Read overflows causing corruption, and performance issues

jmcnamara / libxlsxwriter

A C library for creating Excel XLSX files.

https://libxlsxwriter.github.io

Other

1.53k stars 336 forks source link

Read overflows causing corruption, and performance issues #459

Closed znakeeye closed 1 month ago

znakeeye commented 1 month ago

Please check utility.c. There you find several of these dangerous loops:

while (p && some_operation_here)
    p++;

It should be *p in all cases. E.g. See lxw_name_to_row_2 where parsing "A1" would increment p like 1,000,000 times with some bad luck. Thus, we have a read overflow.

Fix:

Replace all if (p) with if (*p)
Replace all while (p with while (*p

jmcnamara commented 1 month ago

Thanks for the report. Fixed on main.

znakeeye commented 1 month ago

Thanks. Any plans for an official 1.1.9 release?

jmcnamara commented 1 month ago

If you need one just for this I can do one. Let me know.

znakeeye commented 1 month ago

Yes please. Maintaining local patches is not great 🙂

jmcnamara commented 1 month ago

The changes are upstream in v1.1.9. Thanks.