After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 514510 - Null pointer crash in copy64()
Null pointer crash in copy64()
Status: RESOLVED FIXED
Product: Gnumeric
Classification: Applications
Component: import/export MS Excel (tm)
git master
Other All
: Normal critical
: ---
Assigned To: Jody Goldberg
Jody Goldberg
Depends on:
Blocks:
 
 
Reported: 2008-02-05 11:39 UTC by sum1
Modified: 2008-02-05 14:16 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
fuzzed objs.xls (216.50 KB, application/vnd.ms-excel)
2008-02-05 11:40 UTC, sum1 		Details

Description sum1 2008-02-05 11:39:38 UTC 
Version: r16350
OS: Ubuntu Gutsy

The upcoming sample is a fuzzed version of objs.xls.

Steps to reproduce:
- ssconvert fuzzed_objs.xls /tmp/foo.xls

Backtrace:

Program received signal SIGSEGV, Segmentation fault.

+ Trace 188153

Thread NaN (LWP 22432)

  • #0 copy64
    at crypt-md4.c line 144
  • #1 mdfour
    at crypt-md4.c line 171
  • #2 excel_write_blip
    at ms-excel-write.c line 5381
  • #3 excel_write_blips
    at ms-excel-write.c line 5423
  • #4 excel_write_workbook
    at ms-excel-write.c line 5592
  • #5 excel_write_v8
    at ms-excel-write.c line 5659
  • #6 excel_save
    at boot.c line 256
  • #7 excel_dsf_file_save
    at boot.c line 291
  • #8 go_plugin_loader_module_func_file_save
    at go-plugin-loader-module.c line 323
  • #9 go_plugin_file_saver_save
    at go-plugin-service.c line 749
  • #10 go_file_saver_save
    at file.c line 700
  • #11 wbv_save_to_output
    at workbook-view.c line 839
  • #12 wbv_save_to_uri
    at workbook-view.c line 874
  • #13 wb_view_save_as
    at workbook-view.c line 910
  • #14 convert
    at ssconvert.c line 333
  • #15 main
    at ssconvert.c line 394 






Comment 1


sum1





          2008-02-05 11:40:53 UTC
        



Created attachment 104474 [details]
fuzzed objs.xls






Comment 2


Morten Welinder





          2008-02-05 14:16:25 UTC
        



That was more interesting than most of these.

This problem has been fixed in our software repository. The fix will go into the next software release. Thank you for your bug report.