[gnumeric] xls: fuzzed file fix.
- From: Morten Welinder <mortenw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnumeric] xls: fuzzed file fix.
- Date: Mon, 4 Jan 2016 20:49:22 +0000 (UTC)
commit 3fa64e9fd03ca896600de46699de8d0e02839855
Author: Morten Welinder <terra gnome org>
Date: Mon Jan 4 15:49:06 2016 -0500
xls: fuzzed file fix.
NEWS | 2 +-
plugins/excel/ChangeLog | 3 ++-
plugins/excel/ms-obj.c | 2 ++
3 files changed, 5 insertions(+), 2 deletions(-)
---
diff --git a/NEWS b/NEWS
index c9716da..a5583dd 100644
--- a/NEWS
+++ b/NEWS
@@ -9,7 +9,7 @@ Morten:
* Teach ssconvert to split sheets into separate .txt files [#694408]
* Improve test suite.
* Fuzzed file fixes. [#760046] [#760085] [#760087] [#760089]
- [#760043] [#760103] [#760102] [#760101]
+ [#760043] [#760103] [#760102] [#760101] [#760105]
--------------------------------------------------------------------------
Gnumeric 1.12.26
diff --git a/plugins/excel/ChangeLog b/plugins/excel/ChangeLog
index 379ed91..2859d86 100644
--- a/plugins/excel/ChangeLog
+++ b/plugins/excel/ChangeLog
@@ -1,6 +1,7 @@
2016-01-04 Morten Welinder <terra gnome org>
- * ms-obj.c (ms_obj_read_biff8_obj): Fuzzed file fix. #760101.
+ * ms-obj.c (ms_obj_read_biff8_obj): Fuzzed file fixes. Fixes
+ #760101 and #760105.
2016-01-03 Morten Welinder <terra gnome org>
diff --git a/plugins/excel/ms-obj.c b/plugins/excel/ms-obj.c
index f1c9101..c27b36a 100644
--- a/plugins/excel/ms-obj.c
+++ b/plugins/excel/ms-obj.c
@@ -995,6 +995,8 @@ ms_obj_read_biff8_obj (BiffQuery *q, MSContainer *c, MSObj *obj)
*/
guint16 len = GSF_LE_GET_GUINT16(data+2);
+ XL_CHECK_CONDITION_VAL (data_len_left >= 4 + len, TRUE);
+
/* 1st record must be COMMON_OBJ*/
XL_CHECK_CONDITION_VAL (obj->excel_type >= 0 ||
record_type == GR_COMMON_OBJ_DATA,
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
