ole2 icon indicating copy to clipboard operation
ole2 copied to clipboard
verified publisher icon extrame

Slice bounds out of range bug

Open Kleissner opened this issue 6 years ago • 0 comments

The code uses d.Bsize without checking if it's within the range of the slice d.NameBts. A specially crafted ole2 file (Excel sheet) can crash the application by setting a a high number for d.Bsize. https://github.com/extrame/ole2/blob/d69429661ad7efb189d2ad8074c867265009d0a4/dir.go#L32-L35

The fix is to check the ranges first.

Kleissner avatar Aug 27 '19 07:08 Kleissner