This is an automated email from the git hooks/post-receive script.
sebastic pushed a commit to branch master
in repository freexl.
commit f45c3aae7aa277904017c2778282b2eb6b4d61e9
Author: Bas Couwenberg <sebas...@xs4all.nl>
Date: Thu Feb 22 21:51:13 2018 +0100
New upstream version 1.0.5
---
config-msvc.h | 6 +++---
configure | 20 ++++++++++----------
configure.ac | 2 +-
headers/freexl.h | 5 +++++
src/freexl.c | 34 ++++++++++++++++++++++++++++++++++
5 files changed, 53 insertions(+), 14 deletions(-)
diff --git a/config-msvc.h b/config-msvc.h
index a39d4e7..e4d0353 100644
--- a/config-msvc.h
+++ b/config-msvc.h
@@ -86,7 +86,7 @@
#define PACKAGE_NAME "FreeXL"
/* Define to the full name and version of this package. */
-#define PACKAGE_STRING "FreeXL 1.0.4"
+#define PACKAGE_STRING "FreeXL 1.0.5"
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "freexl"
@@ -95,7 +95,7 @@
#define PACKAGE_URL ""
/* Define to the version of this package. */
-#define PACKAGE_VERSION "1.0.4"
+#define PACKAGE_VERSION "1.0.5"
/* Define to 1 if you have the ANSI C header files. */
#define STDC_HEADERS 1
@@ -107,7 +107,7 @@
/* #undef TM_IN_SYS_TIME */
/* Version number of package */
-#define VERSION "1.0.4"
+#define VERSION "1.0.5"
/* Define to empty if `const' does not conform to ANSI C. */
/* #undef const */
diff --git a/configure b/configure
index 3f4c0a9..f3e1beb 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for FreeXL 1.0.4.
+# Generated by GNU Autoconf 2.69 for FreeXL 1.0.5.
#
# Report bugs to <a.furi...@lqt.it>.
#
@@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='FreeXL'
PACKAGE_TARNAME='freexl'
-PACKAGE_VERSION='1.0.4'
-PACKAGE_STRING='FreeXL 1.0.4'
+PACKAGE_VERSION='1.0.5'
+PACKAGE_STRING='FreeXL 1.0.5'
PACKAGE_BUGREPORT='a.furi...@lqt.it'
PACKAGE_URL=''
@@ -1326,7 +1326,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures FreeXL 1.0.4 to adapt to many kinds of systems.
+\`configure' configures FreeXL 1.0.5 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1396,7 +1396,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of FreeXL 1.0.4:";;
+ short | recursive ) echo "Configuration of FreeXL 1.0.5:";;
esac
cat <<\_ACEOF
@@ -1508,7 +1508,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-FreeXL configure 1.0.4
+FreeXL configure 1.0.5
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2052,7 +2052,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by FreeXL $as_me 1.0.4, which was
+It was created by FreeXL $as_me 1.0.5, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2923,7 +2923,7 @@ fi
# Define the identity of the package.
PACKAGE='freexl'
- VERSION='1.0.4'
+ VERSION='1.0.5'
cat >>confdefs.h <<_ACEOF
@@ -17813,7 +17813,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by FreeXL $as_me 1.0.4, which was
+This file was extended by FreeXL $as_me 1.0.5, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -17879,7 +17879,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //;
s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-FreeXL config.status 1.0.4
+FreeXL config.status 1.0.5
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff --git a/configure.ac b/configure.ac
index a44dbf4..19a1c87 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.61)
-AC_INIT(FreeXL, 1.0.4, a.furi...@lqt.it)
+AC_INIT(FreeXL, 1.0.5, a.furi...@lqt.it)
AC_LANG(C)
AC_CONFIG_AUX_DIR([.])
AC_CONFIG_MACRO_DIR([m4])
diff --git a/headers/freexl.h b/headers/freexl.h
index a7a7e84..87666d9 100644
--- a/headers/freexl.h
+++ b/headers/freexl.h
@@ -292,6 +292,11 @@ extern "C"
#define FREEXL_CFBF_ILLEGAL_MINI_FAT_ENTRY -25 /**< The MiniFAT stream
contains an invalid entry.
Possibly a corrupt file.
*/
+#define FREEXL_CRAFTED_FILE -26 /**< A severely corrupted
file
+ (may be purposely crafted for
+ malicious purposes) has been
+ detected. */
+
/**
Container for a cell value
diff --git a/src/freexl.c b/src/freexl.c
index a0b255a..d7f5e68 100644
--- a/src/freexl.c
+++ b/src/freexl.c
@@ -1109,6 +1109,11 @@ allocate_cells (biff_workbook * workbook)
return FREEXL_INSUFFICIENT_MEMORY;
/* allocating the cell values array */
+ if (workbook->active_sheet->rows * workbook->active_sheet->columns <= 0)
+ {
+ workbook->active_sheet->cell_values = NULL;
+ return FREEXL_OK;
+ }
workbook->active_sheet->cell_values =
malloc (sizeof (biff_cell_value) *
(workbook->active_sheet->rows *
@@ -1801,6 +1806,12 @@ parse_SST (biff_workbook * workbook, int swap)
unsigned int i;
for (i = 0; i < len; i++)
{
+ if (p_string - workbook->record >=
+ workbook->record_size)
+ {
+ /* buffer overflow: it's a preasumable
crafted file intended to crash FreeXL */
+ return FREEXL_CRAFTED_FILE;
+ }
*(utf16_buf + (utf16_off * 2) + (i * 2)) =
*p_string;
p_string++;
@@ -1912,6 +1923,11 @@ parse_SST (biff_workbook * workbook, int swap)
return FREEXL_OK;
}
+ if (len <= 0)
+ {
+ /* zero length - it's a preasumable crafted file intended to
crash FreeXL */
+ return FREEXL_CRAFTED_FILE;
+ }
if (!parse_unicode_string
(workbook->utf16_converter, len, utf16, p_string, &utf8_string))
return FREEXL_INVALID_CHARACTER;
@@ -3070,6 +3086,11 @@ parse_biff_record (biff_workbook * workbook, int swap)
if (swap)
swap32 (&offset);
len = workbook->record[6];
+ if (len <= 0)
+ {
+ /* zero length - it's a preasumable crafted file intended to
crash FreeXL */
+ return FREEXL_CRAFTED_FILE;
+ }
if (workbook->biff_version == FREEXL_BIFF_VER_5)
{
/* BIFF5: codepage text */
@@ -3229,6 +3250,11 @@ parse_biff_record (biff_workbook * workbook, int swap)
get_unicode_params (p_string, swap, &start_offset, &utf16,
&extra_skip);
p_string += start_offset;
+ if (len <= 0)
+ {
+ /* zero length - it's a preasumable crafted file intended
to crash FreeXL */
+ return FREEXL_CRAFTED_FILE;
+ }
if (!parse_unicode_string
(workbook->utf16_converter, len, utf16, p_string,
&utf8_string))
@@ -3623,6 +3649,11 @@ parse_biff_record (biff_workbook * workbook, int swap)
get_unicode_params (p_string, swap, &start_offset, &utf16,
&extra_skip);
p_string += start_offset;
+ if (len <= 0)
+ {
+ /* zero length - it's a preasumable crafted file intended
to crash FreeXL */
+ return FREEXL_CRAFTED_FILE;
+ }
if (!parse_unicode_string
(workbook->utf16_converter, len, utf16, p_string,
&utf8_string))
@@ -3905,6 +3936,9 @@ read_mini_biff_next_record (biff_workbook * workbook, int
swap, int *errcode)
workbook->record_type = record_type.value;
workbook->record_size = record_size.value;
+ if (workbook->record_size >= 8192)
+ return 0; /* malformed or crafted file */
+
if ((workbook->p_in - workbook->fat->miniStream) + workbook->record_size >
(int) workbook->size)
return 0; /* unexpected EOF */
--
Alioth's /usr/local/bin/git-commit-notice on
/srv/git.debian.org/git/pkg-grass/freexl.git
_______________________________________________
Pkg-grass-devel mailing list
Pkg-grass-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-grass-devel
