Commit a5577602 authored by Morten Welinder's avatar Morten Welinder

xls: fix fuzzed file issue.

parent b600c2bd
......@@ -15,6 +15,7 @@ Morten:
* Fix tabulation truncation issue.
* Fix ABR. [#720353]
* Fix fuzzed file crashes. [#720425] [#720426] [#720358] [#719349]
[#715002]
--------------------------------------------------------------------------
Gnumeric 1.12.9
......
2013-12-21 Morten Welinder <terra@gnome.org>
* ms-excel-read.c (excel_read_XF): Fix length check. Fixes
#715002.
* ms-obj.c (read_pre_biff8_read_name_and_fmla): Fix and improve
length check. Fixes #720358.
length check. Fixes #720358 and #719349.
2013-12-13 Morten Welinder <terra@gnome.org>
......
......@@ -2533,7 +2533,10 @@ excel_read_XF (BiffQuery *q, GnmXLImporter *importer)
BiffXFData *xf;
guint32 data, subdata;
XL_CHECK_CONDITION (q->length >= 8); /* Check this */
if (importer->ver >= MS_BIFF_V8)
XL_CHECK_CONDITION (q->length >= 20);
else
XL_CHECK_CONDITION (q->length >= 16);
xf = g_new (BiffXFData, 1);
xf->font_idx = GSF_LE_GET_GUINT16 (q->data);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment