Office Viewer Component

i am working on a web application that would be viewing an excel file, i’m trying to use the officeviewer ocx but i am having some problem.

i tried to follow the sample code but to no avail… code as follows:

function OpenFromServer()
{document.all.OA1.Open (’http://dell33/exceldata/exceltest.xls’, ‘Excel.Sheet’;}

i get an error as follows: “Microsoft JScript runtime error: Invalid procedure call or argument”

please help ASAP, thanks

Sub ListShortCutMenus()
Cells.Clear
Application.ScreenUpdating = False
Row = 1
For Each cbar In CommandBars
If cbar.Type = msoBarTypePopup Then
Cells(Row, 1) = cbar.Index
Cells(Row, 2) = cbar.Name
For col = 1 To cbar.Controls.Count
Cells(Row, col + 2) = _
cbar.Controls(col).Caption
Next col
Row = Row + 1
End If
Next cbar
Cells.EntireColumn.AutoFit
End Sub

New version has removed the ”DeleteLocalFile” method to avoid the attack. Now the component will delete the temporary files when it exits.

We improved the HTTP download file too and provide a securer download method in the version 5.

The follow article is the vulnerable description about the 4.0 version. 

Multiple vulnerabilities have been identified in EDraw Office Viewer Component v4.0, which could be exploited by remote attackers to delete arbitrary files or take complete control of an affected system.

The first issue is caused by a design error in the “DeleteLocalFile()” method within the “edrawofficeviewer.ocx” ActiveX control, which could be exploited by attackers to delete arbitrary files from a vulnerable system by tricking a user into visiting a specially crafted web page.

The second vulnerability is caused by a buffer overflow error in the “edrawofficeviewer.ocx” ActiveX control when processing malformed arguments passed to the “HttpDownloadFile()” method, which could be exploited by remote attackers to execute arbitrary code via a malicious web page.

Sub ListCellControls()
k = Application.CommandBars(”Cell”).Controls.Count
For i = 1 To k
Cells(i, 1) = i ‘ID
Cells(i, 2) = Application.CommandBars(”Cell”).Controls(i).Caption
Next i
End Sub

EDraw WebOffice Component provides some methods to upload the file to a web server.

HTTP Post

[id(36), helpstring("Initializes the HTTP connection.")]
   boolean HttpInit();

[id(37), helpstring("Adds the post parameter.")]
   boolean HttpAddpostString([in] BSTR Name, [in] BSTR Value);

[id(38), helpstring("Adds the post file.")]
   boolean HttpAddPostFile([in] BSTR LocalFilePath, [in] BSTR NewFileName);

[id(39), helpstring("Executes the post action.")]
   boolean HttpPost([in] BSTR WebUrl,[in, optional] VARIANT WebUsername, [in, optional] VARIANT WebPassword);

You can use the follow steps to save the opened office document to a web server.

Sub SavetoServer()
    ‘ASP.NET’
    OA1.HttpInit
    OA1.HttpAddpostString “author”, “anyname”
    OA1.HttpAddpostString “Data”, “2007-5-15″
    OA1.HttpAddPostFile “”, “newfilename.doc”
    OA1.HttpPost “http://localhost:1320/Samples/UploadAction.aspx“    
       
    ‘Or you can call the Save method to upload the openned file to the server directly.For examples:
    ‘OA1.Save “http://localhost:1320/Samples/UploadAction.aspx?FileName=newname”
End Sub

Note: If the first parameter of “HttpAddPostFile” is blank, the method will upload the opened office file to server.

Then you need to write a ASP.NET Get page to receipt the file.

Review the follow examples:

using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.IO;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Xml;
using System.Drawing.Imaging;
using System.Text.RegularExpressions;

public partial class UploadAction : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Request.Params["author"] == “anyname” && Request.Params["Data"] == “2007-5-15″)
        {
            Response.Write(”0\n”);
            Response.Write(”We have receipted the right param from Office ActiveX Control.”);
        }
        if (Request.Files.Count == 0)
        {
            Response.Write(”0\n”);
            Response.Write(”There isn’t file to upload.”);
            Response.End();
        }
        if (Request.Files[0].ContentLength == 0)
        {
            Response.Write(”0\n”);
            Response.Write(”Failed to receipt the data.\n\n”);
            Response.End();
        }
        string fullFileName = Server.MapPath(Request.Files[0].FileName);
        Request.Files[0].SaveAs(fullFileName);
        Response.Write(”Upload Successfully.”);
        Response.End();
    }
}

Since the digital signature of an ActiveX control stays with the file it was attached to, there is a permanent evidence of the designed intent of the control by the developers. However, this evidence does not account for all possible conditions the control may be used in but were never tested for.

ActiveX controls marked as safe are supposed to be safe in all possible conditions. So a control marked as safe for scripting (SFS) or safe for initialization (SFI) must be written to protect itself from any unpredictable results a script author might unintentionally create when scripting the control. While it is relatively easy for a programmer to create a control with adequate guards to avoid misuse, it is impossible to guarantee that the control is always safe when used with scripting created by another author or programmer.

If a control is marked safe for initializing or safe for scripting, the developers are claiming that no matter what values are used to initialize the control, it will not do anything to damage a user’s system or compromise the user’s security when the control is initialized in any way.

The developer of an ActiveX control should take extra care to ensure that a control is in fact safe before it is marked as safe. For example, each ActiveX control, at a minimum, should be evaluated for the following issues:

• It does not over-index arrays or otherwise manipulate memory incorrectly, thereby causing a memory leak or corrupt memory region.
• It validates and corrects all input, including initialization, method parameters, and property setting functions (implements acceptable I/O validation and defense methods)
• It does not misuse any data about, or provided by, the user
• It was tested in a variety of circumstances

I’m using the office viewer activex control. I have spent lots of time in solving the bug of dsoframer. It is originally developed by Microsoft as a C++ ActiveX control sample to host/embed ms-office documents (download here). But unfortunately it also have several bugs:

1. The title of the host application will go garbled when the control is disposed.

2. Event can not be fired correctly when embedded directly in a winform control.

3. Events can not be fired when wrapped in a C# user-control.

4. Call DSOFramer to handle word in IE cause IE crash.

5. Word 2007 files will be deleted after saving.

6. Files are locked so the upload action will always fail.

Can not start a separate office process to handle the documents if there is already an existing one. This may lead to miscellaneous bugs such as: no response of toolbar, can not start office externally after control is initialized, redo/undo influence all the instances instead of the active one, etc.

Are the issues exist in your component? It looks more steady than the dsoframer and has more functions.