Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#17 Patch to verify Excel document type

open
nobody
None
5
2007-08-31
2007-08-31
David Fletcher
No

The current version of PHP-ExcelReader checks the file being read for the signature bytes IDENTIFIER_OLE. This signature is common to many document, for example Word documents.

Word documents do not follow the block structure of Excel, and if PHP-ExcelReader begins to read them it can enter an infinite loop in code such as

while ($sbdBlock != -2)

at line 143 in oleread.inc. Avoiding the possibility of entering an infinite loop if the wrong document is read needs to be prevented, perhaps by adding a maximum loop count to these loops.

Also, a better check can be added to ensure that Excel documents of the correct type are being read. These patches to oleread.inc and reader.php make a more thorough check that BIFF7 and BIFF8 format XLS files are being read.

////////////////////////////////////////////////
diff -c -b reader.php reader_new.php
*** reader.php 2007-07-05 23:09:46.000000000 +0100
--- reader_new.php 2007-08-31 21:47:22.000000000 +0100
***************
*** 386,391 ****
--- 386,393 ----
if($this->_ole->error == 1) {
// bad file
die('The filename ' . $sFileName . ' is not readable');
+ }elseif($this->_ole->error == 2){
+ die('The filename ' . $sFileName . ' is not recognised as an Excel file');
}
// check other error codes here (eg bad fileformat, etc...)
}

////////////////////////////////////////////////

diff -c -b oleread.inc oleread_new.php
*** oleread.inc 2007-07-05 23:09:46.000000000 +0100
--- oleread_new.inc 2007-08-31 21:40:27.000000000 +0100
***************
*** 15,20 ****
--- 15,22 ----
define('START_BLOCK_POS', 0x74);
define('SIZE_POS', 0x78);
define('IDENTIFIER_OLE', pack("CCCCCCCC",0xd0,0xcf,0x11,0xe0,0xa1,0xb1,0x1a,0xe1));
+ define('IDENTIFIER_BIFF7', pack("CCCCCCCC",0x09,0x08,0x08,0x00,0x00,0x05,0x05,0x00));
+ define('IDENTIFIER_BIFF8', pack("CCCCCCCC",0x09,0x08,0x10,0x00,0x00,0x06,0x05,0x00));

//echo 'ROOT_START_BLOCK_POS = '.ROOT_START_BLOCK_POS."\n";

***************
*** 62,67 ****
--- 64,76 ----
$this->error = 1;
return false;
}
+
+ //Check the start of the first block for a signature only found in Excel BIFF7 or BIFF8 files
+ if (substr($this->data, 512, 8) != IDENTIFIER_BIFF7 && substr($this->data, 512, 8) != IDENTIFIER_BIFF8) {
+ $this->error = 2;
+ return false;
+ }
+
$this->numBigBlockDepotBlocks = GetInt4d($this->data, NUM_BIG_BLOCK_DEPOT_BLOCKS_POS);
$this->sbdStartBlock = GetInt4d($this->data, SMALL_BLOCK_DEPOT_BLOCK_POS);
$this->rootStartBlock = GetInt4d($this->data, ROOT_START_BLOCK_POS);

////////////////////////////////////////////////

Discussion

  • David Fletcher
    David Fletcher
    2007-08-31

    Logged In: YES
    user_id=577267
    Originator: YES

    File Added: patches.txt

     
  • David Fletcher
    David Fletcher
    2007-08-31

    Patches to ensure real Excel files are being processed

     
    Attachments