github-starred/libxlsxwriter
2
0
Fork 0
mirror of https://github.com/jmcnamara/libxlsxwriter.git synced 2026-05-15 14:15:54 -06:00
Code Issues 16 Projects Packages Wiki Activity Actions

[GH-ISSUE #442] Bug: workbook_validate_sheet_name buffer-overflow #348

New issue
Closed
opened 2026-05-05 12:11:10 -06:00 by gitea-mirror · 4 comments
gitea-mirror commented 2026-05-05 12:11:10 -06:00
Owner
Copy link

Originally created by @ym-xie on GitHub (May 8, 2024).
Original GitHub issue: https://github.com/jmcnamara/libxlsxwriter/issues/442

Originally assigned to: @jmcnamara on GitHub.

hello, maybe there exist a bug in workbook_validate_sheet_name.
When sheetname is an empty string (""), the workbook_validate_sheet_name function does not check if the string length is 0, leading to a buffer overflow.The following is the relevant code, the crash occurs at workbook.c:workbook_validate_sheet_name.

#include "xlsxwriter.h"

int main() {

    lxw_workbook  *workbook  = workbook_new("demo.xlsx");
    lxw_worksheet *worksheet = workbook_add_worksheet(workbook, NULL);
    const char* name = "";
    lxw_error le = workbook_validate_sheet_name(workbook, name);
    if (le == LXW_NO_ERROR) {
      lxw_worksheet *worksheet = workbook_add_worksheet(workbook, name);
    }

    return 0;
}
Originally created by @ym-xie on GitHub (May 8, 2024). Original GitHub issue: https://github.com/jmcnamara/libxlsxwriter/issues/442 Originally assigned to: @jmcnamara on GitHub. hello, maybe there exist a bug in workbook_validate_sheet_name. When `sheetname` is an empty string (`""`), the `workbook_validate_sheet_name` function does not check if the string length is 0, leading to a buffer overflow.The following is the relevant code, the crash occurs at workbook.c:workbook_validate_sheet_name. ```c #include "xlsxwriter.h" int main() { lxw_workbook *workbook = workbook_new("demo.xlsx"); lxw_worksheet *worksheet = workbook_add_worksheet(workbook, NULL); const char* name = ""; lxw_error le = workbook_validate_sheet_name(workbook, name); if (le == LXW_NO_ERROR) { lxw_worksheet *worksheet = workbook_add_worksheet(workbook, name); } return 0; } ```
gitea-mirror 2026-05-05 12:11:10 -06:00
  • closed this issue
  • added the
    bug
         label
gitea-mirror commented 2026-05-05 12:11:14 -06:00
Author
Owner
Copy link

@jmcnamara commented on GitHub (May 8, 2024):

Thanks for the report. That is omission/bug. I'll add a fix.

<!-- gh-comment-id:2101015458 --> @jmcnamara commented on GitHub (May 8, 2024): Thanks for the report. That is omission/bug. I'll add a fix.
gitea-mirror commented 2026-05-05 12:11:15 -06:00
Author
Owner
Copy link

@jmcnamara commented on GitHub (May 8, 2024):

I've pushed a fix for this to main. There is now a new error code called LXW_ERROR_SHEETNAME_IS_BLANK for this condition.

<!-- gh-comment-id:2101260654 --> @jmcnamara commented on GitHub (May 8, 2024): I've pushed a fix for this to main. There is now a new error code called `LXW_ERROR_SHEETNAME_IS_BLANK` for this condition.
gitea-mirror commented 2026-05-05 12:11:17 -06:00
Author
Owner
Copy link

@ym-xie commented on GitHub (May 9, 2024):

Should verify in advance that name is NULL?

<!-- gh-comment-id:2101817519 --> @ym-xie commented on GitHub (May 9, 2024): Should verify in advance that `name` is NULL?
gitea-mirror commented 2026-05-05 12:11:19 -06:00
Author
Owner
Copy link

@jmcnamara commented on GitHub (May 9, 2024):

Should verify in advance that name is NULL?

My initial thought was that the end user should check for NULL and that workbook_validate_sheet_name() should validate the name and not the string. However, most libxlsxwriter functions check for NULL so I've added a LXW_ERROR_NULL_PARAMETER_IGNORED error as well.

I've force pushed that change to main.

<!-- gh-comment-id:2102104082 --> @jmcnamara commented on GitHub (May 9, 2024): > Should verify in advance that `name` is NULL? My initial thought was that the end user should check for NULL and that `workbook_validate_sheet_name()` should validate the name and not the string. However, most libxlsxwriter functions check for `NULL` so I've added a `LXW_ERROR_NULL_PARAMETER_IGNORED` error as well. I've force pushed that change to main.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
coverity
cmake-improvements
cmake_pkgconfig_fix
ctest
button
tables
autofilter
dtoa
iwyu
openssl
gentoo
gh310
condition_format
rich_string_html
header_footer_images
custom_data_labels
object_position
gh265
constant_mode_comments2
constant_mode_comments
vml
md5
vcpkg
hyperlinks
api_refactor
win_fopen
gh203
rich_strings
chartsheet
in_mem_image
gh192
revert-162-master
data_validation
meson
charts
scan_build
utf8_strlen
tmpfileplus
custom_properties
insert_image
default_row
control_chars
worksheet_protect
dev
red_black
panes
mkstemp
defined_names
optimise
wip
v1.2.4
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.1.9
v1.1.8
RELEASE_1.1.7
RELEASE_1.1.6
RELEASE_1.1.5
RELEASE_1.1.4
RELEASE_1.1.3
RELEASE_1.1.2
RELEASE_1.1.1
RELEASE_1.1.0
RELEASE_1.0.9
RELEASE_1.0.8
RELEASE_1.0.7
RELEASE_1.0.6
RELEASE_1.0.5
RELEASE_1.0.4
RELEASE_1.0.3
RELEASE_1.0.2
RELEASE_1.0.1
RELEASE_1.0.0
RELEASE_0.9.9
RELEASE_0.9.8
RELEASE_0.9.7
RELEASE_0.9.6
RELEASE_0.9.5
RELEASE_0.9.4
RELEASE_0.9.3
RELEASE_0.9.2
RELEASE_0.9.1
RELEASE_0.9.0
RELEASE_0.8.9
RELEASE_0.8.8
RELEASE_0.8.7
RELEASE_0.8.6
RELEASE_0.8.5
RELEASE_0.8.4
RELEASE_0.8.3
RELEASE_0.8.2
RELEASE_0.8.1
RELEASE_0.8.0
RELEASE_0.7.9
RELEASE_0.7.8
RELEASE_0.7.7
RELEASE_0.7.6
RELEASE_0.7.5
RELEASE_0.7.4
RELEASE_0.7.3
RELEASE_0.7.2
RELEASE_0.7.1
RELEASE_0.7.0
RELEASE_0.6.9
RELEASE_0.6.8
RELEASE_0.6.7
RELEASE_0.6.6
RELEASE_0.6.5
RELEASE_0.6.4
RELEASE_0.6.3
RELEASE_0.6.2
RELEASE_0.6.1
RELEASE_0.6.0
RELEASE_0.5.9
RELEASE_0.5.8
RELEASE_0.5.7
RELEASE_0.5.6
RELEASE_0.5.5
RELEASE_0.5.4
RELEASE_0.5.3
RELEASE_0.5.2
RELEASE_0.5.1
RELEASE_0.5.0
RELEASE_0.4.9
RELEASE_0.4.8
RELEASE_0.4.7
RELEASE_0.4.6
RELEASE_0.4.5
RELEASE_0.4.4
RELEASE_0.4.3
RELEASE_0.4.2
RELEASE_0.4.1
RELEASE_0.4.0
RELEASE_0.3.9
RELEASE_0.3.8
RELEASE_0.3.7
RELEASE_0.3.6
RELEASE_0.3.5
RELEASE_0.3.4
RELEASE_0.3.3
RELEASE_0.3.2
RELEASE_0.3.1
RELEASE_0.3.0
RELEASE_0.2.9
RELEASE_0.2.8
RELEASE_0.2.7
RELEASE_0.2.6
RELEASE_0.2.5
RELEASE_0.2.4
RELEASE_0.2.3
RELEASE_0.2.2
RELEASE_0.2.1
RELEASE_0.2.0
RELEASE_0.1.9
RELEASE_0.1.8
RELEASE_0.1.7
RELEASE_0.1.6
RELEASE_0.1.5
RELEASE_0.1.4
RELEASE_0.1.3
RELEASE_0.1.2
RELEASE_0.1.1
RELEASE_0.1.0
RELEASE_0.0.9
RELEASE_0.0.8
RELEASE_0.0.7
RELEASE_0.0.6
RELEASE_0.0.5
RELEASE_0.0.4
RELEASE_0.0.3
RELEASE_0.0.2
RELEASE_0.0.1
Labels
Clear labels   
awaiting user feedback

   
bug

   
cmake

   
cmake

   
docs

   
feature request

   
in progress

   
long term

   
medium term

   
medium term

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question

   
ready to close

   
short term

   
under investigation

   
wontfix
No labels
awaiting user feedback
bug
cmake
cmake
docs
feature request
in progress
long term
medium term
medium term
pull-request
question
question
ready to close
short term
under investigation
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/libxlsxwriter#348
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?