You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@poi.apache.org by bu...@apache.org on 2018/03/20 22:13:12 UTC

[Bug 62201] Zip Bomb ratio: Fail fast and/or round the ratio before comparison

https://bz.apache.org/bugzilla/show_bug.cgi?id=62201

Andreas Beeker <ki...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 OS|                            |All

--- Comment #1 from Andreas Beeker <ki...@apache.org> ---
I wonder where the "duplicated" styles come from, i.e. there must be a reason
why the compression ratio is so high - are the styles in that excel file
generated? ... and maybe a new style is created for each cell?

at option 1.: I don't think that eagerly fetching shared strings and styles
table is a good idea - I actually would prefer the opposite ... something like
a lazy-loading mechanism inside of the content, e.g. a table which successively
fills when it's elements are iterated over

at option 2. I don't get the rounding advantage - how about setting the limit
to 0.005?

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@poi.apache.org
For additional commands, e-mail: dev-help@poi.apache.org