You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@poi.apache.org by ce...@apache.org on 2015/10/30 18:26:37 UTC
svn commit: r1711520 - in /poi/trunk/src/ooxml/java/org/apache/poi:
POIXMLTextExtractor.java openxml4j/util/ZipSecureFile.java
xssf/extractor/XSSFEventBasedExcelExtractor.java
xssf/extractor/XSSFExcelExtractor.java
Author: centic
Date: Fri Oct 30 17:26:37 2015
New Revision: 1711520
URL: http://svn.apache.org/viewvc?rev=1711520&view=rev
Log:
Add a limit of the max number of characters that can be extracted to avoid sending applications out of memory with very large documents
Modified:
poi/trunk/src/ooxml/java/org/apache/poi/POIXMLTextExtractor.java
poi/trunk/src/ooxml/java/org/apache/poi/openxml4j/util/ZipSecureFile.java
poi/trunk/src/ooxml/java/org/apache/poi/xssf/extractor/XSSFEventBasedExcelExtractor.java
poi/trunk/src/ooxml/java/org/apache/poi/xssf/extractor/XSSFExcelExtractor.java
Modified: poi/trunk/src/ooxml/java/org/apache/poi/POIXMLTextExtractor.java
URL: http://svn.apache.org/viewvc/poi/trunk/src/ooxml/java/org/apache/poi/POIXMLTextExtractor.java?rev=1711520&r1=1711519&r2=1711520&view=diff
==============================================================================
--- poi/trunk/src/ooxml/java/org/apache/poi/POIXMLTextExtractor.java (original)
+++ poi/trunk/src/ooxml/java/org/apache/poi/POIXMLTextExtractor.java Fri Oct 30 17:26:37 2015
@@ -23,6 +23,7 @@ import org.apache.poi.POIXMLProperties.C
import org.apache.poi.POIXMLProperties.CustomProperties;
import org.apache.poi.POIXMLProperties.ExtendedProperties;
import org.apache.poi.openxml4j.opc.OPCPackage;
+import org.apache.poi.openxml4j.util.ZipSecureFile;
public abstract class POIXMLTextExtractor extends POITextExtractor {
/** The POIXMLDocument that's open */
@@ -88,4 +89,18 @@ public abstract class POIXMLTextExtracto
}
super.close();
}
+
+ protected void checkMaxTextSize(StringBuffer text, String string) {
+ if(string == null) {
+ return;
+ }
+
+ int size = text.length() + string.length();
+ if(size > ZipSecureFile.getMaxTextSize()) {
+ throw new IllegalStateException("The text would exceed the max allowed overall size of extracted text. "
+ + "By default this is prevented as some documents may exhaust available memory and it may indicate that the file is used to inflate memory usage and thus could pose a security risk. "
+ + "You can adjust this limit via ZipSecureFile.setMaxTextSize() if you need to work with files which have a lot of text. "
+ + "Size: " + size + ", limit: MAX_TEXT_SIZE: " + ZipSecureFile.getMaxTextSize());
+ }
+ }
}
Modified: poi/trunk/src/ooxml/java/org/apache/poi/openxml4j/util/ZipSecureFile.java
URL: http://svn.apache.org/viewvc/poi/trunk/src/ooxml/java/org/apache/poi/openxml4j/util/ZipSecureFile.java?rev=1711520&r1=1711519&r2=1711520&view=diff
==============================================================================
--- poi/trunk/src/ooxml/java/org/apache/poi/openxml4j/util/ZipSecureFile.java (original)
+++ poi/trunk/src/ooxml/java/org/apache/poi/openxml4j/util/ZipSecureFile.java Fri Oct 30 17:26:37 2015
@@ -50,6 +50,9 @@ public class ZipSecureFile extends ZipFi
// don't alert for expanded sizes smaller than 100k
private static long GRACE_ENTRY_SIZE = 100*1024;
+ // The default maximum size of extracted text
+ private static long MAX_TEXT_SIZE = 10*1024*1024;
+
/**
* Sets the ratio between de- and inflated bytes to detect zipbomb.
* It defaults to 1% (= 0.01d), i.e. when the compression is better than
@@ -100,6 +103,34 @@ public class ZipSecureFile extends ZipFi
return MAX_ENTRY_SIZE;
}
+ /**
+ * Sets the maximum number of characters of text that are
+ * extracted before an exception is thrown during extracting
+ * text from documents.
+ *
+ * This can be used to limit memory consumption and protect against
+ * security vulnerabilities when documents are provided by users.
+ *
+ * @param maxTextSize the max. file size of a single zip entry
+ */
+ public static void setMaxTextSize(long maxTextSize) {
+ if (maxTextSize < 0 || maxTextSize > 0xFFFFFFFFl) {
+ throw new IllegalArgumentException("Max text size is bounded [0-4GB].");
+ }
+ MAX_TEXT_SIZE = maxTextSize;
+ }
+
+ /**
+ * Returns the current maximum allowed text size.
+ *
+ * See setMaxTextSize() for details.
+ *
+ * @return The max accepted text size.
+ */
+ public static long getMaxTextSize() {
+ return MAX_TEXT_SIZE;
+ }
+
public ZipSecureFile(File file, int mode) throws IOException {
super(file, mode);
}
Modified: poi/trunk/src/ooxml/java/org/apache/poi/xssf/extractor/XSSFEventBasedExcelExtractor.java
URL: http://svn.apache.org/viewvc/poi/trunk/src/ooxml/java/org/apache/poi/xssf/extractor/XSSFEventBasedExcelExtractor.java?rev=1711520&r1=1711519&r2=1711520&view=diff
==============================================================================
--- poi/trunk/src/ooxml/java/org/apache/poi/xssf/extractor/XSSFEventBasedExcelExtractor.java (original)
+++ poi/trunk/src/ooxml/java/org/apache/poi/xssf/extractor/XSSFEventBasedExcelExtractor.java Fri Oct 30 17:26:37 2015
@@ -283,11 +283,13 @@ public class XSSFEventBasedExcelExtracto
output.append('\t');
}
if (formattedValue != null) {
+ checkMaxTextSize(output, formattedValue);
output.append(formattedValue);
}
if (includeCellComments && comment != null) {
String commentText = comment.getString().getString().replace('\n', ' ');
output.append(formattedValue != null ? " Comment by " : "Comment by ");
+ checkMaxTextSize(output, commentText);
if (commentText.startsWith(comment.getAuthor() + ": ")) {
output.append(commentText);
} else {
@@ -363,6 +365,7 @@ public class XSSFEventBasedExcelExtracto
* Append the cell contents we have collected.
*/
private void appendCellText(StringBuffer buffer) {
+ checkMaxTextSize(buffer, output.toString());
buffer.append(output);
}
Modified: poi/trunk/src/ooxml/java/org/apache/poi/xssf/extractor/XSSFExcelExtractor.java
URL: http://svn.apache.org/viewvc/poi/trunk/src/ooxml/java/org/apache/poi/xssf/extractor/XSSFExcelExtractor.java?rev=1711520&r1=1711519&r2=1711520&view=diff
==============================================================================
--- poi/trunk/src/ooxml/java/org/apache/poi/xssf/extractor/XSSFExcelExtractor.java (original)
+++ poi/trunk/src/ooxml/java/org/apache/poi/xssf/extractor/XSSFExcelExtractor.java Fri Oct 30 17:26:37 2015
@@ -168,7 +168,9 @@ public class XSSFExcelExtractor extends
// Is it a formula one?
if(cell.getCellType() == Cell.CELL_TYPE_FORMULA) {
if (formulasNotResults) {
- text.append(cell.getCellFormula());
+ String contents = cell.getCellFormula();
+ checkMaxTextSize(text, contents);
+ text.append(contents);
} else {
if (cell.getCachedFormulaResultType() == Cell.CELL_TYPE_STRING) {
handleStringCell(text, cell);
@@ -188,6 +190,7 @@ public class XSSFExcelExtractor extends
// Replace any newlines with spaces, otherwise it
// breaks the output
String commentText = comment.getString().getString().replace('\n', ' ');
+ checkMaxTextSize(text, commentText);
text.append(" Comment by ").append(comment.getAuthor()).append(": ").append(commentText);
}
@@ -230,8 +233,11 @@ public class XSSFExcelExtractor extends
}
private void handleStringCell(StringBuffer text, Cell cell) {
- text.append(cell.getRichStringCellValue().getString());
+ String contents = cell.getRichStringCellValue().getString();
+ checkMaxTextSize(text, contents);
+ text.append(contents);
}
+
private void handleNonStringCell(StringBuffer text, Cell cell, DataFormatter formatter) {
int type = cell.getCellType();
if (type == Cell.CELL_TYPE_FORMULA) {
@@ -242,16 +248,18 @@ public class XSSFExcelExtractor extends
CellStyle cs = cell.getCellStyle();
if (cs != null && cs.getDataFormatString() != null) {
- text.append(formatter.formatRawCellContents(
- cell.getNumericCellValue(), cs.getDataFormat(), cs.getDataFormatString()
- ));
+ String contents = formatter.formatRawCellContents(
+ cell.getNumericCellValue(), cs.getDataFormat(), cs.getDataFormatString());
+ checkMaxTextSize(text, contents);
+ text.append(contents);
return;
}
}
// No supported styling applies to this cell
- XSSFCell xcell = (XSSFCell)cell;
- text.append( xcell.getRawValue() );
+ String contents = ((XSSFCell)cell).getRawValue();
+ checkMaxTextSize(text, contents);
+ text.append( contents );
}
private String extractHeaderFooter(HeaderFooter hf) {
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@poi.apache.org
For additional commands, e-mail: commits-help@poi.apache.org