[Libreoffice-commits] core.git: sc/source
Caolán McNamara (via logerrit)
logerrit at kemper.freedesktop.org
Tue Dec 22 12:58:13 UTC 2020
sc/source/filter/excel/xistream.cxx | 60 ++++++++++++++++++++----------------
1 file changed, 34 insertions(+), 26 deletions(-)
New commits:
commit 901e5e7c9170184e286ea3e46fce406136aa9572
Author: Caolán McNamara <caolanm at redhat.com>
AuthorDate: Tue Dec 22 10:23:22 2020 +0000
Commit: Caolán McNamara <caolanm at redhat.com>
CommitDate: Tue Dec 22 13:57:19 2020 +0100
oss-fuzz: xlsfuzzer doesn't pass sanity check
Step #5: #6 0xc1f57ef in __cxa_throw (/tmp/not-out/xlsfuzzer+0xc1f57ef)
Step #5: #7 0x520a3ea in SvStream::ReadUInt16(unsigned short&) (/tmp/not-out/xlsfuzzer+0x520a3ea)
Step #5: #8 0x7bae80 in XclImpStream::DetectBiffVersion(SvStream&) (/tmp/not-out/xlsfuzzer+0x7bae80)
Step #5: #9 0x53bde9 in ScFormatFilterPluginImpl::ScImportExcel(SfxMedium&, ScDocument*, EXCIMPFORMAT) (/tmp/not-out/xlsfuzzer+0x53bde9)
Change-Id: I5c6aee844c62967fb06142992fa67fbc0f3b3725
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108155
Tested-by: Caolán McNamara <caolanm at redhat.com>
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
diff --git a/sc/source/filter/excel/xistream.cxx b/sc/source/filter/excel/xistream.cxx
index f9c79325f39f..0736a55d152f 100644
--- a/sc/source/filter/excel/xistream.cxx
+++ b/sc/source/filter/excel/xistream.cxx
@@ -388,38 +388,46 @@ XclBiff XclImpStream::DetectBiffVersion( SvStream& rStrm )
XclBiff eBiff = EXC_BIFF_UNKNOWN;
rStrm.Seek( STREAM_SEEK_TO_BEGIN );
- sal_uInt16 nBofId, nBofSize;
- rStrm.ReadUInt16( nBofId ).ReadUInt16( nBofSize );
-
- if( (4 <= nBofSize) && (nBofSize <= 16) ) switch( nBofId )
+ try
{
- case EXC_ID2_BOF:
- eBiff = EXC_BIFF2;
- break;
- case EXC_ID3_BOF:
- eBiff = EXC_BIFF3;
- break;
- case EXC_ID4_BOF:
- eBiff = EXC_BIFF4;
- break;
- case EXC_ID5_BOF:
+ sal_uInt16 nBofId, nBofSize;
+ rStrm.ReadUInt16( nBofId ).ReadUInt16( nBofSize );
+
+ if( (4 <= nBofSize) && (nBofSize <= 16) ) switch( nBofId )
{
- sal_uInt16 nVersion;
- rStrm.ReadUInt16( nVersion );
- // #i23425# #i44031# #i62752# there are some *really* broken documents out there...
- switch( nVersion & 0xFF00 )
+ case EXC_ID2_BOF:
+ eBiff = EXC_BIFF2;
+ break;
+ case EXC_ID3_BOF:
+ eBiff = EXC_BIFF3;
+ break;
+ case EXC_ID4_BOF:
+ eBiff = EXC_BIFF4;
+ break;
+ case EXC_ID5_BOF:
{
- case 0: eBiff = EXC_BIFF5; break; // #i44031# #i62752#
- case EXC_BOF_BIFF2: eBiff = EXC_BIFF2; break;
- case EXC_BOF_BIFF3: eBiff = EXC_BIFF3; break;
- case EXC_BOF_BIFF4: eBiff = EXC_BIFF4; break;
- case EXC_BOF_BIFF5: eBiff = EXC_BIFF5; break;
- case EXC_BOF_BIFF8: eBiff = EXC_BIFF8; break;
- default: SAL_WARN("sc", "XclImpStream::DetectBiffVersion - unknown BIFF version: 0x" << std::hex << nVersion );
+ sal_uInt16 nVersion;
+ rStrm.ReadUInt16( nVersion );
+ // #i23425# #i44031# #i62752# there are some *really* broken documents out there...
+ switch( nVersion & 0xFF00 )
+ {
+ case 0: eBiff = EXC_BIFF5; break; // #i44031# #i62752#
+ case EXC_BOF_BIFF2: eBiff = EXC_BIFF2; break;
+ case EXC_BOF_BIFF3: eBiff = EXC_BIFF3; break;
+ case EXC_BOF_BIFF4: eBiff = EXC_BIFF4; break;
+ case EXC_BOF_BIFF5: eBiff = EXC_BIFF5; break;
+ case EXC_BOF_BIFF8: eBiff = EXC_BIFF8; break;
+ default: SAL_WARN("sc", "XclImpStream::DetectBiffVersion - unknown BIFF version: 0x" << std::hex << nVersion );
+ }
}
+ break;
}
- break;
}
+ catch (const SvStreamEOFException&)
+ {
+ SAL_WARN("sc", "EOF");
+ }
+
return eBiff;
}
More information about the Libreoffice-commits
mailing list