From 85e7dc6b513bb836dcd1c0b9c0f11c246b0ee3db Mon Sep 17 00:00:00 2001
From: Michael Meeks <mmeeks@src.gnome.org>
Date: Sat, 14 Nov 1998 17:39:44 +0000
Subject: [PATCH] Fatal font bug fix

---
 ChangeLog-1999-07-09          |  5 +++++
 ChangeLog-2000-02-23          |  5 +++++
 OChangeLog-1999-07-09         |  5 +++++
 OChangeLog-2000-02-23         |  5 +++++
 plugins/excel/ms-excel-read.c | 10 +++++-----
 plugins/excel/ms-excel.c      | 10 +++++-----
 6 files changed, 30 insertions(+), 10 deletions(-)

diff --git a/ChangeLog-1999-07-09 b/ChangeLog-1999-07-09
index 5530dda6f..6c77e0d63 100644
--- a/ChangeLog-1999-07-09
+++ b/ChangeLog-1999-07-09
@@ -1,3 +1,8 @@
+1998-11-14  Michael Meeks    <michael@imaginator.com>
+
+	* plugins/excel/ms-excel.c(ms_excel_set_cell_font): Fixed buffer
+	overflow bug, and secured sprintf.
+
 1998-11-12  Bruno Unna       <bruno@iac.com.mx>
 
 	* plugins/excel/ms-excel.c: added support for fount size.
diff --git a/ChangeLog-2000-02-23 b/ChangeLog-2000-02-23
index 5530dda6f..6c77e0d63 100644
--- a/ChangeLog-2000-02-23
+++ b/ChangeLog-2000-02-23
@@ -1,3 +1,8 @@
+1998-11-14  Michael Meeks    <michael@imaginator.com>
+
+	* plugins/excel/ms-excel.c(ms_excel_set_cell_font): Fixed buffer
+	overflow bug, and secured sprintf.
+
 1998-11-12  Bruno Unna       <bruno@iac.com.mx>
 
 	* plugins/excel/ms-excel.c: added support for fount size.
diff --git a/OChangeLog-1999-07-09 b/OChangeLog-1999-07-09
index 5530dda6f..6c77e0d63 100644
--- a/OChangeLog-1999-07-09
+++ b/OChangeLog-1999-07-09
@@ -1,3 +1,8 @@
+1998-11-14  Michael Meeks    <michael@imaginator.com>
+
+	* plugins/excel/ms-excel.c(ms_excel_set_cell_font): Fixed buffer
+	overflow bug, and secured sprintf.
+
 1998-11-12  Bruno Unna       <bruno@iac.com.mx>
 
 	* plugins/excel/ms-excel.c: added support for fount size.
diff --git a/OChangeLog-2000-02-23 b/OChangeLog-2000-02-23
index 5530dda6f..6c77e0d63 100644
--- a/OChangeLog-2000-02-23
+++ b/OChangeLog-2000-02-23
@@ -1,3 +1,8 @@
+1998-11-14  Michael Meeks    <michael@imaginator.com>
+
+	* plugins/excel/ms-excel.c(ms_excel_set_cell_font): Fixed buffer
+	overflow bug, and secured sprintf.
+
 1998-11-12  Bruno Unna       <bruno@iac.com.mx>
 
 	* plugins/excel/ms-excel.c: added support for fount size.
diff --git a/plugins/excel/ms-excel-read.c b/plugins/excel/ms-excel-read.c
index a829f76a7..988e47e5b 100644
--- a/plugins/excel/ms-excel-read.c
+++ b/plugins/excel/ms-excel-read.c
@@ -358,11 +358,11 @@ ms_excel_set_cell_colors (MS_EXCEL_SHEET *sheet, Cell *cell, BIFF_XF_DATA *xf)
 static void
 ms_excel_set_cell_font (MS_EXCEL_SHEET *sheet, Cell *cell, BIFF_XF_DATA *xf)
 {
-  char font_size[10];	/* I know it may seem excessive. Time will say.  */
+  char font_size[16];	/* I know it may seem excessive. Time will say.  */
   int i;
   GList *ptr = g_list_first (sheet->wb->font_data) ;
   int idx = 0 ;
-  
+
   g_assert (idx!=4) ;
   while (ptr)
     {
@@ -377,7 +377,7 @@ ms_excel_set_cell_font (MS_EXCEL_SHEET *sheet, Cell *cell, BIFF_XF_DATA *xf)
        * In our first attempt to make it work, let's try to guess the 
        * X font name from the windows name, by letting the first word 
        * of the name be inserted in 0'th position of the X font name.  */
-      for (i=0; fd->fontname[i] != ' '; ++i)
+      for (i=0; fd->fontname[i] != '\0' && fd->fontname[i] != ' '; ++i)
         fd->fontname[i] = tolower (fd->fontname[i]);
       fd->fontname[i] = '\x0';
 	  cell_set_font (cell, font_change_component (cell->style->font->font_name, 1, fd->fontname));
@@ -392,7 +392,7 @@ ms_excel_set_cell_font (MS_EXCEL_SHEET *sheet, Cell *cell, BIFF_XF_DATA *xf)
 	      cell->style->font->hint_is_bold = 1;
 	    }
 	  /* What about underlining?  */
-      sprintf (font_size, "%d", fd->height/2);
+	  g_assert (snprintf (font_size, 16, "%d", fd->height/2)!=-1) ;
 	  cell_set_font (cell, font_change_component (cell->style->font->font_name, 7, font_size));
       /* delete me: */
       printf ("The new font name is: %s\n", cell->style->font->font_name);
@@ -409,7 +409,7 @@ ms_excel_set_cell_xf(MS_EXCEL_SHEET *sheet, Cell *cell, int xfidx)
 {
   GList *ptr ;
   int cnt ;
-  
+
   if (xfidx == 0)
     {
       printf ("Normal cell formatting\n") ;
diff --git a/plugins/excel/ms-excel.c b/plugins/excel/ms-excel.c
index a829f76a7..988e47e5b 100644
--- a/plugins/excel/ms-excel.c
+++ b/plugins/excel/ms-excel.c
@@ -358,11 +358,11 @@ ms_excel_set_cell_colors (MS_EXCEL_SHEET *sheet, Cell *cell, BIFF_XF_DATA *xf)
 static void
 ms_excel_set_cell_font (MS_EXCEL_SHEET *sheet, Cell *cell, BIFF_XF_DATA *xf)
 {
-  char font_size[10];	/* I know it may seem excessive. Time will say.  */
+  char font_size[16];	/* I know it may seem excessive. Time will say.  */
   int i;
   GList *ptr = g_list_first (sheet->wb->font_data) ;
   int idx = 0 ;
-  
+
   g_assert (idx!=4) ;
   while (ptr)
     {
@@ -377,7 +377,7 @@ ms_excel_set_cell_font (MS_EXCEL_SHEET *sheet, Cell *cell, BIFF_XF_DATA *xf)
        * In our first attempt to make it work, let's try to guess the 
        * X font name from the windows name, by letting the first word 
        * of the name be inserted in 0'th position of the X font name.  */
-      for (i=0; fd->fontname[i] != ' '; ++i)
+      for (i=0; fd->fontname[i] != '\0' && fd->fontname[i] != ' '; ++i)
         fd->fontname[i] = tolower (fd->fontname[i]);
       fd->fontname[i] = '\x0';
 	  cell_set_font (cell, font_change_component (cell->style->font->font_name, 1, fd->fontname));
@@ -392,7 +392,7 @@ ms_excel_set_cell_font (MS_EXCEL_SHEET *sheet, Cell *cell, BIFF_XF_DATA *xf)
 	      cell->style->font->hint_is_bold = 1;
 	    }
 	  /* What about underlining?  */
-      sprintf (font_size, "%d", fd->height/2);
+	  g_assert (snprintf (font_size, 16, "%d", fd->height/2)!=-1) ;
 	  cell_set_font (cell, font_change_component (cell->style->font->font_name, 7, font_size));
       /* delete me: */
       printf ("The new font name is: %s\n", cell->style->font->font_name);
@@ -409,7 +409,7 @@ ms_excel_set_cell_xf(MS_EXCEL_SHEET *sheet, Cell *cell, int xfidx)
 {
   GList *ptr ;
   int cnt ;
-  
+
   if (xfidx == 0)
     {
       printf ("Normal cell formatting\n") ;
-- 
GitLab