After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 704109 - Range parsing problem with non-homogeneous sheet sizes
Range parsing problem with non-homogeneous sheet sizes
Status: RESOLVED FIXED
Product: Gnumeric
Classification: Applications
Component: import/export other
git master
Other All
: Normal normal
: ---
Assigned To: Morten Welinder
Jody Goldberg
Depends on:
Blocks:
 
 
Reported: 2013-07-12 15:41 UTC by Morten Welinder
Modified: 2013-07-12 17:38 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Morten Welinder 2013-07-12 15:41:00 UTC 
Test case:

http://jutaky.com/fuzzing/gnumeric_case_1226_12520.gnumeric

The expression is

(gdb) p content
$1 = 0x2312a00 "=vlookup(A2,'TC COMPONENT PARTS'!A$1:D$1048576,1,0)"

and it occurs somewhere in Sheet4:

(gdb) p sheet->name_unquoted
$3 = 0x8bfa60 "Sheet4"
(gdb) p sheet->size
$4 = {max_cols = 16384, max_rows = 1048576}

However:

(gdb) p workbook_sheet_by_name(cell->base.sheet->workbook,"TC COMPONENT PARTS")
$5 = 0x9717c0
(gdb) p $5->name_unquoted
$6 = 0x17f8060 "TC COMPONENT PARTS"
(gdb) p $5->size
$7 = {max_cols = 256, max_rows = 65536}


I.e., the expression is invalid because D$1048576 doesn't exist.
Comment 1 Morten Welinder 2013-07-12 17:38:44 UTC 
Actually,

    =vlookup(A2,'TC COMPONENT PARTS'!A$1:D$1048576,1,0)

*is* valid, but it refers to a constructed range of 'TC COMPONENT PARTS'!A$1
and D$1048576 (from Sheet4)!  ("Doctor, when I bang my head on the wall, it
hurts."  "Well, don't do that then.")

This problem has been fixed in our software repository. The fix will go into the next software release. Thank you for your bug report.