Bug#683721: unblock: libreoffice/1:3.5.4-7
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package libreoffice
unblock libreoffice/1:3.5.4-7
- Fixes CVE-2012-2665. Yes, that one's big[1] but it's the official
commits from upstream. The binfilter part is not strictly needed but
done for consistency (as we did it for stable-security/DSA 2520-1, too)
- Minor "fix" of #682462 to make the transitional package ttf-opensymbol
apt-get autoremove'able
Full diff attached, due to debian/patches etc. this is not exactly much helpful, though..
Regards,
Rene
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
[1]
rene@frodo:~/Debian/Pakete/LibreOffice/libreoffice-3.5.4/debian/patches$ cat CVE-2012-2665* | diffstat
b/binfilter/bf_xmloff/source/core/xmloff_xmluconv.cxx | 175 ----
b/filter/Library_placeware.mk | 2
b/filter/source/placeware/Base64Codec.cxx | 206 -----
b/filter/source/placeware/Base64Codec.hxx | 50 -
b/filter/source/placeware/exporter.cxx | 4
b/package/Library_package2.mk | 2
b/package/inc/PackageConstants.hxx | 24
b/package/prj/build.lst | 2
b/package/source/manifest/Base64Codec.cxx | 204 -----
b/package/source/manifest/Base64Codec.hxx | 48 -
b/package/source/manifest/ManifestExport.cxx | 8
b/package/source/manifest/ManifestImport.cxx | 379 +++++-----
b/package/source/manifest/ManifestImport.hxx | 12
b/package/source/zipapi/ZipFile.cxx | 10
binfilter/bf_sc/source/filter/xml/sc_XMLChangeTrackingExportHelper.cxx | 5
binfilter/bf_sc/source/filter/xml/sc_XMLTrackedChangesContext.cxx | 5
binfilter/bf_sc/source/filter/xml/sc_xmlbodyi.cxx | 5
binfilter/bf_sc/source/filter/xml/sc_xmlexprt.cxx | 5
binfilter/bf_sc/source/filter/xml/sc_xmlsubti.cxx | 4
binfilter/bf_sc/util/makefile.mk | 1
binfilter/bf_xmloff/source/core/xmloff_DocumentSettingsContext.cxx | 6
binfilter/bf_xmloff/source/core/xmloff_SettingsExportHelper.cxx | 3
binfilter/bf_xmloff/source/core/xmloff_XMLBase64Export.cxx | 4
binfilter/bf_xmloff/source/core/xmloff_XMLBase64ImportContext.cxx | 5
binfilter/bf_xmloff/source/text/xmloff_XMLRedlineExport.cxx | 3
binfilter/bf_xmloff/source/text/xmloff_XMLSectionExport.cxx | 4
binfilter/bf_xmloff/source/text/xmloff_XMLSectionImportContext.cxx | 4
binfilter/bf_xmloff/source/text/xmloff_XMLTextFrameContext.cxx | 4
binfilter/bf_xmloff/source/text/xmloff_XMLTrackedChangesImportContext.cxx | 3
binfilter/bf_xmloff/util/makefile.mk | 1
binfilter/inc/bf_xmloff/xmluconv.hxx | 11
31 files changed, 300 insertions(+), 899 deletions(-)
diff -Nru libreoffice-3.5.4/debian/changelog libreoffice-3.5.4/debian/changelog
--- libreoffice-3.5.4/debian/changelog 2012-07-20 00:21:57.000000000 +0200
+++ libreoffice-3.5.4/debian/changelog 2012-08-01 11:51:00.000000000 +0200
@@ -1,3 +1,14 @@
+libreoffice (1:3.5.4-7) unstable; urgency=high
+
+ * debian/patches/CVE-2012-2665*.diff: fix CVE-2012-2665
+ ("Multiple heap-based buffer overflows in the XML manifest
+ encryption handling code")
+
+ * debian/control.in: drop "| ttf-opensymbol" from -core and -math depends
+ (closes: #682462)
+
+ -- Rene Engelhard <rene@debian.org> Wed, 01 Aug 2012 10:41:17 +0200
+
libreoffice (1:3.5.4-6) unstable; urgency=medium
* debian/patches/CVE-2012-2334-clip-max-entries.diff: add additional
diff -Nru libreoffice-3.5.4/debian/control libreoffice-3.5.4/debian/control
--- libreoffice-3.5.4/debian/control 2012-07-20 09:41:23.000000000 +0200
+++ libreoffice-3.5.4/debian/control 2012-08-01 11:51:24.000000000 +0200
@@ -89,7 +89,7 @@
Package: libreoffice-core
Architecture: alpha amd64 armel armhf hppa i386 ia64 mips mipsel powerpc powerpcspe ppc64 s390 s390x sparc kfreebsd-amd64 kfreebsd-i386
-Depends: libreoffice-common (>> ${base-version}), fonts-opensymbol | ttf-opensymbol (>= 1:3.0), ${shlibs:Depends}, fontconfig, ${misc:Depends}
+Depends: libreoffice-common (>> ${base-version}), fonts-opensymbol, ${shlibs:Depends}, fontconfig, ${misc:Depends}
Pre-Depends: ure (>= 1.5.1+OOo3.1.1-15)
Conflicts: libreoffice-calc (<< ${binary:Version}), libreoffice-writer (<< ${binary:Version}), libreoffice-impress (<< ${binary:Version}), libreoffice-draw (<< ${binary:Version}), libreoffice-base (<< ${binary:Version}), libreoffice-gtk (<< ${binary:Version}), libreoffice-gnome (<< ${binary:Version}), libreoffice-kde (<< ${binary:Version}), libreoffice-evolution (<< ${binary:Version}), libreoffice-filter-so52 (<< ${binary:Version}), libreoffice-officebean (<< ${binary:Version}), libreoffice-dev (<< ${binary:Version}), libreoffice-style-crystal (<< 1:3.3.0-1), libreoffice-style-oxygen (<< 1:3.3.0-1), libreoffice-style-tango (<< 1:3.3.0-1), libreoffice-style-hicontrast (<< 1:3.3.0-1), libreoffice-style-galaxy (<< 1:3.3.0-1), libreoffice-style-andromeda (<< 1:3.3.0-1), libcairo2 (= 1.4.8-1), libicu38 (= 3.8~d01-1), cli-uno-bridge (<< 1:3.0.0~dev300m22), cacao-oj6-jre, mozilla-plugin-vlc (<< 1.0)
Breaks: myspell-ru (<< 0.99g5-8.1), myspell-lv (<< 0.7.3-3.1), myspell-et (<< 1:20030606-12.1), myspell-fi (<< 0.7-17.2), myspell-cs-cz (<< 20040229-4.1), myspell-el-gr (<< 0.3-1.1), myspell-nn (<< 2.0.10-3.1), myspell-nb (<< 2.0.10-3.1), hunspell-ar (<< 0.0.0+20080110-1.1), myspell-hu (<< 0.99.4-1.2), hunspell-gl-es (<< 2.2a-6), myspell-gv (<< 0.50-8), myspell-en-au (<< 2.1-5), myspell-fa (<< 0.20070816-2), hunspell-uz (<< 0.6-3.1), hunspell-ko (<< 0.3.3-1), hunspell-se (<< 1.0~beta6.20081222-1.1), hunspell-de-med (<< 20090825-1), hunspell-en-us (<< 20070829-3), myspell-sv-se (<< 1.3.8-6-2.2), myspell-sk (<< 0.5.5a-2.1), myspell-fo (<< 0.2.36-3), myspell-nl (<< 1:1.10-3), myspell-pt-br (<< 2009.03.30-1.1), myspell-pl (<< 20090830-1), myspell-pt-pt (<< 20090309-1.1), myspell-ga (<< 2.0-19), myspell-gd (<< 0.50-7), myspell-ku (<< 0.20.0-1.1), myspell-hr (<< 20060617-2), myspell-fr-gut (<< 1:1.0-26.1), myspell-eo (<< 2.1.2000.02.25-41), myspell-de-de-oldspell (<< 1:2-25.1), myspell-da (<< 1.6.18-1.1), myspell-es (<< 1.10-7), myspell-de-at (<< 20071211-2), myspell-de-ch (<< 20071211-2), myspell-de-de (<< 20071211-2), hunspell-de-at (<< 20071211-2), hunspell-de-ch (<< 20071211-2), hunspell-de-de (<< 20071211-2), myspell-ca (<< 0.6-8), myspell-tl (<< 0.4-0-5), myspell-ne (<< 1.0-4.1), myspell-fr (<< 1.4-25), myspell-hy (<< 0.10.1-1.1), myspell-en-us (<< 1:3.1.0-3), myspell-en-gb (<< 1:3.1.0-3), myspell-en-za (<< 1:3.1.0-3), myspell-af (<< 1:3.1.0-3), myspell-it (<< 1:3.1.0-3), myspell-sw (<< 1:3.1.0-3), myspell-th (<< 1:3.1.0-3), hunspell-en-ca (<< 1:3.1.0-3), hunspell-ne (<< 1:3.1.0-3), hunspell-da (<< 1:3.1.0-3), hunspell-fr (<< 1:3.1.0-3), hunspell-vi (<< 1:3.1.0-3), hunspell-hu (<< 1:3.1.0-3), hunspell-sr (<< 1:3.1.0-3), hunspell-sh (<< 1:3.1.0-3), myspell-lv (<< 0.7.3-3.1), myspell-et (<< 1:20030606-12.1), myspell-nn (<< 2.0.10-3.1), myspell-nb (<< 2.0.10-3.1), libreoffice-filter-binfilter (<< 1:3.4.1~), libreoffice-evolution (<< 1:3.4.1~), libreoffice-kab (<< 1:3.4.1~), libreoffice-sdbc-postgresql (<< 0.8.1~), mozilla-libreoffice (<< 1:3.5.0~beta~)
@@ -183,7 +183,7 @@
Package: libreoffice-math
Architecture: alpha amd64 armel armhf hppa i386 ia64 mips mipsel powerpc powerpcspe ppc64 s390 s390x sparc kfreebsd-amd64 kfreebsd-i386
-Depends: libreoffice-core (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends}, fonts-opensymbol | ttf-opensymbol (>= 2:2.4.3~)
+Depends: libreoffice-core (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends}, fonts-opensymbol
Description: office productivity suite -- equation editor
LibreOffice is a full-featured office productivity suite that provides
a near drop-in replacement for Microsoft(R) Office.
diff -Nru libreoffice-3.5.4/debian/control.in libreoffice-3.5.4/debian/control.in
--- libreoffice-3.5.4/debian/control.in 2012-07-01 22:03:22.000000000 +0200
+++ libreoffice-3.5.4/debian/control.in 2012-08-01 11:50:39.000000000 +0200
@@ -157,7 +157,7 @@
Package: libreofficeVER-core
Architecture: %OOO_ARCHS%
Depends: libreofficeVER-common (>> ${base-version}),
- fonts-opensymbol | ttf-opensymbol (>= 1:3.0),
+ fonts-opensymbol,
${shlibs:Depends},
fontconfig,
${misc:Depends}
@@ -303,7 +303,7 @@
Depends: libreofficeVER-core (= ${binary:Version}),
${shlibs:Depends},
${misc:Depends},
- fonts-opensymbol | ttf-opensymbol (>= 2:2.4.3~)
+ fonts-opensymbol
Description: office productivity suite -- equation editor
LibreOffice is a full-featured office productivity suite that provides
a near drop-in replacement for Microsoft(R) Office.
diff -Nru libreoffice-3.5.4/debian/libreoffice-gcj.postinst.debhelper libreoffice-3.5.4/debian/libreoffice-gcj.postinst.debhelper
--- libreoffice-3.5.4/debian/libreoffice-gcj.postinst.debhelper 2012-06-26 17:55:15.000000000 +0200
+++ libreoffice-3.5.4/debian/libreoffice-gcj.postinst.debhelper 1970-01-01 01:00:00.000000000 +0100
@@ -1,5 +0,0 @@
-# Automatically added by dh_nativejava
-if which rebuild-gcj-db >/dev/null 2>&1; then
- rebuild-gcj-db
-fi
-# End automatically added section
diff -Nru libreoffice-3.5.4/debian/libreoffice-gcj.postrm.debhelper libreoffice-3.5.4/debian/libreoffice-gcj.postrm.debhelper
--- libreoffice-3.5.4/debian/libreoffice-gcj.postrm.debhelper 2012-06-26 17:55:15.000000000 +0200
+++ libreoffice-3.5.4/debian/libreoffice-gcj.postrm.debhelper 1970-01-01 01:00:00.000000000 +0100
@@ -1,5 +0,0 @@
-# Automatically added by dh_nativejava
-if which rebuild-gcj-db >/dev/null 2>&1; then
- rebuild-gcj-db
-fi
-# End automatically added section
diff -Nru libreoffice-3.5.4/debian/libreoffice-gcj.substvars libreoffice-3.5.4/debian/libreoffice-gcj.substvars
--- libreoffice-3.5.4/debian/libreoffice-gcj.substvars 2012-06-26 18:06:35.000000000 +0200
+++ libreoffice-3.5.4/debian/libreoffice-gcj.substvars 1970-01-01 01:00:00.000000000 +0100
@@ -1,4 +0,0 @@
-misc:Depends=libgcj-common (>> 1:4.1.1-13)
-shlibs:Depends=libc6 (>= 2.2.5), libgcc1 (>= 1:4.1.1), libgcj-bc (>= 4.6.3-1~), zlib1g (>= 1:1.1.4)
-java:Depends=
-java:Recommends=
diff -Nru libreoffice-3.5.4/debian/patches/CVE-2012-2665-binfilter.diff libreoffice-3.5.4/debian/patches/CVE-2012-2665-binfilter.diff
--- libreoffice-3.5.4/debian/patches/CVE-2012-2665-binfilter.diff 1970-01-01 01:00:00.000000000 +0100
+++ libreoffice-3.5.4/debian/patches/CVE-2012-2665-binfilter.diff 2012-08-01 10:40:14.000000000 +0200
@@ -0,0 +1,538 @@
+From 5b278ca5fd540592951ad460d8950a931ab755a8 Mon Sep 17 00:00:00 2001
+From: Caolán McNamara <caolanm@redhat.com>
+Date: Wed, 30 May 2012 14:09:18 +0000
+Subject: use sax::Converter:: base64 code instead
+
+Change-Id: I92fd4459bed7c38ff2063899b20d24d781ac45b
+
+From b9f83fca37a3544b825de9d2f295090257d3477b Mon Sep 17 00:00:00 2001
+From: Caolán McNamara <caolanm@redhat.com>
+Date: Sat, 02 Jun 2012 22:14:45 +0000
+Subject: ThreeByteToFourByte and friends are no longer in use
+
+Change-Id: I9a2aaebfc5cc6b8b6327d61270043611283a6975
+
+--- a/binfilter/bf_sc/source/filter/xml/sc_XMLChangeTrackingExportHelper.cxx
++++ b/binfilter/bf_sc/source/filter/xml/sc_XMLChangeTrackingExportHelper.cxx
+@@ -39,6 +39,9 @@
+ #include <bf_xmloff/xmluconv.hxx>
+
+ #include <bf_svtools/zforlist.hxx>
++
++#include <sax/tools/converter.hxx>
++
+ namespace binfilter {
+
+ #define SC_CHANGE_ID_PREFIX "ct"
+@@ -758,7 +761,7 @@ void ScChangeTrackingExportHelper::CollectAndWriteChanges()
+ if (pChangeTrack->IsProtected())
+ {
+ ::rtl::OUStringBuffer aBuffer;
+- SvXMLUnitConverter::encodeBase64(aBuffer, pChangeTrack->GetProtection());
++ ::sax::Converter::encodeBase64(aBuffer, pChangeTrack->GetProtection());
+ if (aBuffer.getLength())
+ rExport.AddAttribute(XML_NAMESPACE_TABLE, XML_PROTECTION_KEY, aBuffer.makeStringAndClear());
+ }
+--- a/binfilter/bf_sc/source/filter/xml/sc_XMLTrackedChangesContext.cxx
++++ b/binfilter/bf_sc/source/filter/xml/sc_XMLTrackedChangesContext.cxx
+@@ -47,6 +47,9 @@
+ #include <bf_svtools/zforlist.hxx>
+
+ #include <com/sun/star/text/ControlCharacter.hpp>
++
++#include <sax/tools/converter.hxx>
++
+ namespace binfilter {
+
+ using namespace ::com::sun::star;
+@@ -562,7 +565,7 @@ ScXMLTrackedChangesContext::ScXMLTrackedChangesContext( ScXMLImport& rInImport,
+ if (sValue.getLength())
+ {
+ uno::Sequence<sal_Int8> aPass;
+- SvXMLUnitConverter::decodeBase64(aPass, sValue);
++ ::sax::Converter::decodeBase64(aPass, sValue);
+ pChangeTrackingImportHelper->SetProtection(aPass);
+ }
+ }
+--- a/binfilter/bf_sc/source/filter/xml/sc_xmlbodyi.cxx
++++ b/binfilter/bf_sc/source/filter/xml/sc_xmlbodyi.cxx
+@@ -56,6 +56,9 @@
+ #include <com/sun/star/sheet/XSpreadsheetDocument.hpp>
+
+ #include <sal/types.h>
++
++#include <sax/tools/converter.hxx>
++
+ namespace binfilter {
+
+ using namespace ::com::sun::star;
+@@ -193,7 +196,7 @@ void ScXMLBodyContext::EndElement()
+ {
+ uno::Sequence<sal_Int8> aPass;
+ if (sPassword.getLength())
+- SvXMLUnitConverter::decodeBase64(aPass, sPassword);
++ ::sax::Converter::decodeBase64(aPass, sPassword);
+ pDoc->SetDocProtection(bProtected, aPass);
+ }
+ uno::Reference <sheet::XSpreadsheetDocument> xSpreadDoc( GetScImport().GetModel(), uno::UNO_QUERY );
+--- a/binfilter/bf_sc/source/filter/xml/sc_xmlexprt.cxx
++++ b/binfilter/bf_sc/source/filter/xml/sc_xmlexprt.cxx
+@@ -86,6 +86,7 @@
+ #include <com/sun/star/sheet/NamedRangeFlag.hpp>
+ #include <com/sun/star/form/XFormsSupplier.hpp>
+ #include <legacysmgr/legacy_binfilters_smgr.hxx>
++#include <sax/tools/converter.hxx>
+ namespace binfilter {
+ //! not found in unonames.hxx
+ #define SC_STANDARDFORMAT "StandardFormat"
+@@ -1213,7 +1214,7 @@ void ScXMLExport::SetBodyAttributes()
+ {
+ AddAttribute(XML_NAMESPACE_TABLE, XML_STRUCTURE_PROTECTED, XML_TRUE);
+ ::rtl::OUStringBuffer aBuffer;
+- SvXMLUnitConverter::encodeBase64(aBuffer, pDoc->GetDocPassword());
++ ::sax::Converter::encodeBase64(aBuffer, pDoc->GetDocPassword());
+ if (aBuffer.getLength())
+ AddAttribute(XML_NAMESPACE_TABLE, XML_PROTECTION_KEY, aBuffer.makeStringAndClear());
+ }
+@@ -1285,7 +1286,7 @@ void ScXMLExport::_ExportContent()
+ AddAttribute(XML_NAMESPACE_TABLE, XML_PROTECTED, XML_TRUE);
+ ::rtl::OUStringBuffer aBuffer;
+ if (pDoc)
+- SvXMLUnitConverter::encodeBase64(aBuffer, pDoc->GetTabPassword(nTable));
++ ::sax::Converter::encodeBase64(aBuffer, pDoc->GetTabPassword(nTable));
+ if (aBuffer.getLength())
+ AddAttribute(XML_NAMESPACE_TABLE, XML_PROTECTION_KEY, aBuffer.makeStringAndClear());
+ }
+--- a/binfilter/bf_sc/source/filter/xml/sc_xmlsubti.cxx
++++ b/binfilter/bf_sc/source/filter/xml/sc_xmlsubti.cxx
+@@ -45,6 +45,8 @@
+ #include <com/sun/star/sheet/XCellRangeAddressable.hpp>
+ #include <com/sun/star/sheet/XCellRangeMovement.hpp>
+ #include <com/sun/star/drawing/XDrawPageSupplier.hpp>
++
++#include <sax/tools/converter.hxx>
+ namespace binfilter {
+
+ //------------------------------------------------------------------
+@@ -593,7 +595,7 @@ void ScMyTables::DeleteTable()
+ if (rImport.GetDocument() && bProtection)
+ {
+ uno::Sequence<sal_Int8> aPass;
+- SvXMLUnitConverter::decodeBase64(aPass, sPassword);
++ ::sax::Converter::decodeBase64SomeChars(aPass, sPassword);
+ rImport.GetDocument()->SetTabProtection(nCurrentSheet, bProtection, aPass);
+ /*uno::Reference <util::XProtectable> xProtectable(xCurrentSheet, uno::UNO_QUERY);
+ if (xProtectable.is())
+--- a/binfilter/bf_sc/util/makefile.mk
++++ b/binfilter/bf_sc/util/makefile.mk
+@@ -71,6 +71,7 @@ SHL1STDLIBS+= \
+ $(BFSVXLIB) \
+ $(BFOFALIB) \
+ $(VCLLIB) \
++ $(SAXLIB) \
+ $(CPPULIB) \
+ $(CPPUHELPERLIB) \
+ $(COMPHELPERLIB) \
+--- a/binfilter/bf_xmloff/source/core/xmloff_DocumentSettingsContext.cxx
++++ b/binfilter/bf_xmloff/source/core/xmloff_DocumentSettingsContext.cxx
+@@ -37,9 +37,7 @@
+ #include "xmluconv.hxx"
+ #include <tools/debug.hxx>
+
+-#ifndef __SGI_STL_LIST
+ #include <list>
+-#endif
+
+ #include <com/sun/star/i18n/XForbiddenCharacters.hpp>
+ #include <com/sun/star/container/XIndexContainer.hpp>
+@@ -48,6 +46,7 @@
+ #include <com/sun/star/util/DateTime.hpp>
+ #include <com/sun/star/document/XViewDataSupplier.hpp>
+ #include <com/sun/star/document/PrinterIndependentLayout.hpp>
++#include <sax/tools/converter.hxx>
+ #include <xmlenums.hxx>
+ namespace binfilter {
+
+@@ -516,8 +515,7 @@ void XMLConfigItemContext::Characters( const ::rtl::OUString& rChars )
+ }
+ uno::Sequence<sal_Int8> aBuffer((sChars.getLength() / 4) * 3 );
+ sal_Int32 nCharsDecoded =
+- GetImport().GetMM100UnitConverter().
+- decodeBase64SomeChars( aBuffer, sChars );
++ ::sax::Converter::decodeBase64SomeChars(aBuffer, sChars);
+ sal_uInt32 nStartPos(aDecoded.getLength());
+ sal_uInt32 nCount(aBuffer.getLength());
+ aDecoded.realloc(nStartPos + nCount);
+--- a/binfilter/bf_xmloff/source/core/xmloff_SettingsExportHelper.cxx
++++ b/binfilter/bf_xmloff/source/core/xmloff_SettingsExportHelper.cxx
+@@ -39,6 +39,7 @@
+ #include <com/sun/star/util/DateTime.hpp>
+ #include <com/sun/star/container/XIndexContainer.hpp>
+ #include <com/sun/star/document/PrinterIndependentLayout.hpp>
++#include <sax/tools/converter.hxx>
+ #include <xmlenums.hxx>
+ namespace binfilter {
+
+@@ -355,7 +356,7 @@ void XMLSettingsExportHelper::exportbase64Binary(
+ if(nLength)
+ {
+ ::rtl::OUStringBuffer sBuffer;
+- SvXMLUnitConverter::encodeBase64(sBuffer, aProps);
++ ::sax::Converter::encodeBase64(sBuffer, aProps);
+ rExport.GetDocHandler()->characters(sBuffer.makeStringAndClear());
+ }
+ }
+--- a/binfilter/bf_xmloff/source/core/xmloff_XMLBase64Export.cxx
++++ b/binfilter/bf_xmloff/source/core/xmloff_XMLBase64Export.cxx
+@@ -28,6 +28,7 @@
+
+
+ #include <com/sun/star/io/XInputStream.hpp>
++#include <sax/tools/converter.hxx>
+
+ #include "xmluconv.hxx"
+ #include "xmlexp.hxx"
+@@ -62,8 +63,7 @@ sal_Bool XMLBase64Export::exportXML( const Reference < XInputStream> & rIn )
+ nRead = rIn->readBytes( aInBuff, INPUT_BUFFER_SIZE );
+ if( nRead > 0 )
+ {
+- GetExport().GetMM100UnitConverter().encodeBase64( aOutBuff,
+- aInBuff );
++ ::sax::Converter::encodeBase64(aOutBuff, aInBuff);
+ GetExport().Characters( aOutBuff.makeStringAndClear() );
+ if( nRead == INPUT_BUFFER_SIZE )
+ GetExport().IgnorableWhitespace();
+--- a/binfilter/bf_xmloff/source/core/xmloff_XMLBase64ImportContext.cxx
++++ b/binfilter/bf_xmloff/source/core/xmloff_XMLBase64ImportContext.cxx
+@@ -31,6 +31,8 @@
+
+ #include <com/sun/star/io/XOutputStream.hpp>
+
++#include <sax/tools/converter.hxx>
++
+ #include "XMLBase64ImportContext.hxx"
+ namespace binfilter {
+
+@@ -82,8 +84,7 @@ void XMLBase64ImportContext::Characters( const ::rtl::OUString& rChars )
+ }
+ Sequence< sal_Int8 > aBuffer( (sChars.getLength() / 4) * 3 );
+ sal_Int32 nCharsDecoded =
+- GetImport().GetMM100UnitConverter().
+- decodeBase64SomeChars( aBuffer, sChars );
++ ::sax::Converter::decodeBase64SomeChars(aBuffer, sChars);
+ xOut->writeBytes( aBuffer );
+ if( nCharsDecoded != sChars.getLength() )
+ sBase64CharsLeft = sChars.copy( nCharsDecoded );
+diff -u b/binfilter/bf_xmloff/source/core/xmloff_xmluconv.cxx b/binfilter/bf_xmloff/source/core/xmloff_xmluconv.cxx
+--- b/binfilter/bf_xmloff/source/core/xmloff_xmluconv.cxx
++++ b/binfilter/bf_xmloff/source/core/xmloff_xmluconv.cxx
+@@ -1454,181 +1454,6 @@
+ rBuffer.append(sal_Unicode(')'));
+ }
+
+-const
+- sal_Char aBase64EncodeTable[] =
+- { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
+- 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
+- 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
+- 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
+- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/' };
+-
+-const
+- sal_uInt8 aBase64DecodeTable[] =
+- { 62,255,255,255, 63, // 43-47
+-// + /
+-
+- 52, 53, 54, 55, 56, 57, 58, 59, 60, 61,255,255,255, 0,255,255, // 48-63
+-// 0 1 2 3 4 5 6 7 8 9 =
+-
+- 255, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, // 64-79
+-// A B C D E F G H I J K L M N O
+-
+- 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25,255,255,255,255,255, // 80-95
+-// P Q R S T U V W X Y Z
+-
+- 0, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, // 96-111
+-// a b c d e f g h i j k l m n o
+-
+- 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51 }; // 112-123
+-// p q r s t u v w x y z
+-
+-
+-
+-void ThreeByteToFourByte (const sal_Int8* pBuffer, const sal_Int32 nStart, const sal_Int32 nFullLen, ::rtl::OUStringBuffer& sBuffer)
+-{
+- sal_Int32 nLen(nFullLen - nStart);
+- if (nLen > 3)
+- nLen = 3;
+- if (nLen == 0)
+- {
+- return;
+- }
+-
+- sal_Int32 nBinaer;
+- switch (nLen)
+- {
+- case 1:
+- {
+- nBinaer = ((sal_uInt8)pBuffer[nStart + 0]) << 16;
+- }
+- break;
+- case 2:
+- {
+- nBinaer = (((sal_uInt8)pBuffer[nStart + 0]) << 16) +
+- (((sal_uInt8)pBuffer[nStart + 1]) << 8);
+- }
+- break;
+- default:
+- {
+- nBinaer = (((sal_uInt8)pBuffer[nStart + 0]) << 16) +
+- (((sal_uInt8)pBuffer[nStart + 1]) << 8) +
+- ((sal_uInt8)pBuffer[nStart + 2]);
+- }
+- break;
+- }
+-
+- sal_Unicode buf[4] = { '=', '=', '=', '=' };
+-
+- sal_uInt8 nIndex ((nBinaer & 0xFC0000) >> 18);
+- buf[0] = aBase64EncodeTable [nIndex];
+-
+- nIndex = (nBinaer & 0x3F000) >> 12;
+- buf[1] = aBase64EncodeTable [nIndex];
+- if (nLen > 1)
+- {
+- nIndex = (nBinaer & 0xFC0) >> 6;
+- buf[2] = aBase64EncodeTable [nIndex];
+- if (nLen > 2)
+- {
+- nIndex = (nBinaer & 0x3F);
+- buf[3] = aBase64EncodeTable [nIndex];
+- }
+- }
+- sBuffer.append(buf, SAL_N_ELEMENTS(buf));
+-}
+-
+-void SvXMLUnitConverter::encodeBase64( ::rtl::OUStringBuffer& aStrBuffer, const uno::Sequence<sal_Int8>& aPass)
+-{
+- sal_Int32 i(0);
+- sal_Int32 nBufferLength(aPass.getLength());
+- const sal_Int8* pBuffer = aPass.getConstArray();
+- while (i < nBufferLength)
+- {
+- ThreeByteToFourByte (pBuffer, i, nBufferLength, aStrBuffer);
+- i += 3;
+- }
+-}
+-
+-void SvXMLUnitConverter::decodeBase64(uno::Sequence<sal_Int8>& aBuffer, const ::rtl::OUString& sBuffer)
+-{
+-#if OSL_DEBUG_LEVEL > 0
+- sal_Int32 nCharsDecoded =
+-#endif
+- decodeBase64SomeChars( aBuffer, sBuffer );
+- OSL_ENSURE( nCharsDecoded == sBuffer.getLength(),
+- "some bytes left in base64 decoding!" );
+-}
+-
+-sal_Int32 SvXMLUnitConverter::decodeBase64SomeChars(
+- uno::Sequence<sal_Int8>& rOutBuffer,
+- const ::rtl::OUString& rInBuffer)
+-{
+- sal_Int32 nInBufferLen = rInBuffer.getLength();
+- sal_Int32 nMinOutBufferLen = (nInBufferLen / 4) * 3;
+- if( rOutBuffer.getLength() < nMinOutBufferLen )
+- rOutBuffer.realloc( nMinOutBufferLen );
+-
+- const sal_Unicode *pInBuffer = rInBuffer.getStr();
+- sal_Int8 *pOutBuffer = rOutBuffer.getArray();
+- sal_Int8 *pOutBufferStart = pOutBuffer;
+- sal_Int32 nCharsDecoded = 0;
+-
+- sal_uInt8 aDecodeBuffer[4];
+- sal_Int32 nBytesToDecode = 0;
+- sal_Int32 nBytesGotFromDecoding = 3;
+- sal_Int32 nInBufferPos= 0;
+- while( nInBufferPos < nInBufferLen )
+- {
+- sal_Unicode cChar = *pInBuffer;
+- if( cChar >= '+' && cChar <= 'z' )
+- {
+- sal_uInt8 nByte = aBase64DecodeTable[cChar-'+'];
+- if( nByte != 255 )
+- {
+- // We have found a valid character!
+- aDecodeBuffer[nBytesToDecode++] = nByte;
+-
+- // One '=' character at the end means 2 out bytes
+- // Two '=' characters at the end mean 1 out bytes
+- if( '=' == cChar && nBytesToDecode > 2 )
+- nBytesGotFromDecoding--;
+- if( 4 == nBytesToDecode )
+- {
+- // Four characters found, so we may convert now!
+- sal_uInt32 nOut = (aDecodeBuffer[0] << 18) +
+- (aDecodeBuffer[1] << 12) +
+- (aDecodeBuffer[2] << 6) +
+- aDecodeBuffer[3];
+-
+- *pOutBuffer++ = (sal_Int8)((nOut & 0xff0000) >> 16);
+- if( nBytesGotFromDecoding > 1 )
+- *pOutBuffer++ = (sal_Int8)((nOut & 0xff00) >> 8);
+- if( nBytesGotFromDecoding > 2 )
+- *pOutBuffer++ = (sal_Int8)(nOut & 0xff);
+- nCharsDecoded = nInBufferPos + 1;
+- nBytesToDecode = 0;
+- nBytesGotFromDecoding = 3;
+- }
+- }
+- else
+- {
+- nCharsDecoded++;
+- }
+- }
+- else
+- {
+- nCharsDecoded++;
+- }
+-
+- nInBufferPos++;
+- pInBuffer++;
+- }
+- if( (pOutBuffer - pOutBufferStart) != rOutBuffer.getLength() )
+- rOutBuffer.realloc( pOutBuffer - pOutBufferStart );
+-
+- return nCharsDecoded;
+-}
+-
+ sal_Bool SvXMLUnitConverter::convertNumFormat(
+ sal_Int16& rType,
+ const OUString& rNumFmt,
+--- a/binfilter/bf_xmloff/source/text/xmloff_XMLRedlineExport.cxx
++++ b/binfilter/bf_xmloff/source/text/xmloff_XMLRedlineExport.cxx
+@@ -45,6 +45,7 @@
+
+ #include <com/sun/star/util/DateTime.hpp>
+
++#include <sax/tools/converter.hxx>
+
+ #include "xmlnmspe.hxx"
+
+@@ -238,7 +239,7 @@ void XMLRedlineExport::ExportChangesListElements()
+ if ( aKey.getLength() > 0 )
+ {
+ OUStringBuffer aBuffer;
+- SvXMLUnitConverter::encodeBase64( aBuffer, aKey );
++ ::sax::Converter::encodeBase64(aBuffer, aKey);
+ rExport.AddAttribute( XML_NAMESPACE_TEXT, XML_PROTECTION_KEY,
+ aBuffer.makeStringAndClear() );
+ }
+--- a/binfilter/bf_xmloff/source/text/xmloff_XMLSectionExport.cxx
++++ b/binfilter/bf_xmloff/source/text/xmloff_XMLSectionExport.cxx
+@@ -39,6 +39,8 @@
+ #include <com/sun/star/text/XTextFieldsSupplier.hpp>
+ #include <com/sun/star/text/XChapterNumberingSupplier.hpp>
+
++#include <sax/tools/converter.hxx>
++
+ #include "xmlkywd.hxx"
+ #include "xmluconv.hxx"
+ #include "xmlexp.hxx"
+@@ -452,7 +454,7 @@ void XMLSectionExport::ExportRegularSectionStart(
+ if (aPassword.getLength() > 0)
+ {
+ OUStringBuffer aBuffer;
+- SvXMLUnitConverter::encodeBase64(aBuffer, aPassword);
++ ::sax::Converter::encodeBase64(aBuffer, aPassword);
+ GetExport().AddAttribute(XML_NAMESPACE_TEXT, XML_PROTECTION_KEY,
+ aBuffer.makeStringAndClear());
+ }
+--- a/binfilter/bf_xmloff/source/text/xmloff_XMLSectionImportContext.cxx
++++ b/binfilter/bf_xmloff/source/text/xmloff_XMLSectionImportContext.cxx
+@@ -40,6 +40,8 @@
+ #include <com/sun/star/text/XTextContent.hpp>
+ #include <com/sun/star/text/ControlCharacter.hpp>
+
++#include <sax/tools/converter.hxx>
++
+ namespace binfilter {
+
+
+@@ -308,7 +310,7 @@ void XMLSectionImportContext::ProcessAttributes(
+ }
+ break;
+ case XML_TOK_SECTION_PROTECTION_KEY:
+- SvXMLUnitConverter::decodeBase64(aSequence, sAttr);
++ ::sax::Converter::decodeBase64(aSequence, sAttr);
+ bSequenceOK = sal_True;
+ break;
+ case XML_TOK_SECTION_PROTECT:
+--- a/binfilter/bf_xmloff/source/text/xmloff_XMLTextFrameContext.cxx
++++ b/binfilter/bf_xmloff/source/text/xmloff_XMLTextFrameContext.cxx
+@@ -35,6 +35,7 @@
+ #include <com/sun/star/io/XOutputStream.hpp>
+ #include <com/sun/star/text/HoriOrientation.hpp>
+ #include <com/sun/star/text/VertOrientation.hpp>
++#include <sax/tools/converter.hxx>
+ #include "xmlimp.hxx"
+ #include "xmlnmspe.hxx"
+ #include "xmlkywd.hxx"
+@@ -1111,8 +1112,7 @@ void XMLTextFrameContext::Characters( const OUString& rChars )
+ }
+ Sequence< sal_Int8 > aBuffer( (sChars.getLength() / 4) * 3 );
+ sal_Int32 nCharsDecoded =
+- GetImport().GetMM100UnitConverter().
+- decodeBase64SomeChars( aBuffer, sChars );
++ ::sax::Converter::decodeBase64SomeChars(aBuffer, sChars);
+ xBase64Stream->writeBytes( aBuffer );
+ if( nCharsDecoded != sChars.getLength() )
+ sBase64CharsLeft = sChars.copy( nCharsDecoded );
+--- a/binfilter/bf_xmloff/source/text/xmloff_XMLTrackedChangesImportContext.cxx
++++ b/binfilter/bf_xmloff/source/text/xmloff_XMLTrackedChangesImportContext.cxx
+@@ -30,6 +30,7 @@
+ #include "XMLChangedRegionImportContext.hxx"
+ #include <com/sun/star/uno/Reference.h>
+ #include <com/sun/star/uno/Sequence.h>
++#include <sax/tools/converter.hxx>
+ #include "xmlimp.hxx"
+ #include "xmlnmspe.hxx"
+ #include "nmspmap.hxx"
+@@ -84,7 +85,7 @@ void XMLTrackedChangesImportContext::StartElement(
+ }
+ else if ( IsXMLToken( sLocalName, XML_PROTECTION_KEY ) ) {
+ Sequence<sal_Int8> aSequence;
+- SvXMLUnitConverter::decodeBase64(
++ ::sax::Converter::decodeBase64(
+ aSequence, xAttrList->getValueByIndex(i));
+ if ( aSequence.getLength() > 0 )
+ {
+--- a/binfilter/bf_xmloff/util/makefile.mk
++++ b/binfilter/bf_xmloff/util/makefile.mk
+@@ -69,6 +69,7 @@ SHL1IMPLIB= _ibf_xo
+
+ SHL1STDLIBS= \
+ $(BFSVTOOLLIB) \
++ $(SAXLIB) \
+ $(TOOLSLIB) \
+ $(I18NISOLANGLIB) \
+ $(CPPULIB) \
+--- a/binfilter/inc/bf_xmloff/xmluconv.hxx
++++ b/binfilter/inc/bf_xmloff/xmluconv.hxx
+@@ -309,17 +309,6 @@ public:
+ static sal_Int32 indexOfComma( const ::rtl::OUString& rStr,
+ sal_Int32 nPos );
+
+- static void encodeBase64( ::rtl::OUStringBuffer& aStrBuffer, const ::com::sun::star::uno::Sequence<sal_Int8>& aPass);
+-
+- // Decode a base 64 encoded string into a sequence of bytes. The first
+- // version can be used for attribute values only, bacause it does not
+- // return any chars left from conversion.
+- // For text submitted throgh the SAX characters call, the later method
+- // must be used!
+- static void decodeBase64( ::com::sun::star::uno::Sequence<sal_Int8>& aPass, const ::rtl::OUString& sBuffer);
+-
+- static sal_Int32 decodeBase64SomeChars( ::com::sun::star::uno::Sequence<sal_Int8>& aPass, const ::rtl::OUString& sBuffer);
+-
+ /** convert num-forat and num-letter-sync values to NumberingType */
+ sal_Bool convertNumFormat( sal_Int16& rType,
+ const ::rtl::OUString& rNumFormat,
diff -Nru libreoffice-3.5.4/debian/patches/CVE-2012-2665.diff libreoffice-3.5.4/debian/patches/CVE-2012-2665.diff
--- libreoffice-3.5.4/debian/patches/CVE-2012-2665.diff 1970-01-01 01:00:00.000000000 +0100
+++ libreoffice-3.5.4/debian/patches/CVE-2012-2665.diff 2012-08-01 10:40:43.000000000 +0200
@@ -0,0 +1,1487 @@
+Date: Fri, 08 Jun 2012 10:23:44 +0100
+From: Caolán McNamara <caolanm@redhat.com>
+To: Petr Mladek <pmladek@suse.cz>
+Cc: tdf-security@lists.documentfoundation.org
+Subject: [REVIEW 3-5] Re: Is CVE-2012-2665 fixed in LO?
+
+On Thu, 2012-06-07 at 18:23 +0200, Petr Mladek wrote:
+> Hi Caolan,
+>
+> I am a bit confused by all the security problems. Is CVE-2012-2665 fixed
+> in LO-3.5?
+
+Not yet. I wanted to wait to propose any more backports until the
+backlog was cleared to try and avoid confusion :-)
+
+So, I'm now requesting the following three additional commits to be
+cherry-picked to 3-5
+
+78f614e5fff70d4874322255cca739f430865f0a key-size
+acc613a3236c61c8272bde1eadca5d8bf25f98f1 tag-hierarchy
+4a7164429b727bd8fd6f183950e85e6225869364 count-and-order
+
+to address CVE-2012-2665
+
+I'd like to consider those three + the already cherry-picked
+4036ee4db7b43cac9f892c2b9a2c545f0f838747 as our canonical solution to
+CVE-2012-2665 (78f614e5fff70d4874322255cca739f430865f0a is technically
+not really relevant but I reckon its easiest to bundle it into any
+backports while we're at it to keep things simple)
+
+C.
+
+From 4036ee4db7b43cac9f892c2b9a2c545f0f838747 Mon Sep 17 00:00:00 2001
+From: Caolán McNamara <caolanm@redhat.com>
+Date: Wed, 30 May 2012 14:10:25 +0000
+Subject: merge three base64 encoders/decoders together
+
+Conflicts:
+
+ filter/source/placeware/Base64Codec.cxx
+ package/source/manifest/Base64Codec.cxx
+
+Change-Id: Ic123c081fcf6ddcf5d61c5d5a3eab01db470014c
+Signed-off-by: Miklos Vajna <vmiklos@suse.cz>
+---
+diff --git a/filter/Library_placeware.mk b/filter/Library_placeware.mk
+index d0af3c1..0471cd2 100644
+--- a/filter/Library_placeware.mk
++++ b/filter/Library_placeware.mk
+@@ -34,11 +34,11 @@ $(eval $(call gb_Library_add_linked_libs,placeware,\
+ cppuhelper \
+ cppu \
+ sal \
++ sax \
+ $(gb_STDLIBS) \
+ ))
+
+ $(eval $(call gb_Library_add_exception_objects,placeware,\
+- filter/source/placeware/Base64Codec \
+ filter/source/placeware/exporter \
+ filter/source/placeware/filter \
+ filter/source/placeware/tempfile \
+diff --git a/filter/source/placeware/Base64Codec.cxx b/filter/source/placeware/Base64Codec.cxx
+deleted file mode 100644
+index 49cfcc0..0000000
+--- a/filter/source/placeware/Base64Codec.cxx
++++ b/dev/null
+@@ -1,206 +0,0 @@
+-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+-/*************************************************************************
+- *
+- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+- *
+- * Copyright 2000, 2010 Oracle and/or its affiliates.
+- *
+- * OpenOffice.org - a multi-platform office productivity suite
+- *
+- * This file is part of OpenOffice.org.
+- *
+- * OpenOffice.org is free software: you can redistribute it and/or modify
+- * it under the terms of the GNU Lesser General Public License version 3
+- * only, as published by the Free Software Foundation.
+- *
+- * OpenOffice.org is distributed in the hope that it will be useful,
+- * but WITHOUT ANY WARRANTY; without even the implied warranty of
+- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+- * GNU Lesser General Public License version 3 for more details
+- * (a copy is included in the LICENSE file that accompanied this code).
+- *
+- * You should have received a copy of the GNU Lesser General Public License
+- * version 3 along with OpenOffice.org. If not, see
+- * <http://www.openoffice.org/license.html>
+- * for a copy of the LGPLv3 License.
+- *
+- ************************************************************************/
+-
+-#include "Base64Codec.hxx"
+-#include <rtl/ustrbuf.hxx>
+-#include <osl/diagnose.h>
+-using namespace osl;
+-using namespace com::sun::star;
+-using ::rtl::OUString;
+-using ::rtl::OUStringBuffer;
+-const
+- sal_Char aBase64EncodeTable[] =
+- { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
+- 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
+- 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
+- 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
+- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/' };
+-
+-const
+- sal_uInt8 aBase64DecodeTable[] =
+- { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0-15
+-
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 16-31
+-
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 62, 0, 0, 0, 63, // 32-47
+-// + /
+-
+- 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 0, 0, 0, 0, 0, 0, // 48-63
+-// 0 1 2 3 4 5 6 7 8 9 =
+-
+- 0, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, // 64-79
+-// A B C D E F G H I J K L M N O
+-
+- 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 0, 0, 0, 0, 0, // 80-95
+-// P Q R S T U V W X Y Z
+-
+- 0, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, // 96-111
+-// a b c d e f g h i j k l m n o
+-
+- 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 0, 0, 0, 0, 0, // 112-127
+-// p q r s t u v w x y z
+-
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
+-
+-
+-void ThreeByteToFourByte (const sal_uInt8* pBuffer, const sal_Int32 nStart, const sal_Int32 nFullLen, rtl::OUStringBuffer& sBuffer)
+-{
+- sal_Int32 nLen(nFullLen - nStart);
+- if (nLen > 3)
+- nLen = 3;
+- if (nLen == 0)
+- {
+- return;
+- }
+-
+- sal_Int32 nBinaer;
+- switch (nLen)
+- {
+- case 1:
+- {
+- nBinaer = ((sal_uInt8)pBuffer[nStart + 0]) << 16;
+- }
+- break;
+- case 2:
+- {
+- nBinaer = (((sal_uInt8)pBuffer[nStart + 0]) << 16) +
+- (((sal_uInt8)pBuffer[nStart + 1]) << 8);
+- }
+- break;
+- default:
+- {
+- nBinaer = (((sal_uInt8)pBuffer[nStart + 0]) << 16) +
+- (((sal_uInt8)pBuffer[nStart + 1]) << 8) +
+- ((sal_uInt8)pBuffer[nStart + 2]);
+- }
+- break;
+- }
+-
+- sal_Unicode buf[] = { '=', '=', '=', '=' };
+-
+- sal_uInt8 nIndex = static_cast< sal_uInt8 >((nBinaer & 0xFC0000) >> 18);
+- buf[0] = aBase64EncodeTable [nIndex];
+-
+- nIndex = static_cast< sal_uInt8 >((nBinaer & 0x3F000) >> 12);
+- buf[1] = aBase64EncodeTable [nIndex];
+- if (nLen > 1)
+- {
+- nIndex = static_cast< sal_uInt8 >((nBinaer & 0xFC0) >> 6);
+- buf[2] = aBase64EncodeTable [nIndex];
+- if (nLen > 2)
+- {
+- nIndex = static_cast< sal_uInt8 >((nBinaer & 0x3F));
+- buf[3] = aBase64EncodeTable [nIndex];
+- }
+- }
+- sBuffer.append(buf, SAL_N_ELEMENTS(buf));
+-}
+-
+-void Base64Codec::encodeBase64(rtl::OUStringBuffer& aStrBuffer, const uno::Sequence < sal_Int8 >& aPass)
+-{
+- sal_Int32 i(0);
+- sal_Int32 nBufferLength(aPass.getLength());
+- const sal_Int8* pBuffer = aPass.getConstArray();
+- while (i < nBufferLength)
+- {
+- ThreeByteToFourByte ((const sal_uInt8*)pBuffer, i, nBufferLength, aStrBuffer);
+- i += 3;
+- }
+-}
+-
+-const rtl::OUString s2equal(RTL_CONSTASCII_USTRINGPARAM("=="));
+-const rtl::OUString s1equal(RTL_CONSTASCII_USTRINGPARAM("="));
+-#if 0
+-void FourByteToThreeByte (sal_uInt8* pBuffer, sal_Int32& nLength, const sal_Int32 nStart, const rtl::OUString& sString)
+-{
+- nLength = 0;
+- sal_Int32 nLen (sString.getLength());
+-
+- if (nLen != 4)
+- {
+- return;
+- }
+-
+-
+- if (sString.indexOf(s2equal) == 2)
+- nLength = 1;
+- else if (sString.indexOf(s1equal) == 3)
+- nLength = 2;
+- else
+- nLength = 3;
+-
+- sal_Int32 nBinaer ((aBase64DecodeTable [sString [0]] << 18) +
+- (aBase64DecodeTable [sString [1]] << 12) +
+- (aBase64DecodeTable [sString [2]] << 6) +
+- (aBase64DecodeTable [sString [3]]));
+-
+- sal_uInt8 OneByte = static_cast< sal_uInt8 >((nBinaer & 0xFF0000) >> 16);
+- pBuffer[nStart + 0] = (sal_uInt8)OneByte;
+-
+- if (nLength == 1)
+- return;
+-
+- OneByte = static_cast< sal_uInt8 >((nBinaer & 0xFF00) >> 8);
+- pBuffer[nStart + 1] = (sal_uInt8)OneByte;
+-
+- if (nLength == 2)
+- return;
+-
+- OneByte = static_cast< sal_uInt8 >(nBinaer & 0xFF);
+- pBuffer[nStart + 2] = (sal_uInt8)OneByte;
+-}
+-
+-void Base64Codec::decodeBase64(uno::Sequence< sal_uInt8 >& aBuffer, const rtl::OUString& sBuffer)
+-{
+- sal_Int32 nFirstLength((sBuffer.getLength() / 4) * 3);
+- sal_uInt8* pBuffer = new sal_uInt8[nFirstLength];
+- sal_Int32 nSecondLength(0);
+- sal_Int32 nLength(0);
+- sal_Int32 i = 0;
+- sal_Int32 k = 0;
+- while (i < sBuffer.getLength())
+- {
+- FourByteToThreeByte (pBuffer, nLength, k, sBuffer.copy(i, 4));
+- nSecondLength += nLength;
+- nLength = 0;
+- i += 4;
+- k += 3;
+- }
+- aBuffer = uno::Sequence<sal_uInt8>(pBuffer, nSecondLength);
+- delete[] pBuffer;
+-}
+-#endif
+-
+-/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
+diff --git a/filter/source/placeware/Base64Codec.hxx b/filter/source/placeware/Base64Codec.hxx
+deleted file mode 100644
+index b635b1e..0000000
+--- a/filter/source/placeware/Base64Codec.hxx
++++ b/dev/null
+@@ -1,50 +0,0 @@
+-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+-/*************************************************************************
+- *
+- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+- *
+- * Copyright 2000, 2010 Oracle and/or its affiliates.
+- *
+- * OpenOffice.org - a multi-platform office productivity suite
+- *
+- * This file is part of OpenOffice.org.
+- *
+- * OpenOffice.org is free software: you can redistribute it and/or modify
+- * it under the terms of the GNU Lesser General Public License version 3
+- * only, as published by the Free Software Foundation.
+- *
+- * OpenOffice.org is distributed in the hope that it will be useful,
+- * but WITHOUT ANY WARRANTY; without even the implied warranty of
+- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+- * GNU Lesser General Public License version 3 for more details
+- * (a copy is included in the LICENSE file that accompanied this code).
+- *
+- * You should have received a copy of the GNU Lesser General Public License
+- * version 3 along with OpenOffice.org. If not, see
+- * <http://www.openoffice.org/license.html>
+- * for a copy of the LGPLv3 License.
+- *
+- ************************************************************************/
+-
+-#ifndef _BASE64_CODEC_HXX
+-#define _BASE64_CODEC_HXX
+-
+-#include <com/sun/star/uno/Sequence.hxx>
+-
+-namespace rtl
+-{
+-class OUString;
+-class OUStringBuffer;
+-}
+-
+-class Base64Codec
+-{
+-public:
+- static void encodeBase64(rtl::OUStringBuffer& aStrBuffer, const com::sun::star::uno::Sequence<sal_Int8>& aPass);
+-#if 0
+- static void decodeBase64(com::sun::star::uno::Sequence<sal_uInt8>& aPass, const rtl::OUString& sBuffer);
+-#endif
+-};
+-#endif
+-
+-/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
+diff --git a/filter/source/placeware/exporter.cxx b/filter/source/placeware/exporter.cxx
+index b925b65..a89e915 100644
+--- a/filter/source/placeware/exporter.cxx
++++ b/filter/source/placeware/exporter.cxx
+@@ -39,12 +39,12 @@
+ #include <com/sun/star/task/XStatusIndicatorFactory.hpp>
+ #include <rtl/ustrbuf.hxx>
+ #include <rtl/string.hxx>
++#include <sax/tools/converter.hxx>
+ #include <osl/diagnose.h>
+
+ #include <vector>
+
+ #include "exporter.hxx"
+-#include "Base64Codec.hxx"
+ #include "zip.hxx"
+ #include "tempfile.hxx"
+
+@@ -161,7 +161,7 @@ static void encodeFile( osl::File& rSourceFile, Reference< XOutputStream >& xOut
+ nLen -= nRead;
+
+ rtl::OUStringBuffer aStrBuffer;
+- Base64Codec::encodeBase64( aStrBuffer, aInBuffer );
++ ::sax::Converter::encodeBase64(aStrBuffer, aInBuffer);
+
+ sal_Int32 nCount = aStrBuffer.getLength();
+
+diff --git a/package/Library_package2.mk b/package/Library_package2.mk
+index 306887e..dfce64b 100644
+--- a/package/Library_package2.mk
++++ b/package/Library_package2.mk
+@@ -51,6 +51,7 @@ $(eval $(call gb_Library_add_linked_libs,package2,\
+ cppu \
+ cppuhelper \
+ sal \
++ sax \
+ ucbhelper \
+ $(gb_STDLIBS) \
+ ))
+@@ -60,7 +61,6 @@ $(eval $(call gb_Library_use_externals,package2,\
+ ))
+
+ $(eval $(call gb_Library_add_exception_objects,package2,\
+- package/source/manifest/Base64Codec \
+ package/source/manifest/ManifestExport \
+ package/source/manifest/ManifestImport \
+ package/source/manifest/ManifestReader \
+diff --git a/package/prj/build.lst b/package/prj/build.lst
+index e1a2c11..35b408d 100644
+--- a/package/prj/build.lst
++++ b/package/prj/build.lst
+@@ -1,2 +1,2 @@
+-pk package : cppu cppuhelper comphelper ucbhelper sal ZLIB:zlib LIBXSLT:libxslt NULL
++pk package : cppu cppuhelper comphelper ucbhelper sal ZLIB:zlib LIBXSLT:libxslt sax NULL
+ pk package\prj nmake - all pk_prj NULL
+diff --git a/package/source/manifest/Base64Codec.cxx b/package/source/manifest/Base64Codec.cxx
+deleted file mode 100644
+index 66a7f18..0000000
+--- a/package/source/manifest/Base64Codec.cxx
++++ b/dev/null
+@@ -1,204 +0,0 @@
+-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+-/*************************************************************************
+- *
+- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+- *
+- * Copyright 2000, 2010 Oracle and/or its affiliates.
+- *
+- * OpenOffice.org - a multi-platform office productivity suite
+- *
+- * This file is part of OpenOffice.org.
+- *
+- * OpenOffice.org is free software: you can redistribute it and/or modify
+- * it under the terms of the GNU Lesser General Public License version 3
+- * only, as published by the Free Software Foundation.
+- *
+- * OpenOffice.org is distributed in the hope that it will be useful,
+- * but WITHOUT ANY WARRANTY; without even the implied warranty of
+- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+- * GNU Lesser General Public License version 3 for more details
+- * (a copy is included in the LICENSE file that accompanied this code).
+- *
+- * You should have received a copy of the GNU Lesser General Public License
+- * version 3 along with OpenOffice.org. If not, see
+- * <http://www.openoffice.org/license.html>
+- * for a copy of the LGPLv3 License.
+- *
+- ************************************************************************/
+-
+-#include "Base64Codec.hxx"
+-#include <rtl/ustrbuf.hxx>
+-#include <osl/diagnose.h>
+-using namespace osl;
+-using namespace com::sun::star;
+-
+-using ::rtl::OUStringBuffer;
+-
+-const
+- sal_Char aBase64EncodeTable[] =
+- { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
+- 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
+- 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
+- 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
+- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/' };
+-
+-const
+- sal_uInt8 aBase64DecodeTable[] =
+- { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0-15
+-
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 16-31
+-
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 62, 0, 0, 0, 63, // 32-47
+-// + /
+-
+- 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 0, 0, 0, 0, 0, 0, // 48-63
+-// 0 1 2 3 4 5 6 7 8 9 =
+-
+- 0, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, // 64-79
+-// A B C D E F G H I J K L M N O
+-
+- 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 0, 0, 0, 0, 0, // 80-95
+-// P Q R S T U V W X Y Z
+-
+- 0, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, // 96-111
+-// a b c d e f g h i j k l m n o
+-
+- 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 0, 0, 0, 0, 0, // 112-127
+-// p q r s t u v w x y z
+-
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
+-
+-
+-void ThreeByteToFourByte (const sal_uInt8* pBuffer, const sal_Int32 nStart, const sal_Int32 nFullLen, rtl::OUStringBuffer& sBuffer)
+-{
+- sal_Int32 nLen(nFullLen - nStart);
+- if (nLen > 3)
+- nLen = 3;
+- if (nLen == 0)
+- {
+- return;
+- }
+-
+- sal_Int32 nBinaer;
+- switch (nLen)
+- {
+- case 1:
+- {
+- nBinaer = ((sal_uInt8)pBuffer[nStart + 0]) << 16;
+- }
+- break;
+- case 2:
+- {
+- nBinaer = (((sal_uInt8)pBuffer[nStart + 0]) << 16) +
+- (((sal_uInt8)pBuffer[nStart + 1]) << 8);
+- }
+- break;
+- default:
+- {
+- nBinaer = (((sal_uInt8)pBuffer[nStart + 0]) << 16) +
+- (((sal_uInt8)pBuffer[nStart + 1]) << 8) +
+- ((sal_uInt8)pBuffer[nStart + 2]);
+- }
+- break;
+- }
+-
+- sal_Unicode buf[] = { '=', '=', '=', '=' };
+-
+- sal_uInt8 nIndex = static_cast< sal_uInt8 >((nBinaer & 0xFC0000) >> 18);
+- buf[0] = aBase64EncodeTable [nIndex];
+-
+- nIndex = static_cast< sal_uInt8 >((nBinaer & 0x3F000) >> 12);
+- buf[1] = aBase64EncodeTable [nIndex];
+- if (nLen > 1)
+- {
+- nIndex = static_cast< sal_uInt8 >((nBinaer & 0xFC0) >> 6);
+- buf[2] = aBase64EncodeTable [nIndex];
+- if (nLen > 2)
+- {
+- nIndex = static_cast< sal_uInt8 >(nBinaer & 0x3F);
+- buf[3] = aBase64EncodeTable [nIndex];
+- }
+- }
+- sBuffer.append(buf, SAL_N_ELEMENTS(buf));
+-}
+-
+-void Base64Codec::encodeBase64(rtl::OUStringBuffer& aStrBuffer, const uno::Sequence < sal_Int8 >& aPass)
+-{
+- sal_Int32 i(0);
+- sal_Int32 nBufferLength(aPass.getLength());
+- const sal_uInt8* pBuffer = reinterpret_cast< const sal_uInt8* >( aPass.getConstArray() );
+- while (i < nBufferLength)
+- {
+- ThreeByteToFourByte (pBuffer, i, nBufferLength, aStrBuffer);
+- i += 3;
+- }
+-}
+-
+-const rtl::OUString s2equal(RTL_CONSTASCII_USTRINGPARAM("=="));
+-const rtl::OUString s1equal(RTL_CONSTASCII_USTRINGPARAM("="));
+-
+-void FourByteToThreeByte (sal_uInt8* pBuffer, sal_Int32& nLength, const sal_Int32 nStart, const rtl::OUString& sString)
+-{
+- nLength = 0;
+- sal_Int32 nLen (sString.getLength());
+-
+- OSL_ASSERT( nLen == 4 );
+- if (nLen != 4)
+- return;
+-
+- if (sString.indexOf(s2equal) == 2)
+- nLength = 1;
+- else if (sString.indexOf(s1equal) == 3)
+- nLength = 2;
+- else
+- nLength = 3;
+-
+- sal_Int32 nBinaer ((aBase64DecodeTable [sString [0]] << 18) +
+- (aBase64DecodeTable [sString [1]] << 12) +
+- (aBase64DecodeTable [sString [2]] << 6) +
+- (aBase64DecodeTable [sString [3]]));
+-
+- sal_uInt8 OneByte = static_cast< sal_uInt8 >((nBinaer & 0xFF0000) >> 16);
+- pBuffer[nStart + 0] = (sal_uInt8)OneByte;
+-
+- if (nLength == 1)
+- return;
+-
+- OneByte = static_cast< sal_uInt8 >((nBinaer & 0xFF00) >> 8);
+- pBuffer[nStart + 1] = OneByte;
+-
+- if (nLength == 2)
+- return;
+-
+- OneByte = static_cast< sal_uInt8 >(nBinaer & 0xFF);
+- pBuffer[nStart + 2] = OneByte;
+-}
+-
+-void Base64Codec::decodeBase64(uno::Sequence< sal_Int8 >& aBuffer, const rtl::OUString& sBuffer)
+-{
+- sal_Int32 nFirstLength((sBuffer.getLength() / 4) * 3);
+- sal_uInt8* pBuffer = new sal_uInt8[nFirstLength];
+- sal_Int32 nSecondLength(0);
+- sal_Int32 nLength(0);
+- sal_Int32 i = 0;
+- sal_Int32 k = 0;
+- while (i < sBuffer.getLength())
+- {
+- FourByteToThreeByte (pBuffer, nLength, k, sBuffer.copy(i, 4));
+- nSecondLength += nLength;
+- nLength = 0;
+- i += 4;
+- k += 3;
+- }
+- aBuffer = uno::Sequence<sal_Int8>( reinterpret_cast< sal_Int8* >( pBuffer ), nSecondLength );
+- delete[] pBuffer;
+-}
+-
+-/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
+diff --git a/package/source/manifest/Base64Codec.hxx b/package/source/manifest/Base64Codec.hxx
+deleted file mode 100644
+index 60bd018..0000000
+--- a/package/source/manifest/Base64Codec.hxx
++++ b/dev/null
+@@ -1,48 +0,0 @@
+-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+-/*************************************************************************
+- *
+- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+- *
+- * Copyright 2000, 2010 Oracle and/or its affiliates.
+- *
+- * OpenOffice.org - a multi-platform office productivity suite
+- *
+- * This file is part of OpenOffice.org.
+- *
+- * OpenOffice.org is free software: you can redistribute it and/or modify
+- * it under the terms of the GNU Lesser General Public License version 3
+- * only, as published by the Free Software Foundation.
+- *
+- * OpenOffice.org is distributed in the hope that it will be useful,
+- * but WITHOUT ANY WARRANTY; without even the implied warranty of
+- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+- * GNU Lesser General Public License version 3 for more details
+- * (a copy is included in the LICENSE file that accompanied this code).
+- *
+- * You should have received a copy of the GNU Lesser General Public License
+- * version 3 along with OpenOffice.org. If not, see
+- * <http://www.openoffice.org/license.html>
+- * for a copy of the LGPLv3 License.
+- *
+- ************************************************************************/
+-
+-#ifndef _BASE64_CODEC_HXX
+-#define _BASE64_CODEC_HXX
+-
+-#include <com/sun/star/uno/Sequence.hxx>
+-
+-namespace rtl
+-{
+-class OUString;
+-class OUStringBuffer;
+-}
+-
+-class Base64Codec
+-{
+-public:
+- static void encodeBase64(rtl::OUStringBuffer& aStrBuffer, const com::sun::star::uno::Sequence<sal_Int8>& aPass);
+- static void decodeBase64(com::sun::star::uno::Sequence<sal_Int8>& aPass, const rtl::OUString& sBuffer);
+-};
+-#endif
+-
+-/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
+diff --git a/package/source/manifest/ManifestExport.cxx b/package/source/manifest/ManifestExport.cxx
+index a9e9f45..94e5234 100644
+--- a/package/source/manifest/ManifestExport.cxx
++++ b/package/source/manifest/ManifestExport.cxx
+@@ -37,7 +37,7 @@
+
+ #include <ManifestDefines.hxx>
+ #include <ManifestExport.hxx>
+-#include <Base64Codec.hxx>
++#include <sax/tools/converter.hxx>
+
+ #include <rtl/ustrbuf.hxx>
+ #include <comphelper/documentconstants.hxx>
+@@ -275,7 +275,7 @@ ManifestExport::ManifestExport( uno::Reference< xml::sax::XDocumentHandler > xHa
+
+ pNewAttrList->AddAttribute ( sChecksumTypeAttribute, sCdataAttribute, sChecksumType );
+ *pDigest >>= aSequence;
+- Base64Codec::encodeBase64( aBuffer, aSequence );
++ ::sax::Converter::encodeBase64(aBuffer, aSequence);
+ pNewAttrList->AddAttribute ( sChecksumAttribute, sCdataAttribute, aBuffer.makeStringAndClear() );
+
+ xHandler->startElement( sEncryptionDataElement , xNewAttrList);
+@@ -308,7 +308,7 @@ ManifestExport::ManifestExport( uno::Reference< xml::sax::XDocumentHandler > xHa
+ pNewAttrList->AddAttribute ( sAlgorithmNameAttribute, sCdataAttribute, sEncAlgName );
+
+ *pVector >>= aSequence;
+- Base64Codec::encodeBase64 ( aBuffer, aSequence );
++ ::sax::Converter::encodeBase64(aBuffer, aSequence);
+ pNewAttrList->AddAttribute ( sInitialisationVectorAttribute, sCdataAttribute, aBuffer.makeStringAndClear() );
+
+ xHandler->ignorableWhitespace ( sWhiteSpace );
+@@ -334,7 +334,7 @@ ManifestExport::ManifestExport( uno::Reference< xml::sax::XDocumentHandler > xHa
+ pNewAttrList->AddAttribute ( sIterationCountAttribute, sCdataAttribute, aBuffer.makeStringAndClear() );
+
+ *pSalt >>= aSequence;
+- Base64Codec::encodeBase64 ( aBuffer, aSequence );
++ ::sax::Converter::encodeBase64(aBuffer, aSequence);
+ pNewAttrList->AddAttribute ( sSaltAttribute, sCdataAttribute, aBuffer.makeStringAndClear() );
+
+ xHandler->ignorableWhitespace ( sWhiteSpace );
+diff --git a/package/source/manifest/ManifestImport.cxx b/package/source/manifest/ManifestImport.cxx
+index 01cf6a5..8756081 100644
+--- a/package/source/manifest/ManifestImport.cxx
++++ b/package/source/manifest/ManifestImport.cxx
+@@ -29,7 +29,7 @@
+ // MARKER( update_precomp.py ): autogen include statement, do not remove
+ #include <ManifestImport.hxx>
+ #include <ManifestDefines.hxx>
+-#include <Base64Codec.hxx>
++#include <sax/tools/converter.hxx>
+ #include <com/sun/star/xml/sax/XAttributeList.hpp>
+ #include <com/sun/star/xml/crypto/DigestID.hpp>
+ #include <com/sun/star/xml/crypto/CipherID.hpp>
+@@ -188,7 +188,7 @@ void SAL_CALL ManifestImport::startElement( const OUString& aName, const uno::Re
+ {
+ aString = aConvertedAttribs[sChecksumAttribute];
+ uno::Sequence < sal_Int8 > aDecodeBuffer;
+- Base64Codec::decodeBase64( aDecodeBuffer, aString );
++ ::sax::Converter::decodeBase64(aDecodeBuffer, aString);
+ aSequence[nNumProperty].Name = sDigestProperty;
+ aSequence[nNumProperty++].Value <<= aDecodeBuffer;
+ }
+@@ -235,7 +235,7 @@ void SAL_CALL ManifestImport::startElement( const OUString& aName, const uno::Re
+ {
+ aString = aConvertedAttribs[sInitialisationVectorAttribute];
+ uno::Sequence < sal_Int8 > aDecodeBuffer;
+- Base64Codec::decodeBase64 ( aDecodeBuffer, aString );
++ ::sax::Converter::decodeBase64(aDecodeBuffer, aString);
+ aSequence[nNumProperty].Name = sInitialisationVectorProperty;
+ aSequence[nNumProperty++].Value <<= aDecodeBuffer;
+ }
+@@ -250,7 +250,7 @@ void SAL_CALL ManifestImport::startElement( const OUString& aName, const uno::Re
+ {
+ aString = aConvertedAttribs[sSaltAttribute];
+ uno::Sequence < sal_Int8 > aDecodeBuffer;
+- Base64Codec::decodeBase64 ( aDecodeBuffer, aString );
++ ::sax::Converter::decodeBase64(aDecodeBuffer, aString);
+ aSequence[nNumProperty].Name = sSaltProperty;
+ aSequence[nNumProperty++].Value <<= aDecodeBuffer;
+
+--
+cgit v0.9.0.2-2-gbebe
+
+From 78f614e5fff70d4874322255cca739f430865f0a Mon Sep 17 00:00:00 2001
+From: Caolán McNamara <caolanm@redhat.com>
+Date: Mon, 28 May 2012 09:33:40 +0000
+Subject: check key size
+
+Change-Id: Ia909b0abb3ef84a9f0a14d42379f693ae9e70812
+---
+diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx
+index 16d5a00..f154dfe 100644
+--- a/package/source/zipapi/ZipFile.cxx
++++ b/package/source/zipapi/ZipFile.cxx
+@@ -157,6 +157,12 @@ uno::Reference< xml::crypto::XCipherContext > ZipFile::StaticGetCipher( const un
+
+ try
+ {
++ if (xEncryptionData->m_nDerivedKeySize < 0)
++ {
++ throw ZipIOException( ::rtl::OUString(RTL_CONSTASCII_USTRINGPARAM("Invalid derived key length!") ),
++ uno::Reference< XInterface >() );
++ }
++
+ uno::Sequence< sal_Int8 > aDerivedKey( xEncryptionData->m_nDerivedKeySize );
+ if ( rtl_Digest_E_None != rtl_digest_PBKDF2( reinterpret_cast< sal_uInt8* >( aDerivedKey.getArray() ),
+ aDerivedKey.getLength(),
+@@ -192,7 +198,7 @@ uno::Reference< xml::crypto::XCipherContext > ZipFile::StaticGetCipher( const un
+ uno::Reference< XInterface >() );
+ }
+ }
+- catch( uno::Exception& )
++ catch( ... )
+ {
+ OSL_ENSURE( sal_False, "Can not create cipher context!" );
+ }
+@@ -699,7 +705,7 @@ sal_Bool ZipFile::readLOC( ZipEntry &rEntry )
+ || rEntry.nPathLen != nPathLen
+ || !rEntry.sPath.equals( sLOCPath );
+ }
+- catch(::std::bad_alloc &)
++ catch(...)
+ {
+ bBroken = sal_True;
+ }
+--
+cgit v0.9.0.2-2-gbebe
+
+From acc613a3236c61c8272bde1eadca5d8bf25f98f1 Mon Sep 17 00:00:00 2001
+From: Caolán McNamara <caolanm@redhat.com>
+Date: Mon, 28 May 2012 09:35:31 +0000
+Subject: unwind manifest xml parser and follow tag hierarchy model
+
+so we validate that each tag is inside the right parent
+
+Change-Id: Ibc82aeaf6b409ef2fed7de0cd8f15c164da65e53
+---
+diff --git a/package/source/manifest/ManifestImport.cxx b/package/source/manifest/ManifestImport.cxx
+index 5e9a310..f8590fe 100644
+--- a/package/source/manifest/ManifestImport.cxx
++++ b/package/source/manifest/ManifestImport.cxx
+@@ -123,177 +123,229 @@ void SAL_CALL ManifestImport::endDocument( )
+ {
+ }
+
+-// ---------------------------------------------------
+-void SAL_CALL ManifestImport::startElement( const OUString& aName, const uno::Reference< xml::sax::XAttributeList >& xAttribs )
+- throw( xml::sax::SAXException, uno::RuntimeException )
++void ManifestImport::doFileEntry(StringHashMap &rConvertedAttribs)
++ throw( uno::RuntimeException )
+ {
+- StringHashMap aConvertedAttribs;
+- ::rtl::OUString aConvertedName = PushNameAndNamespaces( aName, xAttribs, aConvertedAttribs );
++ aSequence.realloc ( PKG_SIZE_ENCR_MNFST );
+
+- if ( aConvertedName == sFileEntryElement )
++ // Put full-path property first for MBA
++ aSequence[nNumProperty].Name = sFullPathProperty;
++ aSequence[nNumProperty++].Value <<= rConvertedAttribs[sFullPathAttribute];
++ aSequence[nNumProperty].Name = sMediaTypeProperty;
++ aSequence[nNumProperty++].Value <<= rConvertedAttribs[sMediaTypeAttribute];
++
++ OUString sVersion = rConvertedAttribs[sVersionAttribute];
++ if ( sVersion.getLength() )
+ {
+- aSequence.realloc ( PKG_SIZE_ENCR_MNFST );
++ aSequence[nNumProperty].Name = sVersionProperty;
++ aSequence[nNumProperty++].Value <<= sVersion;
++ }
+
+- // Put full-path property first for MBA
+- aSequence[nNumProperty].Name = sFullPathProperty;
+- aSequence[nNumProperty++].Value <<= aConvertedAttribs[sFullPathAttribute];
+- aSequence[nNumProperty].Name = sMediaTypeProperty;
+- aSequence[nNumProperty++].Value <<= aConvertedAttribs[sMediaTypeAttribute];
++ OUString sSize = rConvertedAttribs[sSizeAttribute];
++ if ( sSize.getLength() )
++ {
++ sal_Int32 nSize;
++ nSize = sSize.toInt32();
++ aSequence[nNumProperty].Name = sSizeProperty;
++ aSequence[nNumProperty++].Value <<= nSize;
++ }
++}
+
+- OUString sVersion = aConvertedAttribs[sVersionAttribute];
+- if ( sVersion.getLength() )
++void ManifestImport::doEncryptionData(StringHashMap &rConvertedAttribs)
++ throw( uno::RuntimeException )
++{
++ // If this element exists, then this stream is encrypted and we need
++ // to import the initialisation vector, salt and iteration count used
++ nDerivedKeySize = 0;
++ OUString aString = rConvertedAttribs[sChecksumTypeAttribute];
++ if ( !bIgnoreEncryptData )
++ {
++ if ( aString.equals( sSHA1_1k_Name ) || aString.equals( sSHA1_1k_URL ) )
++ {
++ aSequence[nNumProperty].Name = sDigestAlgProperty;
++ aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA1_1K;
++ }
++ else if ( aString.equals( sSHA256_1k_URL ) )
+ {
+- aSequence[nNumProperty].Name = sVersionProperty;
+- aSequence[nNumProperty++].Value <<= sVersion;
++ aSequence[nNumProperty].Name = sDigestAlgProperty;
++ aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA256_1K;
+ }
++ else
++ bIgnoreEncryptData = sal_True;
+
+- OUString sSize = aConvertedAttribs[sSizeAttribute];
+- if ( sSize.getLength() )
++ if ( !bIgnoreEncryptData )
+ {
+- sal_Int32 nSize;
+- nSize = sSize.toInt32();
+- aSequence[nNumProperty].Name = sSizeProperty;
+- aSequence[nNumProperty++].Value <<= nSize;
++ aString = rConvertedAttribs[sChecksumAttribute];
++ uno::Sequence < sal_Int8 > aDecodeBuffer;
++ ::sax::Converter::decodeBase64(aDecodeBuffer, aString);
++ aSequence[nNumProperty].Name = sDigestProperty;
++ aSequence[nNumProperty++].Value <<= aDecodeBuffer;
+ }
+ }
+- else if ( aStack.size() > 1 )
++}
++
++void ManifestImport::doAlgorithm(StringHashMap &rConvertedAttribs)
++ throw( uno::RuntimeException )
++{
++ if ( !bIgnoreEncryptData )
+ {
+- ManifestStack::reverse_iterator aIter = aStack.rbegin();
+- ++aIter;
++ OUString aString = rConvertedAttribs[sAlgorithmNameAttribute];
++ if ( aString.equals( sBlowfish_Name ) || aString.equals( sBlowfish_URL ) )
++ {
++ aSequence[nNumProperty].Name = sEncryptionAlgProperty;
++ aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::BLOWFISH_CFB_8;
++ }
++ else if ( aString.equals( sAES256_URL ) )
++ {
++ aSequence[nNumProperty].Name = sEncryptionAlgProperty;
++ aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
++ OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 32, "Unexpected derived key length!" );
++ nDerivedKeySize = 32;
++ }
++ else if ( aString.equals( sAES192_URL ) )
++ {
++ aSequence[nNumProperty].Name = sEncryptionAlgProperty;
++ aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
++ OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 24, "Unexpected derived key length!" );
++ nDerivedKeySize = 24;
++ }
++ else if ( aString.equals( sAES128_URL ) )
++ {
++ aSequence[nNumProperty].Name = sEncryptionAlgProperty;
++ aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
++ OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 16, "Unexpected derived key length!" );
++ nDerivedKeySize = 16;
++ }
++ else
++ bIgnoreEncryptData = sal_True;
+
+- if ( aIter->m_aConvertedName.equals( sFileEntryElement ) )
++ if ( !bIgnoreEncryptData )
+ {
+- if ( aConvertedName.equals( sEncryptionDataElement ) )
+- {
+- // If this element exists, then this stream is encrypted and we need
+- // to import the initialisation vector, salt and iteration count used
+- nDerivedKeySize = 0;
+- OUString aString = aConvertedAttribs[sChecksumTypeAttribute];
+- if ( !bIgnoreEncryptData )
+- {
+- if ( aString.equals( sSHA1_1k_Name ) || aString.equals( sSHA1_1k_URL ) )
+- {
+- aSequence[nNumProperty].Name = sDigestAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA1_1K;
+- }
+- else if ( aString.equals( sSHA256_1k_URL ) )
+- {
+- aSequence[nNumProperty].Name = sDigestAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA256_1K;
+- }
+- else
+- bIgnoreEncryptData = sal_True;
+-
+- if ( !bIgnoreEncryptData )
+- {
+- aString = aConvertedAttribs[sChecksumAttribute];
+- uno::Sequence < sal_Int8 > aDecodeBuffer;
+- ::sax::Converter::decodeBase64(aDecodeBuffer, aString);
+- aSequence[nNumProperty].Name = sDigestProperty;
+- aSequence[nNumProperty++].Value <<= aDecodeBuffer;
+- }
+- }
+- }
++ aString = rConvertedAttribs[sInitialisationVectorAttribute];
++ uno::Sequence < sal_Int8 > aDecodeBuffer;
++ ::sax::Converter::decodeBase64(aDecodeBuffer, aString);
++ aSequence[nNumProperty].Name = sInitialisationVectorProperty;
++ aSequence[nNumProperty++].Value <<= aDecodeBuffer;
+ }
+- else if ( aIter->m_aConvertedName.equals( sEncryptionDataElement ) )
++ }
++}
++
++void ManifestImport::doKeyDerivation(StringHashMap &rConvertedAttribs)
++ throw( uno::RuntimeException )
++{
++ if ( !bIgnoreEncryptData )
++ {
++ OUString aString = rConvertedAttribs[sKeyDerivationNameAttribute];
++ if ( aString.equals( sPBKDF2_Name ) || aString.equals( sPBKDF2_URL ) )
+ {
+- if ( aConvertedName == sAlgorithmElement )
+- {
+- if ( !bIgnoreEncryptData )
+- {
+- OUString aString = aConvertedAttribs[sAlgorithmNameAttribute];
+- if ( aString.equals( sBlowfish_Name ) || aString.equals( sBlowfish_URL ) )
+- {
+- aSequence[nNumProperty].Name = sEncryptionAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::BLOWFISH_CFB_8;
+- }
+- else if ( aString.equals( sAES256_URL ) )
+- {
+- aSequence[nNumProperty].Name = sEncryptionAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
+- OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 32, "Unexpected derived key length!" );
+- nDerivedKeySize = 32;
+- }
+- else if ( aString.equals( sAES192_URL ) )
+- {
+- aSequence[nNumProperty].Name = sEncryptionAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
+- OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 24, "Unexpected derived key length!" );
+- nDerivedKeySize = 24;
+- }
+- else if ( aString.equals( sAES128_URL ) )
+- {
+- aSequence[nNumProperty].Name = sEncryptionAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
+- OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 16, "Unexpected derived key length!" );
+- nDerivedKeySize = 16;
+- }
+- else
+- bIgnoreEncryptData = sal_True;
+-
+- if ( !bIgnoreEncryptData )
+- {
+- aString = aConvertedAttribs[sInitialisationVectorAttribute];
+- uno::Sequence < sal_Int8 > aDecodeBuffer;
+- ::sax::Converter::decodeBase64(aDecodeBuffer, aString);
+- aSequence[nNumProperty].Name = sInitialisationVectorProperty;
+- aSequence[nNumProperty++].Value <<= aDecodeBuffer;
+- }
+- }
+- }
+- else if ( aConvertedName == sKeyDerivationElement )
++ aString = rConvertedAttribs[sSaltAttribute];
++ uno::Sequence < sal_Int8 > aDecodeBuffer;
++ ::sax::Converter::decodeBase64(aDecodeBuffer, aString);
++ aSequence[nNumProperty].Name = sSaltProperty;
++ aSequence[nNumProperty++].Value <<= aDecodeBuffer;
++
++ aString = rConvertedAttribs[sIterationCountAttribute];
++ aSequence[nNumProperty].Name = sIterationCountProperty;
++ aSequence[nNumProperty++].Value <<= aString.toInt32();
++
++ aString = rConvertedAttribs[sKeySizeAttribute];
++ if ( aString.getLength() )
+ {
+- if ( !bIgnoreEncryptData )
+- {
+- OUString aString = aConvertedAttribs[sKeyDerivationNameAttribute];
+- if ( aString.equals( sPBKDF2_Name ) || aString.equals( sPBKDF2_URL ) )
+- {
+- aString = aConvertedAttribs[sSaltAttribute];
+- uno::Sequence < sal_Int8 > aDecodeBuffer;
+- ::sax::Converter::decodeBase64(aDecodeBuffer, aString);
+- aSequence[nNumProperty].Name = sSaltProperty;
+- aSequence[nNumProperty++].Value <<= aDecodeBuffer;
+-
+- aString = aConvertedAttribs[sIterationCountAttribute];
+- aSequence[nNumProperty].Name = sIterationCountProperty;
+- aSequence[nNumProperty++].Value <<= aString.toInt32();
+-
+- aString = aConvertedAttribs[sKeySizeAttribute];
+- if ( aString.getLength() )
+- {
+- sal_Int32 nKey = aString.toInt32();
+- OSL_ENSURE( !nDerivedKeySize || nKey == nDerivedKeySize , "Provided derived key length differs from the expected one!" );
+- nDerivedKeySize = nKey;
+- }
+- else if ( !nDerivedKeySize )
+- nDerivedKeySize = 16;
+- else if ( nDerivedKeySize != 16 )
+- OSL_ENSURE( sal_False, "Default derived key length differs from the expected one!" );
+-
+- aSequence[nNumProperty].Name = sDerivedKeySizeProperty;
+- aSequence[nNumProperty++].Value <<= nDerivedKeySize;
+- }
+- else
+- bIgnoreEncryptData = sal_True;
+- }
+- }
+- else if ( aConvertedName == sStartKeyAlgElement )
+- {
+- OUString aString = aConvertedAttribs[sStartKeyAlgNameAttribute];
+- if ( aString.equals( sSHA256_URL ) )
+- {
+- aSequence[nNumProperty].Name = sStartKeyAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA256;
+- }
+- else if ( aString.equals( sSHA1_Name ) || aString.equals( sSHA1_URL ) )
+- {
+- aSequence[nNumProperty].Name = sStartKeyAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA1;
+- }
+- else
+- bIgnoreEncryptData = sal_True;
++ sal_Int32 nKey = aString.toInt32();
++ OSL_ENSURE( !nDerivedKeySize || nKey == nDerivedKeySize , "Provided derived key length differs from the expected one!" );
++ nDerivedKeySize = nKey;
+ }
++ else if ( !nDerivedKeySize )
++ nDerivedKeySize = 16;
++ else if ( nDerivedKeySize != 16 )
++ OSL_ENSURE( sal_False, "Default derived key length differs from the expected one!" );
++
++ aSequence[nNumProperty].Name = sDerivedKeySizeProperty;
++ aSequence[nNumProperty++].Value <<= nDerivedKeySize;
++ }
++ else
++ bIgnoreEncryptData = sal_True;
++ }
++}
++
++void ManifestImport::doStartKeyAlg(StringHashMap &rConvertedAttribs)
++ throw( uno::RuntimeException )
++{
++ OUString aString = rConvertedAttribs[sStartKeyAlgNameAttribute];
++ if ( aString.equals( sSHA256_URL ) )
++ {
++ aSequence[nNumProperty].Name = sStartKeyAlgProperty;
++ aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA256;
++ }
++ else if ( aString.equals( sSHA1_Name ) || aString.equals( sSHA1_URL ) )
++ {
++ aSequence[nNumProperty].Name = sStartKeyAlgProperty;
++ aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA1;
++ }
++ else
++ bIgnoreEncryptData = sal_True;
++}
++
++// ---------------------------------------------------
++void SAL_CALL ManifestImport::startElement( const OUString& aName, const uno::Reference< xml::sax::XAttributeList >& xAttribs )
++ throw( xml::sax::SAXException, uno::RuntimeException )
++{
++ StringHashMap aConvertedAttribs;
++ ::rtl::OUString aConvertedName = PushNameAndNamespaces( aName, xAttribs, aConvertedAttribs );
++
++ size_t nLevel = aStack.size();
++
++ assert(nLevel >= 1);
++
++ switch (nLevel)
++ {
++ case 1:
++ {
++ if (!aConvertedName.equalsAscii(ELEMENT_MANIFEST)) //manifest:manifest
++ aStack.back().m_bValid = false;
++ break;
++ }
++ case 2:
++ {
++ if (aConvertedName == sFileEntryElement) //manifest:file-entry
++ doFileEntry(aConvertedAttribs);
++ else
++ aStack.back().m_bValid = false;
++ break;
++ }
++ case 3:
++ {
++ ManifestStack::reverse_iterator aIter = aStack.rbegin();
++ ++aIter;
++
++ if (!aIter->m_bValid)
++ aStack.back().m_bValid = false;
++ else if (aConvertedName.equals(sEncryptionDataElement)) //manifest:encryption-data
++ doEncryptionData(aConvertedAttribs);
++ else
++ aStack.back().m_bValid = false;
++ break;
++ }
++ case 4:
++ {
++ ManifestStack::reverse_iterator aIter = aStack.rbegin();
++ ++aIter;
++
++ if (!aIter->m_bValid)
++ aStack.back().m_bValid = false;
++ else if (aConvertedName.equals(sAlgorithmElement)) //manifest:algorithm,
++ doAlgorithm(aConvertedAttribs);
++ else if (aConvertedName.equals(sKeyDerivationElement)) //manifest:key-derivation,
++ doKeyDerivation(aConvertedAttribs);
++ else if (aConvertedName.equals(sStartKeyAlgElement)) //manifest:start-key-generation
++ doStartKeyAlg(aConvertedAttribs);
++ else
++ aStack.back().m_bValid = false;
++ break;
+ }
++ default:
++ aStack.back().m_bValid = false;
++ break;
+ }
+ }
+
+diff --git a/package/source/manifest/ManifestImport.hxx b/package/source/manifest/ManifestImport.hxx
+index 1c646a7..5681f45 100644
+--- a/package/source/manifest/ManifestImport.hxx
++++ b/package/source/manifest/ManifestImport.hxx
+@@ -46,10 +46,12 @@ struct ManifestScopeEntry
+ {
+ ::rtl::OUString m_aConvertedName;
+ StringHashMap m_aNamespaces;
++ bool m_bValid;
+
+ ManifestScopeEntry( const ::rtl::OUString& aConvertedName, const StringHashMap& aNamespaces )
+ : m_aConvertedName( aConvertedName )
+ , m_aNamespaces( aNamespaces )
++ , m_bValid( true )
+ {}
+
+ ~ManifestScopeEntry()
+@@ -148,6 +150,12 @@ public:
+ throw(::com::sun::star::xml::sax::SAXException, ::com::sun::star::uno::RuntimeException);
+ virtual void SAL_CALL setDocumentLocator( const ::com::sun::star::uno::Reference< ::com::sun::star::xml::sax::XLocator >& xLocator )
+ throw(::com::sun::star::xml::sax::SAXException, ::com::sun::star::uno::RuntimeException);
++private:
++ void doFileEntry(StringHashMap &rConvertedAttribs) throw(::com::sun::star::uno::RuntimeException);
++ void doEncryptionData(StringHashMap &rConvertedAttribs) throw(::com::sun::star::uno::RuntimeException);
++ void doAlgorithm(StringHashMap &rConvertedAttribs) throw(::com::sun::star::uno::RuntimeException);
++ void doKeyDerivation(StringHashMap &rConvertedAttribs) throw(::com::sun::star::uno::RuntimeException);
++ void doStartKeyAlg(StringHashMap &rConvertedAttribs) throw(::com::sun::star::uno::RuntimeException);
+ };
+ #endif
+
+--
+cgit v0.9.0.2-2-gbebe
+
+From 4a7164429b727bd8fd6f183950e85e6225869364 Mon Sep 17 00:00:00 2001
+From: Caolán McNamara <caolanm@redhat.com>
+Date: Mon, 28 May 2012 10:43:09 +0000
+Subject: count and order of receipt of properties doesn't matter
+
+so stick imported properties into assigned slots and throw out empty ones when
+finished. Reuse existing ids for this between import and export. Shuffle
+FULLPATH to 0 as per import comment
+
+Change-Id: I516116c5327498ad043f6e2fb9bd257599ade2a2
+---
+diff --git a/package/inc/PackageConstants.hxx b/package/inc/PackageConstants.hxx
+index be82010..7590acd 100644
+--- a/package/inc/PackageConstants.hxx
++++ b/package/inc/PackageConstants.hxx
+@@ -40,19 +40,19 @@ const sal_Int32 n_ConstDigestLength = 1024;
+ const sal_Int32 n_ConstDigestDecrypt = 1056; // 1024 + 32
+
+ // the constants related to the manifest.xml entries
+-#define PKG_MNFST_MEDIATYPE 0
+-#define PKG_MNFST_VERSION 1
+-#define PKG_MNFST_FULLPATH 2
++#define PKG_MNFST_FULLPATH 0 //FullPath (Put full-path property first for MBA)
++#define PKG_MNFST_VERSION 1 //Version
++#define PKG_MNFST_MEDIATYPE 2 //MediaType
+
+-#define PKG_MNFST_INIVECTOR 3
+-#define PKG_MNFST_SALT 4
+-#define PKG_MNFST_ITERATION 5
+-#define PKG_MNFST_UCOMPSIZE 6
+-#define PKG_MNFST_DIGEST 7
+-#define PKG_MNFST_ENCALG 8
+-#define PKG_MNFST_STARTALG 9
+-#define PKG_MNFST_DIGESTALG 10
+-#define PKG_MNFST_DERKEYSIZE 11
++#define PKG_MNFST_INIVECTOR 3 //InitialisationVector
++#define PKG_MNFST_SALT 4 //Salt
++#define PKG_MNFST_ITERATION 5 //IterationCount
++#define PKG_MNFST_UCOMPSIZE 6 //Size
++#define PKG_MNFST_DIGEST 7 //Digest
++#define PKG_MNFST_ENCALG 8 //EncryptionAlgorithm
++#define PKG_MNFST_STARTALG 9 //StartKeyAlgorithm
++#define PKG_MNFST_DIGESTALG 10 //DigestAlgorithm
++#define PKG_MNFST_DERKEYSIZE 11 //DerivedKeySize
+
+ #define PKG_SIZE_NOENCR_MNFST 3
+ #define PKG_SIZE_ENCR_MNFST 12
+diff --git a/package/source/manifest/ManifestImport.cxx b/package/source/manifest/ManifestImport.cxx
+index f8590fe..ac6c3ef 100644
+--- a/package/source/manifest/ManifestImport.cxx
++++ b/package/source/manifest/ManifestImport.cxx
+@@ -44,8 +44,7 @@ using ::rtl::OUString;
+
+ // ---------------------------------------------------
+ ManifestImport::ManifestImport( vector < Sequence < PropertyValue > > & rNewManVector )
+-: nNumProperty ( 0 )
+-, bIgnoreEncryptData ( sal_False )
++: bIgnoreEncryptData ( sal_False )
+ , nDerivedKeySize( 0 )
+ , rManVector ( rNewManVector )
+
+@@ -126,28 +125,26 @@ void SAL_CALL ManifestImport::endDocument( )
+ void ManifestImport::doFileEntry(StringHashMap &rConvertedAttribs)
+ throw( uno::RuntimeException )
+ {
+- aSequence.realloc ( PKG_SIZE_ENCR_MNFST );
++ aSequence.resize(PKG_SIZE_ENCR_MNFST);
+
+- // Put full-path property first for MBA
+- aSequence[nNumProperty].Name = sFullPathProperty;
+- aSequence[nNumProperty++].Value <<= rConvertedAttribs[sFullPathAttribute];
+- aSequence[nNumProperty].Name = sMediaTypeProperty;
+- aSequence[nNumProperty++].Value <<= rConvertedAttribs[sMediaTypeAttribute];
++ aSequence[PKG_MNFST_FULLPATH].Name = sFullPathProperty;
++ aSequence[PKG_MNFST_FULLPATH].Value <<= rConvertedAttribs[sFullPathAttribute];
++ aSequence[PKG_MNFST_MEDIATYPE].Name = sMediaTypeProperty;
++ aSequence[PKG_MNFST_MEDIATYPE].Value <<= rConvertedAttribs[sMediaTypeAttribute];
+
+ OUString sVersion = rConvertedAttribs[sVersionAttribute];
+ if ( sVersion.getLength() )
+ {
+- aSequence[nNumProperty].Name = sVersionProperty;
+- aSequence[nNumProperty++].Value <<= sVersion;
++ aSequence[PKG_MNFST_VERSION].Name = sVersionProperty;
++ aSequence[PKG_MNFST_VERSION].Value <<= sVersion;
+ }
+
+ OUString sSize = rConvertedAttribs[sSizeAttribute];
+ if ( sSize.getLength() )
+ {
+- sal_Int32 nSize;
+- nSize = sSize.toInt32();
+- aSequence[nNumProperty].Name = sSizeProperty;
+- aSequence[nNumProperty++].Value <<= nSize;
++ sal_Int32 nSize = sSize.toInt32();
++ aSequence[PKG_MNFST_UCOMPSIZE].Name = sSizeProperty;
++ aSequence[PKG_MNFST_UCOMPSIZE].Value <<= nSize;
+ }
+ }
+
+@@ -162,13 +159,13 @@ void ManifestImport::doEncryptionData(StringHashMap &rConvertedAttribs)
+ {
+ if ( aString.equals( sSHA1_1k_Name ) || aString.equals( sSHA1_1k_URL ) )
+ {
+- aSequence[nNumProperty].Name = sDigestAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA1_1K;
++ aSequence[PKG_MNFST_DIGESTALG].Name = sDigestAlgProperty;
++ aSequence[PKG_MNFST_DIGESTALG].Value <<= xml::crypto::DigestID::SHA1_1K;
+ }
+ else if ( aString.equals( sSHA256_1k_URL ) )
+ {
+- aSequence[nNumProperty].Name = sDigestAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA256_1K;
++ aSequence[PKG_MNFST_DIGESTALG].Name = sDigestAlgProperty;
++ aSequence[PKG_MNFST_DIGESTALG].Value <<= xml::crypto::DigestID::SHA256_1K;
+ }
+ else
+ bIgnoreEncryptData = sal_True;
+@@ -178,8 +175,8 @@ void ManifestImport::doEncryptionData(StringHashMap &rConvertedAttribs)
+ aString = rConvertedAttribs[sChecksumAttribute];
+ uno::Sequence < sal_Int8 > aDecodeBuffer;
+ ::sax::Converter::decodeBase64(aDecodeBuffer, aString);
+- aSequence[nNumProperty].Name = sDigestProperty;
+- aSequence[nNumProperty++].Value <<= aDecodeBuffer;
++ aSequence[PKG_MNFST_DIGEST].Name = sDigestProperty;
++ aSequence[PKG_MNFST_DIGEST].Value <<= aDecodeBuffer;
+ }
+ }
+ }
+@@ -192,27 +189,27 @@ void ManifestImport::doAlgorithm(StringHashMap &rConvertedAttribs)
+ OUString aString = rConvertedAttribs[sAlgorithmNameAttribute];
+ if ( aString.equals( sBlowfish_Name ) || aString.equals( sBlowfish_URL ) )
+ {
+- aSequence[nNumProperty].Name = sEncryptionAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::BLOWFISH_CFB_8;
++ aSequence[PKG_MNFST_ENCALG].Name = sEncryptionAlgProperty;
++ aSequence[PKG_MNFST_ENCALG].Value <<= xml::crypto::CipherID::BLOWFISH_CFB_8;
+ }
+ else if ( aString.equals( sAES256_URL ) )
+ {
+- aSequence[nNumProperty].Name = sEncryptionAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
++ aSequence[PKG_MNFST_ENCALG].Name = sEncryptionAlgProperty;
++ aSequence[PKG_MNFST_ENCALG].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
+ OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 32, "Unexpected derived key length!" );
+ nDerivedKeySize = 32;
+ }
+ else if ( aString.equals( sAES192_URL ) )
+ {
+- aSequence[nNumProperty].Name = sEncryptionAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
++ aSequence[PKG_MNFST_ENCALG].Name = sEncryptionAlgProperty;
++ aSequence[PKG_MNFST_ENCALG].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
+ OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 24, "Unexpected derived key length!" );
+ nDerivedKeySize = 24;
+ }
+ else if ( aString.equals( sAES128_URL ) )
+ {
+- aSequence[nNumProperty].Name = sEncryptionAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
++ aSequence[PKG_MNFST_ENCALG].Name = sEncryptionAlgProperty;
++ aSequence[PKG_MNFST_ENCALG].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
+ OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 16, "Unexpected derived key length!" );
+ nDerivedKeySize = 16;
+ }
+@@ -224,8 +221,8 @@ void ManifestImport::doAlgorithm(StringHashMap &rConvertedAttribs)
+ aString = rConvertedAttribs[sInitialisationVectorAttribute];
+ uno::Sequence < sal_Int8 > aDecodeBuffer;
+ ::sax::Converter::decodeBase64(aDecodeBuffer, aString);
+- aSequence[nNumProperty].Name = sInitialisationVectorProperty;
+- aSequence[nNumProperty++].Value <<= aDecodeBuffer;
++ aSequence[PKG_MNFST_INIVECTOR].Name = sInitialisationVectorProperty;
++ aSequence[PKG_MNFST_INIVECTOR].Value <<= aDecodeBuffer;
+ }
+ }
+ }
+@@ -241,12 +238,12 @@ void ManifestImport::doKeyDerivation(StringHashMap &rConvertedAttribs)
+ aString = rConvertedAttribs[sSaltAttribute];
+ uno::Sequence < sal_Int8 > aDecodeBuffer;
+ ::sax::Converter::decodeBase64(aDecodeBuffer, aString);
+- aSequence[nNumProperty].Name = sSaltProperty;
+- aSequence[nNumProperty++].Value <<= aDecodeBuffer;
++ aSequence[PKG_MNFST_SALT].Name = sSaltProperty;
++ aSequence[PKG_MNFST_SALT].Value <<= aDecodeBuffer;
+
+ aString = rConvertedAttribs[sIterationCountAttribute];
+- aSequence[nNumProperty].Name = sIterationCountProperty;
+- aSequence[nNumProperty++].Value <<= aString.toInt32();
++ aSequence[PKG_MNFST_ITERATION].Name = sIterationCountProperty;
++ aSequence[PKG_MNFST_ITERATION].Value <<= aString.toInt32();
+
+ aString = rConvertedAttribs[sKeySizeAttribute];
+ if ( aString.getLength() )
+@@ -260,8 +257,8 @@ void ManifestImport::doKeyDerivation(StringHashMap &rConvertedAttribs)
+ else if ( nDerivedKeySize != 16 )
+ OSL_ENSURE( sal_False, "Default derived key length differs from the expected one!" );
+
+- aSequence[nNumProperty].Name = sDerivedKeySizeProperty;
+- aSequence[nNumProperty++].Value <<= nDerivedKeySize;
++ aSequence[PKG_MNFST_DERKEYSIZE].Name = sDerivedKeySizeProperty;
++ aSequence[PKG_MNFST_DERKEYSIZE].Value <<= nDerivedKeySize;
+ }
+ else
+ bIgnoreEncryptData = sal_True;
+@@ -274,13 +271,13 @@ void ManifestImport::doStartKeyAlg(StringHashMap &rConvertedAttribs)
+ OUString aString = rConvertedAttribs[sStartKeyAlgNameAttribute];
+ if ( aString.equals( sSHA256_URL ) )
+ {
+- aSequence[nNumProperty].Name = sStartKeyAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA256;
++ aSequence[PKG_MNFST_STARTALG].Name = sStartKeyAlgProperty;
++ aSequence[PKG_MNFST_STARTALG].Value <<= xml::crypto::DigestID::SHA256;
+ }
+ else if ( aString.equals( sSHA1_Name ) || aString.equals( sSHA1_URL ) )
+ {
+- aSequence[nNumProperty].Name = sStartKeyAlgProperty;
+- aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA1;
++ aSequence[PKG_MNFST_STARTALG].Name = sStartKeyAlgProperty;
++ aSequence[PKG_MNFST_STARTALG].Value <<= xml::crypto::DigestID::SHA1;
+ }
+ else
+ bIgnoreEncryptData = sal_True;
+@@ -349,6 +346,14 @@ void SAL_CALL ManifestImport::startElement( const OUString& aName, const uno::Re
+ }
+ }
+
++namespace
++{
++ bool isEmpty(const com::sun::star::beans::PropertyValue &rProp)
++ {
++ return rProp.Name.isEmpty();
++ }
++}
++
+ // ---------------------------------------------------
+ void SAL_CALL ManifestImport::endElement( const OUString& aName )
+ throw( xml::sax::SAXException, uno::RuntimeException )
+@@ -356,12 +361,16 @@ void SAL_CALL ManifestImport::endElement( const OUString& aName )
+ ::rtl::OUString aConvertedName = ConvertName( aName );
+ if ( !aStack.empty() && aStack.rbegin()->m_aConvertedName.equals( aConvertedName ) )
+ {
+- if ( aConvertedName.equals( sFileEntryElement ) )
++ if ( aConvertedName.equals( sFileEntryElement ) && aStack.back().m_bValid )
+ {
+- aSequence.realloc ( nNumProperty );
++ com::sun::star::beans::PropertyValue aEmpty;
++ aSequence.erase(std::remove_if(aSequence.begin(), aSequence.end(),
++ isEmpty), aSequence.end());
++
+ bIgnoreEncryptData = sal_False;
+- rManVector.push_back ( aSequence );
+- nNumProperty = 0;
++ rManVector.push_back ( aSequence.getAsConstList() );
++
++ aSequence.clear();
+ }
+
+ aStack.pop_back();
+diff --git a/package/source/manifest/ManifestImport.hxx b/package/source/manifest/ManifestImport.hxx
+index 5681f45..68afefd 100644
+--- a/package/source/manifest/ManifestImport.hxx
++++ b/package/source/manifest/ManifestImport.hxx
+@@ -31,6 +31,7 @@
+
+ #include <cppuhelper/implbase1.hxx> // helper for implementations
+ #include <com/sun/star/xml/sax/XDocumentHandler.hpp>
++#include <comphelper/sequenceasvector.hxx>
+ #include <vector>
+
+ #include <HashMaps.hxx>
+@@ -63,8 +64,7 @@ typedef ::std::vector< ManifestScopeEntry > ManifestStack;
+ class ManifestImport : public cppu::WeakImplHelper1 < com::sun::star::xml::sax::XDocumentHandler >
+ {
+ protected:
+- com::sun::star::uno::Sequence < com::sun::star::beans::PropertyValue > aSequence;
+- sal_Int16 nNumProperty;
++ comphelper::SequenceAsVector< com::sun::star::beans::PropertyValue > aSequence;
+ ManifestStack aStack;
+ sal_Bool bIgnoreEncryptData;
+ sal_Int32 nDerivedKeySize;
+--
+cgit v0.9.0.2-2-gbebe
diff -Nru libreoffice-3.5.4/debian/patches/series libreoffice-3.5.4/debian/patches/series
--- libreoffice-3.5.4/debian/patches/series 2012-07-19 11:09:22.000000000 +0200
+++ libreoffice-3.5.4/debian/patches/series 2012-08-01 10:40:59.000000000 +0200
@@ -42,3 +42,5 @@
fix-legacy-report-opening.diff
evolution-3.4.diff
CVE-2012-2334-clip-max-entries.diff
+CVE-2012-2665.diff
+CVE-2012-2665-binfilter.diff
Reply to: