[gnumeric] xls: plug leak on fuzzed file
- From: Morten Welinder <mortenw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnumeric] xls: plug leak on fuzzed file
- Date: Tue, 23 Jun 2015 00:24:31 +0000 (UTC)
commit 0ef7b1a013458be5fead484d2082bc701a8445b8
Author: Morten Welinder <terra gnome org>
Date: Sat Jun 20 20:22:14 2015 -0400
xls: plug leak on fuzzed file
plugins/excel/ChangeLog | 2 ++
plugins/excel/ms-chart.c | 15 +++++++++------
2 files changed, 11 insertions(+), 6 deletions(-)
---
diff --git a/plugins/excel/ChangeLog b/plugins/excel/ChangeLog
index cf604b5..967092f 100644
--- a/plugins/excel/ChangeLog
+++ b/plugins/excel/ChangeLog
@@ -29,6 +29,8 @@
2015-06-20 Morten Welinder <terra gnome org>
+ * ms-chart.c (ai): Avoid expression leak on broken file.
+
* xlsx-read.c (attr_uint): Typo.
* xls-read-pivot.c (xls_read_pivot_cache): Don't trust large
diff --git a/plugins/excel/ms-chart.c b/plugins/excel/ms-chart.c
index 7ea8fd0..5085b33 100644
--- a/plugins/excel/ms-chart.c
+++ b/plugins/excel/ms-chart.c
@@ -372,12 +372,15 @@ BC_R(ai)(XLChartHandler const *handle,
if (texpr != NULL) {
Sheet *sheet = ms_container_sheet (s->container.parent);
- g_return_val_if_fail (sheet != NULL, FALSE);
- g_return_val_if_fail (s->currentSeries != NULL, TRUE);
-
- s->currentSeries->data [purpose].data = (purpose == GOG_MS_DIM_LABELS)
- ? gnm_go_data_scalar_new_expr (sheet, texpr)
- : gnm_go_data_vector_new_expr (sheet, texpr);
+ if (sheet && s->currentSeries)
+ s->currentSeries->data [purpose].data = (purpose == GOG_MS_DIM_LABELS)
+ ? gnm_go_data_scalar_new_expr (sheet, texpr)
+ : gnm_go_data_vector_new_expr (sheet, texpr);
+ else {
+ gnm_expr_top_unref (texpr);
+ g_return_val_if_fail (sheet != NULL, FALSE);
+ g_return_val_if_fail (s->currentSeries != NULL, TRUE);
+ }
}
} else if (ref_type == 1 && purpose != GOG_MS_DIM_LABELS &&
s->currentSeries &&
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
