[gnumeric] xls: fix escher record length check.
- From: Morten Welinder <mortenw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnumeric] xls: fix escher record length check.
- Date: Wed, 29 Jul 2015 02:09:14 +0000 (UTC)
commit 5219768b4fc0898bea5d3babc8b1a9e8a6d4fc83
Author: Morten Welinder <terra gnome org>
Date: Tue Jul 28 22:08:15 2015 -0400
xls: fix escher record length check.
1. The check against length of records should have been ">".
2. But it's wrong in any case as we can get biff_continue records.
plugins/excel/ms-escher.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
---
diff --git a/plugins/excel/ms-escher.c b/plugins/excel/ms-escher.c
index 739492a..c37647f 100644
--- a/plugins/excel/ms-escher.c
+++ b/plugins/excel/ms-escher.c
@@ -2104,8 +2104,10 @@ ms_escher_read_container (MSEscherState *state, MSEscherHeader *container,
h.fbt = GSF_LE_GET_GUINT16 (data + 2);
datalen = GSF_LE_GET_GUINT32 (data + 4);
- if (h.offset > state->end_offset || datalen >= MIN (0xfffffff0, (unsigned) (state->end_offset
- h.offset))) {
- g_warning ("Crazy data length in escher record");
+ if (h.offset > state->end_offset || datalen >= 0xfffffff0) {
+ g_warning ("Crazy data length in escher record. (%d,%d,%d,%d)",
+ h.offset, state->end_offset, datalen,
+ (state->end_offset - h.offset));
ms_escher_header_release (&h);
return TRUE;
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
