader.atEnd()) { QXmlStreamReader::TokenType token = reader.readNext(); if (token == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("Properties")) diff --git a/src/xlsx/xlsxdocpropscore.cpp b/src/xlsx/xlsxdocpropscore.cpp index 1b5fef5..0e8c7e6 100644 --- a/src/xlsx/xlsxdocpropscore.cpp +++ b/src/xlsx/xlsxdocpropscore.cpp @@ -143,7 +143,7 @@ DocPropsCore DocPropsCore::loadFromXmlFile(QIODevice *device) const QString dc = QStringLiteral("http://purl.org/dc/elements/1.1/"); const QString dcterms = QStringLiteral("http://purl.org/dc/terms/"); - while(!reader.atEnd()) { + while (!reader.atEnd()) { QXmlStreamReader::TokenType token = reader.readNext(); if (token == QXmlStreamReader::StartElement) { const QStringRef nsUri = reader.namespaceUri(); diff --git a/src/xlsx/xlsxrelationships.cpp b/src/xlsx/xlsxrelationships.cpp index f60f37b..22b9b92 100755 --- a/src/xlsx/xlsxrelationships.cpp +++ b/src/xlsx/xlsxrelationships.cpp @@ -135,7 +135,7 @@ Relationships Relationships::loadFromXmlFile(QIODevice *device) Relationships rels; QXmlStreamReader reader(device); - while(!reader.atEnd()) { + while (!reader.atEnd()) { QXmlStreamReader::TokenType token = reader.readNext(); if (token == QXmlStreamReader::StartElement) { if (reader.name() == QStringLiteral("Relationship")) { diff --git a/src/xlsx/xlsxsharedstrings.cpp b/src/xlsx/xlsxsharedstrings.cpp index 1999641..bd66171 100755 --- a/src/xlsx/xlsxsharedstrings.cpp +++ b/src/xlsx/xlsxsharedstrings.cpp @@ -253,7 +253,7 @@ void SharedStrings::readString(QXmlStreamReader &reader) RichString richString; - while (!(reader.name() == QLatin1String("si") && reader.tokenType() == QXmlStreamReader::EndElement)) { + while (!reader.atEnd() && !(reader.name() == QLatin1String("si") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("r")) @@ -274,7 +274,7 @@ void SharedStrings::readRichStringPart(QXmlStreamReader &reader, RichString &ric QString text; Format format; - while (!(reader.name() == QLatin1String("r") && reader.tokenType() == QXmlStreamReader::EndElement)) { + while (!reader.atEnd() && !(reader.name() == QLatin1String("r") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("rPr")) { @@ -301,7 +301,7 @@ Format SharedStrings::readRichStringPart_rPr(QXmlStreamReader &reader) { Q_ASSERT(reader.name() == QLatin1String("rPr")); Format format; - while (!(reader.name() == QLatin1String("rPr") && reader.tokenType() == QXmlStreamReader::EndElement)) { + while (!reader.atEnd() && !(reader.name() == QLatin1String("rPr") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { QXmlStreamAttributes attributes = reader.attributes(); @@ -359,7 +359,7 @@ bool SharedStrings::loadFromXmlFile(QIODevice *device) { QXmlStreamReader reader(device); int count = 0; - while(!reader.atEnd()) { + while (!reader.atEnd()) { QXmlStreamReader::TokenType token = reader.readNext(); if (token == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("sst")) { diff --git a/src/xlsx/xlsxstyles.cpp b/src/xlsx/xlsxstyles.cpp index e38d1c2..e9ca329 100755 --- a/src/xlsx/xlsxstyles.cpp +++ b/src/xlsx/xlsxstyles.cpp @@ -156,7 +156,7 @@ void Styles::fixNumFmt(const Format &format) } else { QHashIterator it(m_builtinNumFmtsHash); bool find=false; - while(it.hasNext()) { + while (it.hasNext()) { it.next(); if (it.value() == id) const_cast(&format)->fixNumberFormat(id, it.key()); @@ -330,7 +330,7 @@ void Styles::writeNumFmts(QXmlStreamWriter &writer) writer.writeAttribute(QStringLiteral("count"), QString::number(m_customNumFmtIdMap.count())); QMapIterator > it(m_customNumFmtIdMap); - while(it.hasNext()) { + while (it.hasNext()) { it.next(); writer.writeEmptyElement(QStringLiteral("numFmt")); writer.writeAttribute(QStringLiteral("numFmtId"), QString::number(it.value()->formatIndex)); @@ -724,7 +724,7 @@ bool Styles::readFonts(QXmlStreamReader &reader) QXmlStreamAttributes attributes = reader.attributes(); bool hasCount = attributes.hasAttribute(QLatin1String("count")); int count = hasCount ? attributes.value(QLatin1String("count")).toString().toInt() : -1; - while(!reader.atEnd() && !(reader.tokenType() == QXmlStreamReader::EndElement + while (!reader.atEnd() && !(reader.tokenType() == QXmlStreamReader::EndElement && reader.name() == QLatin1String("fonts"))) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { @@ -749,7 +749,9 @@ bool Styles::readFonts(QXmlStreamReader &reader) bool Styles::readFont(QXmlStreamReader &reader, Format &format) { Q_ASSERT(reader.name() == QLatin1String("font")); - while((reader.readNextStartElement(), true)) { //read until font endelement. + while (!reader.atEnd() && !(reader.tokenType() == QXmlStreamReader::EndElement + && reader.name() == QLatin1String("font"))) { + reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { QXmlStreamAttributes attributes = reader.attributes(); if (reader.name() == QLatin1String("name")) { @@ -799,9 +801,6 @@ bool Styles::readFont(QXmlStreamReader &reader, Format &format) format.setProperty(FormatPrivate::P_Font_Scheme, attributes.value(QLatin1String("val")).toString()); } } - - if (reader.tokenType() == QXmlStreamReader::EndElement && reader.name() == QLatin1String("font")) - break; } return true; } @@ -813,7 +812,7 @@ bool Styles::readFills(QXmlStreamReader &reader) QXmlStreamAttributes attributes = reader.attributes(); bool hasCount = attributes.hasAttribute(QLatin1String("count")); int count = hasCount ? attributes.value(QLatin1String("count")).toString().toInt() : -1; - while(!reader.atEnd() && !(reader.tokenType() == QXmlStreamReader::EndElement + while (!reader.atEnd() && !(reader.tokenType() == QXmlStreamReader::EndElement && reader.name() == QLatin1String("fills"))) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { @@ -862,7 +861,8 @@ bool Styles::readFill(QXmlStreamReader &reader, Format &fill) patternValues[QStringLiteral("lightGrid")] = Format::PatternLightGrid; } - while((reader.readNextStartElement(), true)) { //read until fill endelement + while (!reader.atEnd() && !(reader.tokenType() == QXmlStreamReader::EndElement && reader.name() == QLatin1String("fill"))) { + reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("patternFill")) { QXmlStreamAttributes attributes = reader.attributes(); @@ -886,9 +886,6 @@ bool Styles::readFill(QXmlStreamReader &reader, Format &fill) fill.setProperty(FormatPrivate::P_Fill_BgColor, c); } } - - if (reader.tokenType() == QXmlStreamReader::EndElement && reader.name() == QLatin1String("fill")) - break; } return true; @@ -901,7 +898,7 @@ bool Styles::readBorders(QXmlStreamReader &reader) QXmlStreamAttributes attributes = reader.attributes(); bool hasCount = attributes.hasAttribute(QLatin1String("count")); int count = hasCount ? attributes.value(QLatin1String("count")).toString().toInt() : -1; - while(!reader.atEnd() && !(reader.tokenType() == QXmlStreamReader::EndElement + while (!reader.atEnd() && !(reader.tokenType() == QXmlStreamReader::EndElement && reader.name() == QLatin1String("borders"))) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { @@ -939,7 +936,8 @@ bool Styles::readBorder(QXmlStreamReader &reader, Format &border) else if (isDown) border.setDiagonalBorderType(Format::DiagonalBorderDown); - while((reader.readNextStartElement(), true)) { //read until border endelement + while (!reader.atEnd() && !(reader.tokenType() == QXmlStreamReader::EndElement && reader.name() == QLatin1String("border"))) { + reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("left") || reader.name() == QLatin1String("right") || reader.name() == QLatin1String("top") || reader.name() == QLatin1String("bottom") @@ -1007,13 +1005,11 @@ bool Styles::readSubBorder(QXmlStreamReader &reader, const QString &name, Format if (stylesStringsMap.contains(styleString)) { //get style style = stylesStringsMap[styleString]; - while((reader.readNextStartElement(),true)) { + while (!reader.atEnd() && !(reader.tokenType() == QXmlStreamReader::EndElement && reader.name() == name)) { + reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("color")) color.loadFromXml(reader, this); - } else if (reader.tokenType() == QXmlStreamReader::EndElement) { - if (reader.name() == name) - break; } } } @@ -1028,7 +1024,7 @@ bool Styles::readCellXfs(QXmlStreamReader &reader) QXmlStreamAttributes attributes = reader.attributes(); bool hasCount = attributes.hasAttribute(QLatin1String("count")); int count = hasCount ? attributes.value(QLatin1String("count")).toString().toInt() : -1; - while(!reader.atEnd() && !(reader.tokenType() == QXmlStreamReader::EndElement + while (!reader.atEnd() && !(reader.tokenType() == QXmlStreamReader::EndElement && reader.name() == QLatin1String("cellXfs"))) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { @@ -1180,7 +1176,7 @@ bool Styles::readDxf(QXmlStreamReader &reader) { Q_ASSERT(reader.name() == QLatin1String("dxf")); Format format; - while (!(reader.name() == QLatin1String("dxf") && reader.tokenType() == QXmlStreamReader::EndElement)) { + while (!reader.atEnd() && !(reader.name() == QLatin1String("dxf") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("numFmt")) { @@ -1204,7 +1200,7 @@ bool Styles::readDxf(QXmlStreamReader &reader) bool Styles::readColors(QXmlStreamReader &reader) { Q_ASSERT(reader.name() == QLatin1String("colors")); - while (!(reader.name() == QLatin1String("colors") && reader.tokenType() == QXmlStreamReader::EndElement)) { + while (!reader.atEnd() && !(reader.name() == QLatin1String("colors") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("indexedColors")) { @@ -1220,7 +1216,7 @@ bool Styles::readColors(QXmlStreamReader &reader) bool Styles::readIndexedColors(QXmlStreamReader &reader) { Q_ASSERT(reader.name() == QLatin1String("indexedColors")); - while (!(reader.name() == QLatin1String("indexedColors") && reader.tokenType() == QXmlStreamReader::EndElement)) { + while (!reader.atEnd() && !(reader.name() == QLatin1String("indexedColors") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("rgbColor")) { @@ -1237,7 +1233,7 @@ bool Styles::loadFromXmlFile(QIODevice *device) { //Try load colors part first! QXmlStreamReader reader(device); - while(!reader.atEnd()) { + while (!reader.atEnd()) { QXmlStreamReader::TokenType token = reader.readNext(); if (token == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("colors")) { @@ -1249,7 +1245,7 @@ bool Styles::loadFromXmlFile(QIODevice *device) } QXmlStreamReader reader(device); - while(!reader.atEnd()) { + while (!reader.atEnd()) { QXmlStreamReader::TokenType token = reader.readNext(); if (token == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("numFmts")) { diff --git a/src/xlsx/xlsxworkbook.cpp b/src/xlsx/xlsxworkbook.cpp index ca86814..da9187d 100755 --- a/src/xlsx/xlsxworkbook.cpp +++ b/src/xlsx/xlsxworkbook.cpp @@ -382,7 +382,7 @@ bool Workbook::loadFromXmlFile(QIODevice *device) Q_D(Workbook); QXmlStreamReader reader(device); - while(!reader.atEnd()) { + while (!reader.atEnd()) { QXmlStreamReader::TokenType token = reader.readNext(); if (token == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("sheet")) { @@ -399,7 +399,7 @@ bool Workbook::loadFromXmlFile(QIODevice *device) if (attrs.hasAttribute(QLatin1String("date1904"))) d->date1904 = true; } else if (reader.name() == QLatin1String("bookviews")) { - while(!(reader.name() == QLatin1String("bookviews") && reader.tokenType() == QXmlStreamReader::EndElement)) { + while (!(reader.name() == QLatin1String("bookviews") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("workbookView")) { diff --git a/src/xlsx/xlsxworksheet.cpp b/src/xlsx/xlsxworksheet.cpp index be954b8..77f4cb2 100755 --- a/src/xlsx/xlsxworksheet.cpp +++ b/src/xlsx/xlsxworksheet.cpp @@ -1316,7 +1316,7 @@ void WorksheetPrivate::writeHyperlinks(QXmlStreamWriter &writer) it.next(); int row = it.key(); QMapIterator it2(it.value()); - while(it2.hasNext()) { + while (it2.hasNext()) { it2.next(); int col = it2.key(); XlsxUrlData *data = it2.value(); @@ -1379,7 +1379,7 @@ void WorksheetPrivate::splitColsInfo(int colFirst, int colLast) // This will be more complex if we try to set "C:F" after "B:D". { QMapIterator > it(colsInfo); - while(it.hasNext()) { + while (it.hasNext()) { it.next(); QSharedPointer info = it.value(); if (colFirst > info->firstColumn && colFirst <= info->lastColumn) { @@ -1397,7 +1397,7 @@ void WorksheetPrivate::splitColsInfo(int colFirst, int colLast) } { QMapIterator > it(colsInfo); - while(it.hasNext()) { + while (it.hasNext()) { it.next(); QSharedPointer info = it.value(); if (colLast >= info->firstColumn && colLast < info->lastColumn) { @@ -1795,7 +1795,7 @@ QSharedPointer WorksheetPrivate::readNumericCellData(QXmlStreamReader &rea QString v_str; QString f_str; QSharedPointer cell; - while (!(reader.name() == QLatin1String("c") && reader.tokenType() == QXmlStreamReader::EndElement)) { + while (!reader.atEnd() && !(reader.name() == QLatin1String("c") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("v")) { @@ -1833,7 +1833,7 @@ void WorksheetPrivate::readSheetData(QXmlStreamReader &reader) Q_Q(Worksheet); Q_ASSERT(reader.name() == QLatin1String("sheetData")); - while(!(reader.name() == QLatin1String("sheetData") && reader.tokenType() == QXmlStreamReader::EndElement)) { + while (!reader.atEnd() && !(reader.name() == QLatin1String("sheetData") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { @@ -1886,7 +1886,7 @@ void WorksheetPrivate::readSheetData(QXmlStreamReader &reader) QString type = attributes.value(QLatin1String("t")).toString(); if (type == QLatin1String("s")) { //string type - while (!(reader.name() == QLatin1String("c") && reader.tokenType() == QXmlStreamReader::EndElement)) { + while (!reader.atEnd() && !(reader.name() == QLatin1String("c") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.name() == QLatin1String("v")) { int sst_idx = reader.readElementText().toInt(); @@ -1900,7 +1900,7 @@ void WorksheetPrivate::readSheetData(QXmlStreamReader &reader) } } else if (type == QLatin1String("inlineStr")) { //inline string type - while (!(reader.name() == QLatin1String("c") && reader.tokenType() == QXmlStreamReader::EndElement)) { + while (!reader.atEnd() && !(reader.name() == QLatin1String("c") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { //:Todo, add rich text read support @@ -1928,7 +1928,7 @@ void WorksheetPrivate::readSheetData(QXmlStreamReader &reader) } else if (type == QLatin1String("e")) { //error type, such as #DIV/0! #NULL! #REF! etc QString v_str, f_str; - while (!(reader.name() == QLatin1String("c") && reader.tokenType() == QXmlStreamReader::EndElement)) { + while (!reader.atEnd() && !(reader.name() == QLatin1String("c") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("v")) @@ -1963,7 +1963,7 @@ void WorksheetPrivate::readColumnsInfo(QXmlStreamReader &reader) { Q_ASSERT(reader.name() == QLatin1String("cols")); - while(!(reader.name() == QLatin1String("cols") && reader.tokenType() == QXmlStreamReader::EndElement)) { + while (!reader.atEnd() && !(reader.name() == QLatin1String("cols") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("col")) { @@ -2007,7 +2007,7 @@ void WorksheetPrivate::readMergeCells(QXmlStreamReader &reader) QXmlStreamAttributes attributes = reader.attributes(); int count = attributes.value(QLatin1String("count")).toString().toInt(); - while(!(reader.name() == QLatin1String("mergeCells") && reader.tokenType() == QXmlStreamReader::EndElement)) { + while (!reader.atEnd() && !(reader.name() == QLatin1String("mergeCells") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("mergeCell")) { @@ -2036,7 +2036,7 @@ void WorksheetPrivate::readDataValidations(QXmlStreamReader &reader) QXmlStreamAttributes attributes = reader.attributes(); int count = attributes.value(QLatin1String("count")).toString().toInt(); - while(!(reader.name() == QLatin1String("dataValidations") + while (!reader.atEnd() && !(reader.name() == QLatin1String("dataValidations") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement @@ -2053,7 +2053,7 @@ void WorksheetPrivate::readSheetViews(QXmlStreamReader &reader) { Q_ASSERT(reader.name() == QLatin1String("sheetViews")); - while(!(reader.name() == QLatin1String("sheetViews") + while (!reader.atEnd() && !(reader.name() == QLatin1String("sheetViews") && reader.tokenType() == QXmlStreamReader::EndElement)) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement && reader.name() == QLatin1String("sheetView")) { @@ -2079,7 +2079,7 @@ bool Worksheet::loadFromXmlFile(QIODevice *device) Q_D(Worksheet); QXmlStreamReader reader(device); - while(!reader.atEnd()) { + while (!reader.atEnd()) { reader.readNextStartElement(); if (reader.tokenType() == QXmlStreamReader::StartElement) { if (reader.name() == QLatin1String("dimension")) {