[gnumeric] xls: fuzzed file fix re records spanning biff records.

[Morten Welinder <mortenw src gnome org>]

commit f9c8f0199647a73b9edb4e2402067416dbcaac17
Author: Morten Welinder <terra gnome org>
Date:   Tue Jul 7 11:32:42 2015 -0400

    xls: fuzzed file fix re records spanning biff records.

 NEWS                    |    2 +-
 plugins/excel/ChangeLog |    5 +++++
 plugins/excel/ms-biff.c |    1 +
 3 files changed, 7 insertions(+), 1 deletions(-)
---
diff --git a/NEWS b/NEWS
index 263d129..8771216 100644
--- a/NEWS
+++ b/NEWS
@@ -33,7 +33,7 @@ Morten:
          [#750811] [#750810] [#750857] [#750864] [#750862] [#750858]
          [#751126] [#751254] [#751253] [#750851] [#751258] [#751259]
          [#751502] [#751390] [#751579] [#751659] [#751660] [#751662]
-         [#751970] [#752022] [#751988] [#752021]
+         [#751970] [#752022] [#751988] [#752021] [#752080]
        * Make solver check linearity of model.
        * Fix xls saving of marker style.  [#749185]
        * Make compilation with clang work again.  [#749138]
diff --git a/plugins/excel/ChangeLog b/plugins/excel/ChangeLog
index dae132f..e2730ec 100644
--- a/plugins/excel/ChangeLog
+++ b/plugins/excel/ChangeLog
@@ -1,3 +1,8 @@
+2015-07-07  Morten Welinder  <terra gnome org>
+
+       * ms-biff.c (ms_biff_query_bound_check): When we span records --
+       unhandled -- signal that as an error.  Fixes #752080.
+
 2015-07-06  Jean Brefort  <jean brefort normalesup org>
 
        * ms-excel-read.c (excel_read_BOF): fuzzed file issue. [#751989]
diff --git a/plugins/excel/ms-biff.c b/plugins/excel/ms-biff.c
index 182bb14..7af88a2 100644
--- a/plugins/excel/ms-biff.c
+++ b/plugins/excel/ms-biff.c
@@ -80,6 +80,7 @@ ms_biff_query_bound_check (BiffQuery *q, guint32 offset, unsigned len)
 
        if ((offset + len) > q->length) {
                g_warning ("supposedly atomic item of len %u sst spans CONTINUEs, we are screwed", len);
+               return (guint32)-1;
        }
        return offset;
 }