[gnumeric] xls: fuzzed file fix.
- From: Morten Welinder <mortenw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnumeric] xls: fuzzed file fix.
- Date: Mon, 1 Jun 2015 14:59:25 +0000 (UTC)
commit 80263c320f5f20da0a9a0c6c86377344a9991115
Author: Morten Welinder <terra gnome org>
Date: Mon Jun 1 10:59:11 2015 -0400
xls: fuzzed file fix.
NEWS | 2 +-
plugins/excel/ChangeLog | 1 +
plugins/excel/ms-excel-read.c | 3 ++-
3 files changed, 4 insertions(+), 2 deletions(-)
---
diff --git a/NEWS b/NEWS
index 5892aef..ce647c8 100644
--- a/NEWS
+++ b/NEWS
@@ -18,7 +18,7 @@ Morten:
* Fuzzed file fixes. [#748595] [#748597] [#749031] [#749030]
[#749069] [#748533] [#749118] [#749166] [#749181] [#749184]
[#749236] [#749240] [#749234] [#749235] [#749271] [#749270]
- [#749424] [#749917] [#749919] [#750043]
+ [#749424] [#749917] [#749919] [#750043] [#750044]
* Make solver check linearity of model.
* Fix xls saving of marker style. [#749185]
* Make compilation with clang work again. [#749138]
diff --git a/plugins/excel/ChangeLog b/plugins/excel/ChangeLog
index 65d5cc8..adc2e0a 100644
--- a/plugins/excel/ChangeLog
+++ b/plugins/excel/ChangeLog
@@ -4,6 +4,7 @@
buffer.
(excel_read_os2bmp): Check that image length makes sense. Fixes
#750043.
+ (excel_read_FONT): Fix record length check. Fixes #750044.
2015-05-30 Jean Brefort <jean brefort normalesup org>
diff --git a/plugins/excel/ms-excel-read.c b/plugins/excel/ms-excel-read.c
index dac9654..56029f6 100644
--- a/plugins/excel/ms-excel-read.c
+++ b/plugins/excel/ms-excel-read.c
@@ -1628,7 +1628,8 @@ excel_read_FONT (BiffQuery *q, GnmXLImporter *importer)
cp = gnm_font_override_codepage (fd->fontname);
fd->codepage = (cp > 0 ? cp : 1252);
} else {
- XL_CHECK_CONDITION (q->length >= 11);
+ XL_CHECK_CONDITION (q->length >= 13);
+
fd->color_idx = GSF_LE_GET_GUINT16 (q->data + 4);
fd->boldness = GSF_LE_GET_GUINT16 (q->data + 6);
data = GSF_LE_GET_GUINT16 (q->data + 8);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
