[gnumeric] xls7: handle bogus array constant
- From: Morten Welinder <mortenw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnumeric] xls7: handle bogus array constant
- Date: Mon, 29 Jun 2015 17:57:50 +0000 (UTC)
commit dd19c19d3e14ad391b381211de410e2e4e666cda
Author: Morten Welinder <terra gnome org>
Date: Mon Jun 29 13:57:22 2015 -0400
xls7: handle bogus array constant
NEWS | 2 +-
plugins/excel/ChangeLog | 5 +++++
plugins/excel/ms-formula-read.c | 8 ++++++--
3 files changed, 12 insertions(+), 3 deletions(-)
---
diff --git a/NEWS b/NEWS
index 506e58e..f0eaeba 100644
--- a/NEWS
+++ b/NEWS
@@ -30,7 +30,7 @@ Morten:
[#749424] [#749917] [#749919] [#750043] [#750044] [#750046]
[#750811] [#750810] [#750857] [#750864] [#750862] [#750858]
[#751126] [#751254] [#751253] [#750851] [#751258] [#751259]
- [#751502] [#751390] [#751579]
+ [#751502] [#751390] [#751579] [#751659]
* Make solver check linearity of model.
* Fix xls saving of marker style. [#749185]
* Make compilation with clang work again. [#749138]
diff --git a/plugins/excel/ChangeLog b/plugins/excel/ChangeLog
index deadb0b..e358e62 100644
--- a/plugins/excel/ChangeLog
+++ b/plugins/excel/ChangeLog
@@ -1,5 +1,10 @@
2015-06-29 Morten Welinder <terra gnome org>
+ * ms-formula-read.c (excel_parse_formula1): Survive bogus array
+ constant. Fixes #751659.
+
+2015-06-29 Morten Welinder <terra gnome org>
+
* ms-excel-read.c (excel_read_CF): Plug leak when reading fuzzed
file.
diff --git a/plugins/excel/ms-formula-read.c b/plugins/excel/ms-formula-read.c
index 5af84e9..3494a93 100644
--- a/plugins/excel/ms-formula-read.c
+++ b/plugins/excel/ms-formula-read.c
@@ -1434,8 +1434,12 @@ excel_parse_formula1 (MSContainer const *container,
if (ver >= MS_BIFF_V8) {
cols++;
rows++;
- } else if (cols == 0)
- cols = 256;
+ } else {
+ if (cols == 0)
+ cols = 256;
+ if (rows == 0)
+ rows = 1; /* ??? */
+ }
v = value_new_array (cols, rows);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
