Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | fixing security issues - Red Hat Bugzilla – Bug 1547892 |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
1f00f424a24b355e9b4990ddade63c50 |
| User & Date: | sandro 2018-02-22 13:47:20 |
Context
|
2018-02-22
| ||
| 14:10 | completing the previous commit check-in: 97c9f43cea user: sandro tags: trunk | |
| 13:47 | fixing security issues - Red Hat Bugzilla – Bug 1547892 check-in: 1f00f424a2 user: sandro tags: trunk | |
|
2017-09-07
| ||
| 20:04 | fixing a security issue - Cisco TALOS-2017-430 and TALOS-2017-431 check-in: 40c17539ea user: sandro tags: trunk | |
Changes
Changes to config-msvc.h.
82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 |
/* Define to the address where bug reports for this package should be sent. */ #define PACKAGE_BUGREPORT "a.furieri@lqt.it" /* Define to the full name of this package. */ #define PACKAGE_NAME "FreeXL" /* Define to the full name and version of this package. */ #define PACKAGE_STRING "FreeXL 1.0.4" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "freexl" /* Define to the home page for this package. */ #define PACKAGE_URL "" /* Define to the version of this package. */ #define PACKAGE_VERSION "1.0.4" /* Define to 1 if you have the ANSI C header files. */ #define STDC_HEADERS 1 /* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */ #define TIME_WITH_SYS_TIME 1 /* Define to 1 if your <sys/time.h> declares `struct tm'. */ /* #undef TM_IN_SYS_TIME */ /* Version number of package */ #define VERSION "1.0.4" /* Define to empty if `const' does not conform to ANSI C. */ /* #undef const */ /* Define to `long int' if <sys/types.h> does not define. */ /* #undef off_t */ /* Define to `unsigned int' if <sys/types.h> does not define. */ /* #undef size_t */ /* Define to empty if the keyword `volatile' does not work. Warning: valid code using `volatile' can become incorrect without. Disable with care. */ /* #undef volatile */ |
| | | |
82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 |
/* Define to the address where bug reports for this package should be sent. */ #define PACKAGE_BUGREPORT "a.furieri@lqt.it" /* Define to the full name of this package. */ #define PACKAGE_NAME "FreeXL" /* Define to the full name and version of this package. */ #define PACKAGE_STRING "FreeXL 1.0.5" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "freexl" /* Define to the home page for this package. */ #define PACKAGE_URL "" /* Define to the version of this package. */ #define PACKAGE_VERSION "1.0.5" /* Define to 1 if you have the ANSI C header files. */ #define STDC_HEADERS 1 /* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */ #define TIME_WITH_SYS_TIME 1 /* Define to 1 if your <sys/time.h> declares `struct tm'. */ /* #undef TM_IN_SYS_TIME */ /* Version number of package */ #define VERSION "1.0.5" /* Define to empty if `const' does not conform to ANSI C. */ /* #undef const */ /* Define to `long int' if <sys/types.h> does not define. */ /* #undef off_t */ /* Define to `unsigned int' if <sys/types.h> does not define. */ /* #undef size_t */ /* Define to empty if the keyword `volatile' does not work. Warning: valid code using `volatile' can become incorrect without. Disable with care. */ /* #undef volatile */ |
Changes to config.h.
80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 |
/* Define to the address where bug reports for this package should be sent. */ #define PACKAGE_BUGREPORT "a.furieri@lqt.it" /* Define to the full name of this package. */ #define PACKAGE_NAME "FreeXL" /* Define to the full name and version of this package. */ #define PACKAGE_STRING "FreeXL 1.0.4" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "freexl" /* Define to the home page for this package. */ #define PACKAGE_URL "" /* Define to the version of this package. */ #define PACKAGE_VERSION "1.0.4" /* Define to 1 if you have the ANSI C header files. */ #define STDC_HEADERS 1 /* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */ #define TIME_WITH_SYS_TIME 1 /* Define to 1 if your <sys/time.h> declares `struct tm'. */ /* #undef TM_IN_SYS_TIME */ /* Version number of package */ #define VERSION "1.0.4" /* Define to empty if `const' does not conform to ANSI C. */ /* #undef const */ /* Define to `long int' if <sys/types.h> does not define. */ /* #undef off_t */ /* Define to `unsigned int' if <sys/types.h> does not define. */ /* #undef size_t */ /* Define to empty if the keyword `volatile' does not work. Warning: valid code using `volatile' can become incorrect without. Disable with care. */ /* #undef volatile */ |
| | | |
80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 |
/* Define to the address where bug reports for this package should be sent. */ #define PACKAGE_BUGREPORT "a.furieri@lqt.it" /* Define to the full name of this package. */ #define PACKAGE_NAME "FreeXL" /* Define to the full name and version of this package. */ #define PACKAGE_STRING "FreeXL 1.0.5" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "freexl" /* Define to the home page for this package. */ #define PACKAGE_URL "" /* Define to the version of this package. */ #define PACKAGE_VERSION "1.0.5" /* Define to 1 if you have the ANSI C header files. */ #define STDC_HEADERS 1 /* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */ #define TIME_WITH_SYS_TIME 1 /* Define to 1 if your <sys/time.h> declares `struct tm'. */ /* #undef TM_IN_SYS_TIME */ /* Version number of package */ #define VERSION "1.0.5" /* Define to empty if `const' does not conform to ANSI C. */ /* #undef const */ /* Define to `long int' if <sys/types.h> does not define. */ /* #undef off_t */ /* Define to `unsigned int' if <sys/types.h> does not define. */ /* #undef size_t */ /* Define to empty if the keyword `volatile' does not work. Warning: valid code using `volatile' can become incorrect without. Disable with care. */ /* #undef volatile */ |
Changes to configure.
1 2 3 4 5 6 7 8 9 10 ... 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 .... 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 .... 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 .... 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514 1515 1516 1517 1518 .... 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 2058 2059 2060 2061 2062 .... 2919 2920 2921 2922 2923 2924 2925 2926 2927 2928 2929 2930 2931 2932 2933 ..... 17809 17810 17811 17812 17813 17814 17815 17816 17817 17818 17819 17820 17821 17822 17823 ..... 17875 17876 17877 17878 17879 17880 17881 17882 17883 17884 17885 17886 17887 17888 17889 |
#! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.69 for FreeXL 1.0.4. # # Report bugs to <a.furieri@lqt.it>. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # ................................................................................ subdirs= MFLAGS= MAKEFLAGS= # Identity of this package. PACKAGE_NAME='FreeXL' PACKAGE_TARNAME='freexl' PACKAGE_VERSION='1.0.4' PACKAGE_STRING='FreeXL 1.0.4' PACKAGE_BUGREPORT='a.furieri@lqt.it' PACKAGE_URL='' # Factoring default headers for most tests. ac_includes_default="\ #include <stdio.h> #ifdef HAVE_SYS_TYPES_H ................................................................................ # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF \`configure' configures FreeXL 1.0.4 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. ................................................................................ --build=BUILD configure for building on BUILD [guessed] --host=HOST cross-compile to build programs to run on HOST [BUILD] _ACEOF fi if test -n "$ac_init_help"; then case $ac_init_help in short | recursive ) echo "Configuration of FreeXL 1.0.4:";; esac cat <<\_ACEOF Optional Features: --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] ................................................................................ cd "$ac_pwd" || { ac_status=$?; break; } done fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF FreeXL configure 1.0.4 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit ................................................................................ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_type cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by FreeXL $as_me 1.0.4, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ _ACEOF exec 5>>config.log { ................................................................................ CYGPATH_W=echo fi fi # Define the identity of the package. PACKAGE='freexl' VERSION='1.0.4' cat >>confdefs.h <<_ACEOF #define PACKAGE "$PACKAGE" _ACEOF ................................................................................ test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" This file was extended by FreeXL $as_me 1.0.4, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS $ $0 $@ ................................................................................ Report bugs to <a.furieri@lqt.it>." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ FreeXL config.status 1.0.4 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." |
| | | | | | | | | | |
1 2 3 4 5 6 7 8 9 10 ... 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 .... 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 .... 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 .... 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514 1515 1516 1517 1518 .... 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 2058 2059 2060 2061 2062 .... 2919 2920 2921 2922 2923 2924 2925 2926 2927 2928 2929 2930 2931 2932 2933 ..... 17809 17810 17811 17812 17813 17814 17815 17816 17817 17818 17819 17820 17821 17822 17823 ..... 17875 17876 17877 17878 17879 17880 17881 17882 17883 17884 17885 17886 17887 17888 17889 |
#! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.69 for FreeXL 1.0.5. # # Report bugs to <a.furieri@lqt.it>. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # ................................................................................ subdirs= MFLAGS= MAKEFLAGS= # Identity of this package. PACKAGE_NAME='FreeXL' PACKAGE_TARNAME='freexl' PACKAGE_VERSION='1.0.5' PACKAGE_STRING='FreeXL 1.0.5' PACKAGE_BUGREPORT='a.furieri@lqt.it' PACKAGE_URL='' # Factoring default headers for most tests. ac_includes_default="\ #include <stdio.h> #ifdef HAVE_SYS_TYPES_H ................................................................................ # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF \`configure' configures FreeXL 1.0.5 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. ................................................................................ --build=BUILD configure for building on BUILD [guessed] --host=HOST cross-compile to build programs to run on HOST [BUILD] _ACEOF fi if test -n "$ac_init_help"; then case $ac_init_help in short | recursive ) echo "Configuration of FreeXL 1.0.5:";; esac cat <<\_ACEOF Optional Features: --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] ................................................................................ cd "$ac_pwd" || { ac_status=$?; break; } done fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF FreeXL configure 1.0.5 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit ................................................................................ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_type cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by FreeXL $as_me 1.0.5, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ _ACEOF exec 5>>config.log { ................................................................................ CYGPATH_W=echo fi fi # Define the identity of the package. PACKAGE='freexl' VERSION='1.0.5' cat >>confdefs.h <<_ACEOF #define PACKAGE "$PACKAGE" _ACEOF ................................................................................ test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" This file was extended by FreeXL $as_me 1.0.5, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS $ $0 $@ ................................................................................ Report bugs to <a.furieri@lqt.it>." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ FreeXL config.status 1.0.5 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." |
Changes to configure.ac.
1 2 3 4 5 6 7 8 9 10 11 12 |
# -*- Autoconf -*-
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.61)
AC_INIT(FreeXL, 1.0.4, a.furieri@lqt.it)
AC_LANG(C)
AC_CONFIG_AUX_DIR([.])
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE
AM_MAINTAINER_MODE
AM_CONFIG_HEADER(config.h)
|
| |
1 2 3 4 5 6 7 8 9 10 11 12 |
# -*- Autoconf -*-
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.61)
AC_INIT(FreeXL, 1.0.5, a.furieri@lqt.it)
AC_LANG(C)
AC_CONFIG_AUX_DIR([.])
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE
AM_MAINTAINER_MODE
AM_CONFIG_HEADER(config.h)
|
Changes to headers/freexl.h.
288 289 290 291 292 293 294 295 296 297 298 299 300 301 |
failed. Possibly a corrupt file
or a bug in FreeXL. */
#define FREEXL_INVALID_MINI_STREAM -24 /**< The MiniFAT stream is invalid.
Possibly a corrupt file. */
#define FREEXL_CFBF_ILLEGAL_MINI_FAT_ENTRY -25 /**< The MiniFAT stream
contains an invalid entry.
Possibly a corrupt file. */
/**
Container for a cell value
freexl_get_cell_value() takes a pointer to this structure, and fills
in the appropriate values.
|
> > > > > |
288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 |
failed. Possibly a corrupt file
or a bug in FreeXL. */
#define FREEXL_INVALID_MINI_STREAM -24 /**< The MiniFAT stream is invalid.
Possibly a corrupt file. */
#define FREEXL_CFBF_ILLEGAL_MINI_FAT_ENTRY -25 /**< The MiniFAT stream
contains an invalid entry.
Possibly a corrupt file. */
#define FREEXL_CRAFTED_FILE -26 /**< A severely corrupted file
(may be purposely crafted for
malicious purposes) has been
detected. */
/**
Container for a cell value
freexl_get_cell_value() takes a pointer to this structure, and fills
in the appropriate values.
|
Changes to src/freexl.c.
1797 1798 1799 1800 1801 1802 1803 1804 1805 1806 1807 1808 1809 1810 .... 1908 1909 1910 1911 1912 1913 1914 1915 1916 1917 1918 1919 1920 1921 .... 3066 3067 3068 3069 3070 3071 3072 3073 3074 3075 3076 3077 3078 3079 .... 3225 3226 3227 3228 3229 3230 3231 3232 3233 3234 3235 3236 3237 3238 .... 3619 3620 3621 3622 3623 3624 3625 3626 3627 3628 3629 3630 3631 3632 .... 3901 3902 3903 3904 3905 3906 3907 3908 3909 3910 3911 3912 3913 3914 |
utf16 = 1;
if (!utf16)
{
/* 'stripped' UTF-16: requires padding */
unsigned int i;
for (i = 0; i < len; i++)
{
*(utf16_buf + (utf16_off * 2) + (i * 2)) =
*p_string;
p_string++;
*(utf16_buf + (utf16_off * 2) + ((i * 2) + 1)) =
0x00;
}
}
................................................................................
memcpy (utf16_buf, p_string, available);
workbook->shared_strings.current_utf16_off =
available / 2;
}
return FREEXL_OK;
}
if (!parse_unicode_string
(workbook->utf16_converter, len, utf16, p_string, &utf8_string))
return FREEXL_INVALID_CHARACTER;
/* skipping string data */
if (!utf16)
p_string += len;
................................................................................
return FREEXL_OK;
}
memcpy (offset.bytes, workbook->record, 4);
if (swap)
swap32 (&offset);
len = workbook->record[6];
if (workbook->biff_version == FREEXL_BIFF_VER_5)
{
/* BIFF5: codepage text */
memcpy (name, workbook->record + 7, len);
utf8_name =
convert_to_utf8 (workbook->utf8_converter, name, len, &err);
if (err)
................................................................................
if (swap)
swap16 (&word16);
len = word16.value;
p_string = workbook->record + 4;
get_unicode_params (p_string, swap, &start_offset, &utf16,
&extra_skip);
p_string += start_offset;
if (!parse_unicode_string
(workbook->utf16_converter, len, utf16, p_string,
&utf8_string))
return FREEXL_INVALID_CHARACTER;
check_format (utf8_string, &is_date, &is_datetime, &is_time);
free (utf8_string);
if (is_date || is_datetime || is_time)
................................................................................
/* please note: this always is UTF-16 [BIFF8] */
int utf16 = 0;
unsigned int start_offset;
unsigned int extra_skip;
get_unicode_params (p_string, swap, &start_offset, &utf16,
&extra_skip);
p_string += start_offset;
if (!parse_unicode_string
(workbook->utf16_converter, len, utf16, p_string,
&utf8_string))
return FREEXL_INVALID_CHARACTER;
}
ret = set_text_value (workbook, row, col, utf8_string);
if (ret != FREEXL_OK)
................................................................................
swap16 (&record_type);
swap16 (&record_size);
}
/* saving the current record */
workbook->record_type = record_type.value;
workbook->record_size = record_size.value;
if ((workbook->p_in - workbook->fat->miniStream) + workbook->record_size >
(int) workbook->size)
return 0; /* unexpected EOF */
memcpy (workbook->record, workbook->p_in, workbook->record_size);
workbook->p_in += record_size.value;
|
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > |
1797 1798 1799 1800 1801 1802 1803 1804 1805 1806 1807 1808 1809 1810 1811 1812 1813 1814 1815 1816 .... 1914 1915 1916 1917 1918 1919 1920 1921 1922 1923 1924 1925 1926 1927 1928 1929 1930 1931 1932 .... 3077 3078 3079 3080 3081 3082 3083 3084 3085 3086 3087 3088 3089 3090 3091 3092 3093 3094 3095 .... 3241 3242 3243 3244 3245 3246 3247 3248 3249 3250 3251 3252 3253 3254 3255 3256 3257 3258 3259 .... 3640 3641 3642 3643 3644 3645 3646 3647 3648 3649 3650 3651 3652 3653 3654 3655 3656 3657 3658 .... 3927 3928 3929 3930 3931 3932 3933 3934 3935 3936 3937 3938 3939 3940 3941 3942 3943 |
utf16 = 1;
if (!utf16)
{
/* 'stripped' UTF-16: requires padding */
unsigned int i;
for (i = 0; i < len; i++)
{
if (p_string - workbook->record >=
workbook->record_size)
{
/* buffer overflow: it's a preasumable crafted file intended to crash FreeXL */
return FREEXL_CRAFTED_FILE;
}
*(utf16_buf + (utf16_off * 2) + (i * 2)) =
*p_string;
p_string++;
*(utf16_buf + (utf16_off * 2) + ((i * 2) + 1)) =
0x00;
}
}
................................................................................
memcpy (utf16_buf, p_string, available);
workbook->shared_strings.current_utf16_off =
available / 2;
}
return FREEXL_OK;
}
if (len <= 0)
{
/* zero length - it's a preasumable crafted file intended to crash FreeXL */
return FREEXL_CRAFTED_FILE;
}
if (!parse_unicode_string
(workbook->utf16_converter, len, utf16, p_string, &utf8_string))
return FREEXL_INVALID_CHARACTER;
/* skipping string data */
if (!utf16)
p_string += len;
................................................................................
return FREEXL_OK;
}
memcpy (offset.bytes, workbook->record, 4);
if (swap)
swap32 (&offset);
len = workbook->record[6];
if (len <= 0)
{
/* zero length - it's a preasumable crafted file intended to crash FreeXL */
return FREEXL_CRAFTED_FILE;
}
if (workbook->biff_version == FREEXL_BIFF_VER_5)
{
/* BIFF5: codepage text */
memcpy (name, workbook->record + 7, len);
utf8_name =
convert_to_utf8 (workbook->utf8_converter, name, len, &err);
if (err)
................................................................................
if (swap)
swap16 (&word16);
len = word16.value;
p_string = workbook->record + 4;
get_unicode_params (p_string, swap, &start_offset, &utf16,
&extra_skip);
p_string += start_offset;
if (len <= 0)
{
/* zero length - it's a preasumable crafted file intended to crash FreeXL */
return FREEXL_CRAFTED_FILE;
}
if (!parse_unicode_string
(workbook->utf16_converter, len, utf16, p_string,
&utf8_string))
return FREEXL_INVALID_CHARACTER;
check_format (utf8_string, &is_date, &is_datetime, &is_time);
free (utf8_string);
if (is_date || is_datetime || is_time)
................................................................................
/* please note: this always is UTF-16 [BIFF8] */
int utf16 = 0;
unsigned int start_offset;
unsigned int extra_skip;
get_unicode_params (p_string, swap, &start_offset, &utf16,
&extra_skip);
p_string += start_offset;
if (len <= 0)
{
/* zero length - it's a preasumable crafted file intended to crash FreeXL */
return FREEXL_CRAFTED_FILE;
}
if (!parse_unicode_string
(workbook->utf16_converter, len, utf16, p_string,
&utf8_string))
return FREEXL_INVALID_CHARACTER;
}
ret = set_text_value (workbook, row, col, utf8_string);
if (ret != FREEXL_OK)
................................................................................
swap16 (&record_type);
swap16 (&record_size);
}
/* saving the current record */
workbook->record_type = record_type.value;
workbook->record_size = record_size.value;
if (workbook->record_size >= 8192)
return 0; /* malformed or crafted file */
if ((workbook->p_in - workbook->fat->miniStream) + workbook->record_size >
(int) workbook->size)
return 0; /* unexpected EOF */
memcpy (workbook->record, workbook->p_in, workbook->record_size);
workbook->p_in += record_size.value;
|