libexcel icon indicating copy to clipboard operation
libexcel copied to clipboard
verified publisher icon devinsmith

It exists a buffer overflow when use wbook_new()

Open fantasyoung opened this issue 7 years ago • 0 comments

Description

When specify a long name as argument,it will be buffer overflow

My test program

example1.zip

Command and argument

gcc -fsanitize=address -ggdb -o exampletest example1.c ../src/*.c -I ../include/

Crash Information

The output of exampletest with address sanitizer enabled

=================================================================
==11044==ERROR: AddressSanitizer: SEGV on unknown address 0x00000000004c (pc 0x00000040b7bc bp 0x7ffc15bedf80 sp 0x7ffc15bedf50 T0)
    #0 0x40b7bb in wbook_addworksheet ../src/workbook.c:125
    #1 0x401248 in main /home/wind/libexcel/libexcel-master/tests/example1.c:31
    #2 0x7fee4afe482f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #3 0x401148 in _start (/home/wind/libexcel/libexcel-master/tests/exampletest+0x401148)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ../src/workbook.c:125 wbook_addworksheet
==11044==ABORTING

CREDIT

pu!m,Huawei Weiran Labs

fantasyoung avatar Dec 18 '18 07:12 fantasyoung