After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 747455 - [ods] Fuzzed file knock-out punch #1013
[ods] Fuzzed file knock-out punch #1013
Status: RESOLVED DUPLICATE of bug 747448
Product: Gnumeric
Classification: Applications
Component: import/export OOo / OASIS
git master
Other Linux
: Normal normal
: ---
Assigned To: Andreas J. Guelzow
Jody Goldberg
Depends on:
Blocks:
 
 
Reported: 2015-04-07 13:52 UTC by Morten Welinder
Modified: 2015-04-08 03:05 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
g-1013.ods (703.46 KB, application/vnd.oasis.opendocument.spreadsheet)
2015-04-07 13:52 UTC, Morten Welinder 		Details

Description Morten Welinder 2015-04-07 13:52:44 UTC 
Created attachment 301070 [details]
g-1013.ods

Upcoming file is very heavy on resource usage.  Under valgrind, it is
a killer.

I suspect this change:

-          <table:table-cell table:number-columns-repeated="248" table:style-name="ACE-6"/>
+          <table:table-cell table:number-columns-repeated="1118785614" table:style-name="ACE-6" />

That's a big number.  Can we know it is bogus early?
Comment 1 Morten Welinder 2015-04-07 13:54:29 UTC 
Or maybe it's this change.  Same thing, really.

-        <table:table-row table:style-name="AROW-0" table:number-rows-repeated="5">
+        <table:table-row table:style-name="AROW-0" table:number-rows-repeated="545239301">
Comment 2 Andreas J. Guelzow 2015-04-07 15:22:01 UTC 
Both of these can appear in a valid ODF file.

Of course since we only support up to 16384 columns and 16M rows we know that we cannot read files that big. So we should just limit us to that possibly.
Comment 3 Andreas J. Guelzow 2015-04-08 00:38:40 UTC 
Perhaps diue to the fix of bug #747447, but for me this file appears to use much less resources than the file attached to bug #747448. I see the same critical as in bug #747448 but just 6 renditions of it.
Comment 4 Andreas J. Guelzow 2015-04-08 03:05:49 UTC 
Thanks for taking the time to report this.
This particular bug has already been reported into our bug tracking system, but we are happy to tell you that the problem has already been fixed in the code repository.

*** This bug has been marked as a duplicate of bug 747448 ***