Three Null deference in src/xls2csv.c #90
Description
I found three Null deference errors in the current dev a94d84b
First
poc : poc1.zip
reproduce : xls2csv ./poc1 -t Sheet2
this is ASAN report
FILE: ./poc1
ASAN:DEADLYSIGNAL
=================================================================
==12039==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f52933dde20 bp 0x7ffc3e4d4600 sp 0x7ffc3e4d3d60 T0)
==12039==The signal is caused by a READ memory access.
==12039==Hint: address points to the zero page.
#0 0x7f52933dde1f (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x59e1f)
#1 0x558084cefa14 in main src/xls2csv.c:123
#2 0x7f5292d5cbf6 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)
#3 0x558084cf0879 in _start (/home/yuan/afl-target/libxls/.libs/xls2csv+0x3879)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x59e1f)
==12039==ABORTING
second
poc : poc2.zip
reproduce : xls2csv ./poc2 -t Sheet2
this is ASAN report
FILE: ./poc2
ASAN:DEADLYSIGNAL
=================================================================
==32715==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f6a9ec78e20 bp 0x7ffefe231780 sp 0x7ffefe230ee0 T0)
==32715==The signal is caused by a READ memory access.
==32715==Hint: address points to the zero page.
#0 0x7f6a9ec78e1f (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x59e1f)
#1 0x56133521433c in main src/xls2csv.c:147
#2 0x7f6a9e5f7bf6 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)
#3 0x561335215879 in _start (/home/yuan/afl-target/libxls/.libs/xls2csv+0x3879)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x59e1f)
==32715==ABORTING
Third
poc : poc3.zip
reproduce : xls2csv ./poc3 -l
this is ASAN report
ASAN:DEADLYSIGNAL
=================================================================
==21536==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fc9ca0374e1 bp 0x60f000000040 sp 0x7fff52e43468 T0)
==21536==The signal is caused by a READ memory access.
==21536==Hint: address points to the zero page.
#0 0x7fc9ca0374e0 (/lib/x86_64-linux-gnu/libc.so.6+0x18e4e0)
#1 0x7fc9c9f29ab1 in _IO_puts (/lib/x86_64-linux-gnu/libc.so.6+0x80ab1)
#2 0x555ea04cb28a in main src/xls2csv.c:141
#3 0x7fc9c9ecabf6 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)
#4 0x555ea04cb879 in _start (/home/yuan/afl-target/libxls/.libs/xls2csv+0x3879)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x18e4e0)
==21536==ABORTING
Thanks.