From 7ac3d8a612037593a9991ecf627d3538c4796854 Mon Sep 17 00:00:00 2001
From: Thomas Fussell <thomas.fussell@gmail.com>
Date: Sun, 27 Nov 2016 15:47:12 +0100
Subject: [PATCH] fix out of bounds error in mwvc and gcc by creating a
 temporary vector during decryption

---
 source/detail/xlsx_crypto.cpp | 10 +++++++---
 third-party/botan             |  2 +-
 third-party/libstudxml        |  2 +-
 third-party/pugixml           |  2 +-
 third-party/utfcpp            |  2 +-
 5 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/source/detail/xlsx_crypto.cpp b/source/detail/xlsx_crypto.cpp
index 6516a5cb..77039331 100644
--- a/source/detail/xlsx_crypto.cpp
+++ b/source/detail/xlsx_crypto.cpp
@@ -617,10 +617,14 @@ struct crypto_helper
             auto iv = hash(result.key_encryptor.hash, salt_with_block_key);
             iv.resize(16);
 
-            auto decrypted_segment = aes(key, iv, std::vector<std::uint8_t>(
-                encrypted_package.begin() + static_cast<std::ptrdiff_t>(i),
-                encrypted_package.begin() + static_cast<std::ptrdiff_t>(i) + segment_length),
+            auto segment_begin = encrypted_package.begin() + static_cast<std::ptrdiff_t>(i);
+            auto current_segment_length = static_cast<std::ptrdiff_t>(
+                std::min(segment_length, encrypted_package.size() - i));
+            auto segment_end = encrypted_package.begin() + i + current_segment_length;
+            encrypted_segment.assign(segment_begin, segment_end);
+            auto decrypted_segment = aes(key, iv, encrypted_segment,
                 cipher_chaining::cbc, cipher_direction::decryption);
+            decrypted_segment.resize(current_segment_length);
 
             decrypted_package.insert(decrypted_package.end(), 
                 decrypted_segment.begin(), decrypted_segment.end());
diff --git a/third-party/botan b/third-party/botan
index 923a95d5..5372d0b4 160000
--- a/third-party/botan
+++ b/third-party/botan
@@ -1 +1 @@
-Subproject commit 923a95d546df5b6d31f39b0af900d0361fb2e6a6
+Subproject commit 5372d0b499ad317ab3776c9ac92df866cc6a1e84
diff --git a/third-party/libstudxml b/third-party/libstudxml
index 132522ca..f94dd7cc 160000
--- a/third-party/libstudxml
+++ b/third-party/libstudxml
@@ -1 +1 @@
-Subproject commit 132522ca4c895e9b07d7e323d5529474806e5829
+Subproject commit f94dd7ccee2014ab6240efbf5074b2f39dc32225
diff --git a/third-party/pugixml b/third-party/pugixml
index a832e8a5..91bf7023 160000
--- a/third-party/pugixml
+++ b/third-party/pugixml
@@ -1 +1 @@
-Subproject commit a832e8a5eff11f58a00ca41ec51ff3895b0da165
+Subproject commit 91bf70231aae8eddaccd5a6f5b0833712c471cb3
diff --git a/third-party/utfcpp b/third-party/utfcpp
index a5ad5ec9..0232ab81 160000
--- a/third-party/utfcpp
+++ b/third-party/utfcpp
@@ -1 +1 @@
-Subproject commit a5ad5ec9d936d63e9c010d1054f8b11fed0fabbc
+Subproject commit 0232ab8188b16ae6f2293a5817f1d9b0030879a3