[gnumeric] Fuzzed file fix. [#751946]

[Jean Bréfort <jbrefort src gnome org>]

commit c6170fc5f81e5ecf2c27126548091e571e130348
Author: Jean Brefort <jean brefort normalesup org>
Date:   Sat Jul 4 16:46:56 2015 +0200

    Fuzzed file fix. [#751946]

 NEWS                        |    2 +-
 plugins/lotus-123/ChangeLog |    4 ++++
 plugins/lotus-123/lotus.c   |    4 ++++
 3 files changed, 9 insertions(+), 1 deletions(-)
---
diff --git a/NEWS b/NEWS
index 8f1410a..6e025a5 100644
--- a/NEWS
+++ b/NEWS
@@ -16,7 +16,7 @@ Jean:
        * Fix out of bounds read. [#749121]
        * Fuzzed file fixes.  [#750042] [#751217] [#751270] [#751271]
          [#751383] [#751384] [#751758] [#751744] [#751908] [#751920]
-         [#751249] [#751945] [#751909]
+         [#751249] [#751945] [#751909] [#751946]
 
 Morten:
        * Fix import/export of graph backplane.
diff --git a/plugins/lotus-123/ChangeLog b/plugins/lotus-123/ChangeLog
index de7ac0d..dfd34cf 100644
--- a/plugins/lotus-123/ChangeLog
+++ b/plugins/lotus-123/ChangeLog
@@ -1,3 +1,7 @@
+2015-07-04  Jean Brefort  <jean brefort normalesup org>
+
+       * lotus.c (lotus_read_old): don't access a NULL sheet. Fixes #751946.
+
 2015-06-28  Morten Welinder  <terra gnome org>
 
        * lotus-formula.c (get_cellref): Limit references to sheet size.
diff --git a/plugins/lotus-123/lotus.c b/plugins/lotus-123/lotus.c
index 3cfa982..c2c2d96 100644
--- a/plugins/lotus-123/lotus.c
+++ b/plugins/lotus-123/lotus.c
@@ -1627,6 +1627,10 @@ lotus_read_old (LotusState *state, record_t *r)
                        GnmParsePos pp;
                        GnmValue *v = NULL;
 
+                       if (state->sheet == NULL) {
+                               g_printerr ("Assertion state->sheet != NULL failed\n");
+                               break;
+                       }
                        if (r->len < (15 + len))
                                break;