import java.io.*;
import org.apache.poi.poifs.filesystem.*;
+import org.apache.poi.util.IOUtils;
/**
* <p>Describes the most important (whatever that is) features of a
*/
public class DocumentDescriptor
{
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
String name;
POIFSDocumentPath path;
DocumentInputStream stream;
if (stream.markSupported())
{
stream.mark(nrOfBytes);
- final byte[] b = new byte[nrOfBytes];
+ final byte[] b = IOUtils.safelyAllocate(nrOfBytes, MAX_RECORD_LENGTH);
final int read = stream.read(b, 0, Math.min(size, b.length));
bytes = new byte[read];
System.arraycopy(b, 0, bytes, 0, read);
import java.util.NoSuchElementException;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
* with all sorts of special cases. I'm hopeful I've got them all.
*/
public final class EscherArrayProperty extends EscherComplexProperty implements Iterable<byte[]> {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
/**
* The size of the header that goes at the
* start of the array, before the data
public void setNumberOfElementsInArray(int numberOfElements) {
int expectedArraySize = numberOfElements * getActualSizeOfElements(getSizeOfElements()) + FIXED_SIZE;
if (expectedArraySize != getComplexData().length) {
- byte[] newArray = new byte[expectedArraySize];
+ byte[] newArray = IOUtils.safelyAllocate(expectedArraySize, MAX_RECORD_LENGTH);
System.arraycopy(getComplexData(), 0, newArray, 0, getComplexData().length);
setComplexData(newArray);
}
public void setNumberOfElementsInMemory(int numberOfElements) {
int expectedArraySize = numberOfElements * getActualSizeOfElements(getSizeOfElements()) + FIXED_SIZE;
if (expectedArraySize != getComplexData().length) {
- byte[] newArray = new byte[expectedArraySize];
+ byte[] newArray = IOUtils.safelyAllocate(expectedArraySize, MAX_RECORD_LENGTH);
System.arraycopy(getComplexData(), 0, newArray, 0, expectedArraySize);
setComplexData(newArray);
}
int expectedArraySize = getNumberOfElementsInArray() * getActualSizeOfElements(getSizeOfElements()) + FIXED_SIZE;
if (expectedArraySize != getComplexData().length) {
// Keep just the first 6 bytes. The rest is no good to us anyway.
- byte[] newArray = new byte[expectedArraySize];
+ byte[] newArray = IOUtils.safelyAllocate(expectedArraySize, MAX_RECORD_LENGTH);
System.arraycopy( getComplexData(), 0, newArray, 0, 6 );
setComplexData(newArray);
}
public byte[] getElement(int index) {
int actualSize = getActualSizeOfElements(getSizeOfElements());
- byte[] result = new byte[actualSize];
+ byte[] result = IOUtils.safelyAllocate(actualSize, MAX_RECORD_LENGTH);
System.arraycopy(getComplexData(), FIXED_SIZE + index * actualSize, result, 0, result.length );
return result;
}
package org.apache.poi.ddf;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
* @see EscherBlipRecord
*/
public final class EscherBSERecord extends EscherRecord {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
public static final short RECORD_ID = (short) 0xF007;
public static final String RECORD_DESCRIPTION = "MsofbtBSE";
pos += 36 + bytesRead;
bytesRemaining -= bytesRead;
- _remainingData = new byte[bytesRemaining];
+ _remainingData = IOUtils.safelyAllocate(bytesRemaining, MAX_RECORD_LENGTH);
System.arraycopy( data, pos, _remainingData, 0, bytesRemaining );
return bytesRemaining + 8 + 36 + (field_12_blipRecord == null ? 0 : field_12_blipRecord.getRecordSize()) ;
package org.apache.poi.ddf;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
public class EscherBlipRecord extends EscherRecord {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000_000;
+
public static final short RECORD_ID_START = (short) 0xF018;
public static final short RECORD_ID_END = (short) 0xF117;
public static final String RECORD_DESCRIPTION = "msofbtBlip";
int bytesAfterHeader = readHeader( data, offset );
int pos = offset + HEADER_SIZE;
- field_pictureData = new byte[bytesAfterHeader];
+ field_pictureData = IOUtils.safelyAllocate(bytesAfterHeader, MAX_RECORD_LENGTH);
System.arraycopy(data, pos, field_pictureData, 0, bytesAfterHeader);
return bytesAfterHeader + 8;
if (pictureData == null || offset < 0 || length < 0 || pictureData.length < offset+length) {
throw new IllegalArgumentException("picture data can't be null");
}
- field_pictureData = new byte[length];
+ field_pictureData = IOUtils.safelyAllocate(length, MAX_RECORD_LENGTH);
System.arraycopy(pictureData, offset, field_pictureData, 0, length);
}
package org.apache.poi.ddf;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
public class EscherClientAnchorRecord
extends EscherRecord
{
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
public static final short RECORD_ID = (short) 0xF010;
public static final String RECORD_DESCRIPTION = "MsofbtClientAnchor";
}
}
bytesRemaining -= size;
- remainingData = new byte[bytesRemaining];
+ remainingData = IOUtils.safelyAllocate(bytesRemaining, MAX_RECORD_LENGTH);
System.arraycopy( data, pos + size, remainingData, 0, bytesRemaining );
return 8 + size + bytesRemaining;
}
package org.apache.poi.ddf;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
public class EscherClientDataRecord
extends EscherRecord
{
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
public static final short RECORD_ID = (short) 0xF011;
public static final String RECORD_DESCRIPTION = "MsofbtClientData";
public int fillFields(byte[] data, int offset, EscherRecordFactory recordFactory) {
int bytesRemaining = readHeader( data, offset );
int pos = offset + 8;
- remainingData = new byte[bytesRemaining];
+ remainingData = IOUtils.safelyAllocate(bytesRemaining, MAX_RECORD_LENGTH);
System.arraycopy( data, pos, remainingData, 0, bytesRemaining );
return 8 + bytesRemaining;
}
import java.util.zip.InflaterInputStream;
import org.apache.poi.hssf.usermodel.HSSFPictureData;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
public final class EscherMetafileBlip extends EscherBlipRecord {
private static final POILogger log = POILogFactory.getLogger(EscherMetafileBlip.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000_000;
public static final short RECORD_ID_EMF = (short) 0xF018 + 2;
public static final short RECORD_ID_WMF = (short) 0xF018 + 3;
field_6_fCompression = data[pos]; pos++;
field_7_fFilter = data[pos]; pos++;
- raw_pictureData = new byte[field_5_cbSave];
+ raw_pictureData = IOUtils.safelyAllocate(field_5_cbSave, MAX_RECORD_LENGTH);
System.arraycopy( data, pos, raw_pictureData, 0, field_5_cbSave );
pos += field_5_cbSave;
int remaining = bytesAfterHeader - pos + offset + HEADER_SIZE;
if(remaining > 0) {
- remainingData = new byte[remaining];
+ remainingData = IOUtils.safelyAllocate(remaining, MAX_RECORD_LENGTH);
System.arraycopy( data, pos, remainingData, 0, remaining );
}
return bytesAfterHeader + HEADER_SIZE;
import java.io.IOException;
import java.util.zip.InflaterInputStream;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
public final class EscherPictBlip extends EscherBlipRecord {
private static final POILogger log = POILogFactory.getLogger(EscherPictBlip.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
public static final short RECORD_ID_EMF = (short) 0xF018 + 2;
public static final short RECORD_ID_WMF = (short) 0xF018 + 3;
field_6_fCompression = data[pos]; pos++;
field_7_fFilter = data[pos]; pos++;
- raw_pictureData = new byte[field_5_cbSave];
+ raw_pictureData = IOUtils.safelyAllocate(field_5_cbSave, MAX_RECORD_LENGTH);
System.arraycopy( data, pos, raw_pictureData, 0, field_5_cbSave );
// 0 means DEFLATE compression
import java.util.ArrayList;
import java.util.List;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
* Generates a property given a reference into the byte array storing that property.
*/
public final class EscherPropertyFactory {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000_000;
+
/**
* Create new properties from a byte array.
*
if ( !isComplex ) {
ep = new EscherSimpleProperty( propId, propData );
} else if ( propertyType == EscherPropertyMetaData.TYPE_ARRAY) {
- ep = new EscherArrayProperty( propId, new byte[propData]);
+ ep = new EscherArrayProperty( propId, IOUtils.safelyAllocate(propData, MAX_RECORD_LENGTH));
} else {
- ep = new EscherComplexProperty( propId, new byte[propData]);
+ ep = new EscherComplexProperty( propId, IOUtils.safelyAllocate(propData, MAX_RECORD_LENGTH));
}
break;
}
import java.util.ArrayList;
import java.util.List;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.RecordFormatException;
* they will be in the parent's format, not Escher format.
*/
public final class EscherTextboxRecord extends EscherRecord implements Cloneable {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
public static final short RECORD_ID = (short)0xF00D;
public static final String RECORD_DESCRIPTION = "msofbtClientTextbox";
// Save the data, ready for the calling code to do something
// useful with it
- thedata = new byte[bytesRemaining];
+ thedata = IOUtils.safelyAllocate(bytesRemaining, MAX_RECORD_LENGTH);
System.arraycopy( data, offset + 8, thedata, 0, bytesRemaining );
return bytesRemaining + 8;
}
*/
public void setData(byte[] b, int start, int length)
{
- thedata = new byte[length];
+ thedata = IOUtils.safelyAllocate(length, MAX_RECORD_LENGTH);
System.arraycopy(b,start,thedata,0,length);
}
import java.util.List;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
* we do not explicitly support.
*/
public final class UnknownEscherRecord extends EscherRecord implements Cloneable {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000_000;
+
private static final byte[] NO_BYTES = new byte[0];
/** The data for this record not including the the 8 byte header */
bytesRemaining = 0;
}
- thedata = new byte[bytesRemaining];
+ thedata = IOUtils.safelyAllocate(bytesRemaining, MAX_RECORD_LENGTH);
System.arraycopy( data, offset + 8, thedata, 0, bytesRemaining );
return bytesRemaining + 8;
}
==================================================================== */
package org.apache.poi.hpsf;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndianInput;
@Internal
class Blob {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private byte[] _value;
Blob() {}
void read( LittleEndianInput lei ) {
int size = lei.readInt();
- _value = new byte[size];
+ _value = IOUtils.safelyAllocate(size, MAX_RECORD_LENGTH);
if ( size > 0 ) {
lei.readFully(_value);
}
@Internal
class ClipboardData {
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000_000;
+
private static final POILogger LOG = POILogFactory.getLogger( ClipboardData.class );
private int _format;
}
_format = lei.readInt();
- _value = new byte[size - LittleEndianConsts.INT_SIZE];
+ _value = IOUtils.safelyAllocate(size - LittleEndianConsts.INT_SIZE, MAX_RECORD_LENGTH);
lei.readFully(_value);
}
import java.io.UnsupportedEncodingException;
import org.apache.poi.util.CodePageUtil;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianByteArrayInputStream;
@Internal
class CodePageString {
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private final static POILogger LOG = POILogFactory.getLogger( CodePageString.class );
private byte[] _value;
void read( LittleEndianByteArrayInputStream lei ) {
int offset = lei.getReadIndex();
int size = lei.readInt();
- _value = new byte[size];
+ _value = IOUtils.safelyAllocate(size, MAX_RECORD_LENGTH);
if (size == 0) {
return;
}
import org.apache.poi.hpsf.wellknown.PropertyIDMap;
import org.apache.poi.hpsf.wellknown.SectionIDMap;
import org.apache.poi.util.CodePageUtil;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianByteArrayInputStream;
import org.apache.poi.util.LittleEndianConsts;
* Represents a section in a {@link PropertySet}.
*/
public class Section {
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private static final POILogger LOG = POILogFactory.getLogger(Section.class);
/**
}
try {
- byte buf[] = new byte[nrBytes];
+ byte buf[] = IOUtils.safelyAllocate(nrBytes, MAX_RECORD_LENGTH);
leis.readFully(buf, 0, nrBytes);
final String str = CodePageUtil.getStringFromCodePage(buf, 0, nrBytes, cp);
import java.io.UnsupportedEncodingException;
import org.apache.poi.util.CodePageUtil;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianByteArrayInputStream;
@Internal
class UnicodeString {
private static final POILogger LOG = POILogFactory.getLogger( UnicodeString.class );
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
private byte[] _value;
void read(LittleEndianByteArrayInputStream lei) {
final int length = lei.readInt();
final int unicodeBytes = length*2;
- _value = new byte[unicodeBytes];
+ _value = IOUtils.safelyAllocate(unicodeBytes, MAX_RECORD_LENGTH);
// If Length is zero, this field MUST be zero bytes in length. If Length is
// nonzero, this field MUST be a null-terminated array of 16-bit Unicode characters, followed by
import java.util.LinkedList;
import java.util.List;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianByteArrayInputStream;
import org.apache.poi.util.LittleEndianConsts;
private static final POILogger logger = POILogFactory.getLogger(VariantSupport.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private static boolean logUnsupportedTypes;
/**
typedPropertyValue.readValue(lei);
} catch ( UnsupportedOperationException exc ) {
int propLength = Math.min( length, lei.available() );
- final byte[] v = new byte[propLength];
+ final byte[] v = IOUtils.safelyAllocate(propLength, MAX_RECORD_LENGTH);
lei.readFully(v, 0, propLength);
throw new ReadingNotSupportedException( type, v );
}
default:
final int unpadded = lei.getReadIndex()-offset;
lei.setReadIndex(offset);
- final byte[] v = new byte[unpadded];
+ final byte[] v = IOUtils.safelyAllocate(unpadded, MAX_RECORD_LENGTH);
lei.readFully( v, 0, unpadded );
throw new ReadingNotSupportedException( type, v );
}
public class OldExcelExtractor implements Closeable {
private final static int FILE_PASS_RECORD_SID = 0x2f;
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private RecordInputStream ris;
break;
default:
- ris.readFully(new byte[ris.remaining()]);
+ ris.readFully(IOUtils.safelyAllocate(ris.remaining(), MAX_RECORD_LENGTH));
}
}
import org.apache.poi.ss.usermodel.IconMultiStateFormatting.IconSet;
import org.apache.poi.ss.util.CellRangeAddress;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndianOutput;
import org.apache.poi.util.POILogger;
* this is only used for the other types
*/
public final class CFRule12Record extends CFRuleBase implements FutureRecord, Cloneable {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
public static final short sid = 0x087A;
private FtrHeader futureHeader;
priority = 0;
template_type = getConditionType();
template_param_length = 16;
- template_params = new byte[template_param_length];
+ template_params = IOUtils.safelyAllocate(template_param_length, MAX_RECORD_LENGTH);
}
/**
} else {
int len = readFormatOptions(in);
if (len < ext_formatting_length) {
- ext_formatting_data = new byte[ext_formatting_length-len];
+ ext_formatting_data = IOUtils.safelyAllocate(ext_formatting_length-len, MAX_RECORD_LENGTH);
in.readFully(ext_formatting_data);
}
}
template_type = in.readUShort();
template_param_length = in.readByte();
if (template_param_length == 0 || template_param_length == 16) {
- template_params = new byte[template_param_length];
+ template_params = IOUtils.safelyAllocate(template_param_length, MAX_RECORD_LENGTH);
in.readFully(template_params);
} else {
logger.log(POILogger.WARN, "CF Rule v12 template params length should be 0 or 16, found " + template_param_length);
// use min() to gracefully handle cases where the length-property and the array-length do not match
// we saw some such files in circulation
rec.ext_formatting_length = Math.min(ext_formatting_length, ext_formatting_data.length);
- rec.ext_formatting_data = new byte[ext_formatting_length];
+ rec.ext_formatting_data = IOUtils.safelyAllocate(ext_formatting_length, MAX_RECORD_LENGTH);
System.arraycopy(ext_formatting_data, 0, rec.ext_formatting_data, 0, rec.ext_formatting_length);
rec.formula_scale = formula_scale.copy();
rec.priority = priority;
rec.template_type = template_type;
rec.template_param_length = template_param_length;
- rec.template_params = new byte[template_param_length];
+ rec.template_params = IOUtils.safelyAllocate(template_param_length, MAX_RECORD_LENGTH);
System.arraycopy(template_params, 0, rec.template_params, 0, template_param_length);
if (color_gradient != null) {
rec.data_bar = (DataBarFormatting)data_bar.clone();
}
if (filter_data != null) {
- rec.filter_data = new byte[filter_data.length];
+ rec.filter_data = IOUtils.safelyAllocate(filter_data.length, MAX_RECORD_LENGTH);
System.arraycopy(filter_data, 0, rec.filter_data, 0, filter_data.length);
}
import java.util.Arrays;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianOutput;
import org.apache.poi.util.RecordFormatException;
public class DConRefRecord extends StandardRecord
{
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
/**
* The id of the record type,
* <code>sid = {@value}</code>
*/
int byteLength = charCount * ((charType & 1) + 1);
- path = LittleEndian.getByteArray(data, offset, byteLength);
+ path = LittleEndian.getByteArray(data, offset, byteLength, MAX_RECORD_LENGTH);
offset += byteLength;
/*
* unused field. Not sure If i need to bother with this...
*/
if (path[0] == 0x02)
- _unused = LittleEndian.getByteArray(data, offset, (charType + 1));
+ _unused = LittleEndian.getByteArray(data, offset, (charType + 1), MAX_RECORD_LENGTH);
}
// byteLength depends on whether we are using single- or double-byte chars.
int byteLength = charCount * (charType + 1);
- path = new byte[byteLength];
+ path = IOUtils.safelyAllocate(byteLength, MAX_RECORD_LENGTH);
inStream.readFully(path);
if (path[0] == 0x02)
import org.apache.poi.ss.formula.ptg.Ref3DPtg;
import org.apache.poi.ss.formula.ptg.RefPtg;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianInput;
import org.apache.poi.util.LittleEndianInputStream;
*/
public final class EmbeddedObjectRefSubRecord extends SubRecord implements Cloneable {
private static POILogger logger = POILogFactory.getLogger(EmbeddedObjectRefSubRecord.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
public static final short sid = 0x0009;
private static final byte[] EMPTY_BYTE_ARRAY = { };
if (size == 0) {
return EMPTY_BYTE_ARRAY;
}
- byte[] result = new byte[size];
+ byte[] result = IOUtils.safelyAllocate(size, MAX_RECORD_LENGTH);
in.readFully(result);
return result;
}
import org.apache.poi.ddf.EscherSpRecord;
import org.apache.poi.ddf.EscherSpgrRecord;
import org.apache.poi.ddf.EscherTextboxRecord;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
import org.apache.poi.util.RecordFormatException;
public final class EscherAggregate extends AbstractEscherHolderRecord {
public static final short sid = 9876; // not a real sid - dummy value
private static POILogger log = POILogFactory.getLogger(EscherAggregate.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000_000;
+
public static final short ST_MIN = (short) 0;
public static final short ST_NOT_PRIMATIVE = ST_MIN;
// Determine buffer size
List<EscherRecord> records = getEscherRecords();
int rawEscherSize = getEscherRecordSize(records);
- byte[] buffer = new byte[rawEscherSize];
+ byte[] buffer = IOUtils.safelyAllocate(rawEscherSize, MAX_RECORD_LENGTH);
final List<Integer> spEndingOffsets = new ArrayList<>();
int pos = 0;
for (EscherRecord e : records) {
package org.apache.poi.hssf.record;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndianInput;
import org.apache.poi.util.LittleEndianOutput;
import org.apache.poi.util.RecordFormatException;
throw new RecordFormatException("Unexpected size (" + size + ")");
}
//just grab the raw data
- byte[] buf = new byte[size];
+ byte[] buf = IOUtils.safelyAllocate(size, ENCODED_SIZE);
in.readFully(buf);
reserved = buf;
}
package org.apache.poi.hssf.record;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndianInput;
import org.apache.poi.util.LittleEndianOutput;
*/
public final class GroupMarkerSubRecord extends SubRecord implements Cloneable {
public final static short sid = 0x0006;
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private static final byte[] EMPTY_BYTE_ARRAY = { };
}
public GroupMarkerSubRecord(LittleEndianInput in, int size) {
- byte[] buf = new byte[size];
+ byte[] buf = IOUtils.safelyAllocate(size, MAX_RECORD_LENGTH);
in.readFully(buf);
reserved = buf;
}
import org.apache.poi.ss.util.CellRangeAddress;
import org.apache.poi.util.HexDump;
import org.apache.poi.util.HexRead;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianInput;
import org.apache.poi.util.LittleEndianOutput;
public final class HyperlinkRecord extends StandardRecord implements Cloneable {
public final static short sid = 0x01B8;
private static POILogger logger = POILogFactory.getLogger(HyperlinkRecord.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
static final class GUID {
/*
int len = in.readInt();
- byte[] path_bytes = new byte[len];
+ byte[] path_bytes = IOUtils.safelyAllocate(len, MAX_RECORD_LENGTH);
in.readFully(path_bytes);
_address = new String(path_bytes, StringUtil.UTF8);
package org.apache.poi.hssf.record;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndianInput;
import org.apache.poi.util.LittleEndianOutput;
import org.apache.poi.util.RecordFormatException;
throw new RecordFormatException("Unexpected size (" + size + ")");
}
//just grab the raw data
- byte[] buf = new byte[size];
+ byte[] buf = IOUtils.safelyAllocate(size, ENCODED_SIZE);
in.readFully(buf);
reserved = buf;
}
package org.apache.poi.hssf.record;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
import org.apache.poi.util.RecordFormatException;
*/
public final class OldLabelRecord extends OldCellRecord {
private final static POILogger logger = POILogFactory.getLogger(OldLabelRecord.class);
+ //arbitrarily set, may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
public final static short biff2_sid = 0x0004;
public final static short biff345_sid = 0x0204;
}
// Can only decode properly later when you know the codepage
- field_5_bytes = new byte[field_4_string_len];
+ field_5_bytes = IOUtils.safelyAllocate(field_4_string_len, MAX_RECORD_LENGTH);
in.read(field_5_bytes, 0, field_4_string_len);
if (in.remaining() > 0) {
package org.apache.poi.hssf.record;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
/**
* Title: Bound Sheet Record (aka BundleSheet) (0x0085) for BIFF 5<P>
* file.
*/
public final class OldSheetRecord {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
public final static short sid = 0x0085;
private int field_1_position_of_BOF;
field_2_visibility = in.readUByte();
field_3_type = in.readUByte();
int field_4_sheetname_length = in.readUByte();
- field_5_sheetname = new byte[field_4_sheetname_length];
+ field_5_sheetname = IOUtils.safelyAllocate(field_4_sheetname_length, MAX_RECORD_LENGTH);
in.read(field_5_sheetname, 0, field_4_sheetname_length);
}
import org.apache.poi.hpsf.Property;
import org.apache.poi.util.CodePageUtil;
+import org.apache.poi.util.IOUtils;
/**
* formula string results.
*/
public final class OldStringRecord {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
public final static short biff2_sid = 0x0007;
public final static short biff345_sid = 0x0207;
}
// Can only decode properly later when you know the codepage
- field_2_bytes = new byte[field_1_string_len];
+ field_2_bytes = IOUtils.safelyAllocate(field_1_string_len, MAX_RECORD_LENGTH);
in.read(field_2_bytes, 0, field_1_string_len);
}
import org.apache.poi.hssf.dev.BiffViewer;
import org.apache.poi.hssf.record.crypto.Biff8DecryptingStream;
import org.apache.poi.poifs.crypt.EncryptionInfo;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndianConsts;
import org.apache.poi.util.LittleEndianInput;
* Description: Wraps a stream and provides helper methods for the construction of records.<P>
*/
public final class RecordInputStream implements LittleEndianInput {
+
+
/** Maximum size of a single record (minus the 4 byte header) without a continue*/
public final static short MAX_RECORD_DATA_SIZE = 8224;
private static final int INVALID_SID_VALUE = -1;
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
/**
* When {@link #_currentDataLength} has this value, it means that the previous BIFF record is
* finished, the next sid has been properly read, but the data size field has not been read yet.
if (size ==0) {
return EMPTY_BYTE_ARRAY;
}
- byte[] result = new byte[size];
+ byte[] result = IOUtils.safelyAllocate(size, MAX_RECORD_LENGTH);
readFully(result);
return result;
}
package org.apache.poi.hssf.record;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndianInput;
import org.apache.poi.util.LittleEndianOutput;
import org.apache.poi.util.LittleEndianOutputStream;
* Subrecords are part of the OBJ class.
*/
public abstract class SubRecord {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
protected SubRecord() {
// no fields to initialise
}
public UnknownSubRecord(LittleEndianInput in, int sid, int size) {
_sid = sid;
- byte[] buf = new byte[size];
+ byte[] buf = IOUtils.safelyAllocate(size, MAX_RECORD_LENGTH);
in.readFully(buf);
_data = buf;
}
import org.apache.poi.hssf.record.cont.ContinuableRecordOutput;
import org.apache.poi.util.BitField;
import org.apache.poi.util.BitFieldFactory;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndianInput;
import org.apache.poi.util.LittleEndianOutput;
import org.apache.poi.util.POILogFactory;
// TODO - make this final when the compatibility version is removed
private static POILogger _logger = POILogFactory.getLogger(UnicodeString.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
+
private short field_1_charCount;
private byte field_2_optionflags;
private String field_3_string;
_logger.log( POILogger.WARN, "Warning - ExtRst overran by " + (0-extraDataLength) + " bytes");
extraDataLength = 0;
}
- extraData = new byte[extraDataLength];
+ extraData = IOUtils.safelyAllocate(extraDataLength, MAX_RECORD_LENGTH);
for(int i=0; i<extraData.length; i++) {
extraData[i] = in.readByte();
}
import org.apache.poi.poifs.crypt.ChunkedCipherInputStream;
import org.apache.poi.poifs.crypt.Decryptor;
import org.apache.poi.poifs.crypt.EncryptionInfo;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianConsts;
import org.apache.poi.util.LittleEndianInput;
public final class Biff8DecryptingStream implements BiffHeaderInput, LittleEndianInput {
public static final int RC4_REKEYING_INTERVAL = 1024;
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
private final EncryptionInfo info;
private ChunkedCipherInputStream ccis;
public Biff8DecryptingStream(InputStream in, int initialOffset, EncryptionInfo info) throws RecordFormatException {
try {
- byte initialBuf[] = new byte[initialOffset];
+ byte initialBuf[] = IOUtils.safelyAllocate(initialOffset, MAX_RECORD_LENGTH);
InputStream stream;
if (initialOffset == 0) {
stream = in;
import org.apache.poi.ss.usermodel.Workbook;
import org.apache.poi.util.Configurator;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianByteArrayInputStream;
* @see org.apache.poi.hssf.usermodel.HSSFSheet
*/
public final class HSSFWorkbook extends POIDocument implements org.apache.poi.ss.usermodel.Workbook {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private static final Pattern COMMA_PATTERN = Pattern.compile(",");
/**
if (sid == BoundSheetRecord.sid) {
// special case for the field_1_position_of_BOF (=lbPlyPos) field of
// the BoundSheet8 record which must be unencrypted
- byte bsrBuf[] = new byte[len];
+ byte bsrBuf[] = IOUtils.safelyAllocate(len, MAX_RECORD_LENGTH);
plain.readFully(bsrBuf);
os.writePlain(bsrBuf, 0, 4);
os.write(bsrBuf, 4, len-4);
import javax.crypto.ShortBufferException;
import org.apache.poi.EncryptedDocumentException;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndianInputStream;
@Internal
public abstract class ChunkedCipherInputStream extends LittleEndianInputStream {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private final int chunkSize;
private final int chunkBits;
this.pos = initialPos;
this.chunkSize = chunkSize;
int cs = chunkSize == -1 ? 4096 : chunkSize;
- this.chunk = new byte[cs];
- this.plain = new byte[cs];
+ this.chunk = IOUtils.safelyAllocate(cs, MAX_RECORD_LENGTH);
+ this.plain = IOUtils.safelyAllocate(cs, MAX_RECORD_LENGTH);
this.chunkBits = Integer.bitCount(chunk.length-1);
this.lastIndex = (int)(pos >> chunkBits);
this.cipher = initCipherForBlock(null, lastIndex);
@Internal
public abstract class ChunkedCipherOutputStream extends FilterOutputStream {
private static final POILogger LOG = POILogFactory.getLogger(ChunkedCipherOutputStream.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private static final int STREAMING = -1;
private final int chunkSize;
super(null);
this.chunkSize = chunkSize;
int cs = chunkSize == STREAMING ? 4096 : chunkSize;
- this.chunk = new byte[cs];
+ this.chunk = IOUtils.safelyAllocate(cs, MAX_RECORD_LENGTH);
this.plainByteFlags = new BitSet(cs);
this.chunkBits = Integer.bitCount(cs-1);
this.fileOut = TempFile.createTempFile("encrypted_package", "crypt");
super(stream);
this.chunkSize = chunkSize;
int cs = chunkSize == STREAMING ? 4096 : chunkSize;
- this.chunk = new byte[cs];
+ this.chunk = IOUtils.safelyAllocate(cs, MAX_RECORD_LENGTH);
this.plainByteFlags = new BitSet(cs);
this.chunkBits = Integer.bitCount(cs-1);
this.fileOut = null;
import javax.crypto.spec.RC2ParameterSpec;
import org.apache.poi.EncryptedDocumentException;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianConsts;
*/
@Internal
public class CryptoFunctions {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
/**
* <p><cite>2.3.4.7 ECMA-376 Document Encryption Key Generation (Standard Encryption)<br>
* 2.3.4.11 Encryption Key Generation (Agile Encryption)</cite></p>
private static byte[] getBlockX(byte[] hash, int size, byte fill) {
if (hash.length == size) return hash;
- byte[] result = new byte[size];
+ byte[] result = IOUtils.safelyAllocate(size, MAX_RECORD_LENGTH);
Arrays.fill(result, fill);
System.arraycopy(hash, 0, result, 0, Math.min(result.length, hash.length));
return result;
import org.apache.poi.poifs.filesystem.DocumentEntry;
import org.apache.poi.poifs.filesystem.POIFSWriterEvent;
import org.apache.poi.poifs.filesystem.POIFSWriterListener;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndianByteArrayOutputStream;
import org.apache.poi.util.LittleEndianConsts;
import org.apache.poi.util.LittleEndianInput;
import org.apache.poi.util.StringUtil;
public class DataSpaceMapUtils {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
public static void addDefaultDataSpace(DirectoryEntry dir) throws IOException {
DataSpaceMapEntry dsme = new DataSpaceMapEntry(
new int[]{ 0 }
return length == 0 ? null : "";
}
- byte data[] = new byte[length];
+ byte data[] = IOUtils.safelyAllocate(length, MAX_RECORD_LENGTH);
is.readFully(data);
// Padding (variable): A set of bytes that MUST be of correct size such that the size of the UTF-8-LP-P4
* Dump internal structure of a OLE2 file into file system
*/
public class POIFSDump {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
public static void main(String[] args) throws IOException {
if (args.length == 0) {
System.err.println("Must specify at least one file to dump");
try {
NPOIFSStream stream = new NPOIFSStream(fs, startBlock);
- byte[] b = new byte[fs.getBigBlockSize()];
+ byte[] b = IOUtils.safelyAllocate(fs.getBigBlockSize(), MAX_RECORD_LENGTH);
for (ByteBuffer bb : stream) {
int len = bb.remaining();
bb.get(b);
import java.io.IOException;
import java.io.InputStream;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndianInput;
import org.apache.poi.util.SuppressForbidden;
import java.util.Iterator;
import org.apache.poi.poifs.property.DocumentProperty;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
long rval = new_offset - _current_offset;
// TODO Do this better
- byte[] skip = new byte[(int)rval];
+ byte[] skip = IOUtils.safelyAllocate(rval, Integer.MAX_VALUE);
readFully(skip);
return rval;
}
import org.apache.poi.poifs.dev.POIFSViewable;
import org.apache.poi.poifs.property.DocumentProperty;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
/**
* This class manages a document in the NIO POIFS filesystem.
* This is the {@link NPOIFSFileSystem} version.
*/
public final class NPOIFSDocument implements POIFSViewable {
- private DocumentProperty _property;
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
+ private DocumentProperty _property;
private NPOIFSFileSystem _filesystem;
private NPOIFSStream _stream;
int usedInBlock = length % _block_size;
if (usedInBlock != 0 && usedInBlock != _block_size) {
int toBlockEnd = _block_size - usedInBlock;
- byte[] padding = new byte[toBlockEnd];
+ byte[] padding = IOUtils.safelyAllocate(toBlockEnd, MAX_RECORD_LENGTH);
Arrays.fill(padding, (byte)0xFF);
os.write(padding);
}
if(getSize() > 0) {
// Get all the data into a single array
- byte[] data = new byte[getSize()];
+ byte[] data = IOUtils.safelyAllocate(getSize(), MAX_RECORD_LENGTH);
int offset = 0;
for(ByteBuffer buffer : _stream) {
int length = Math.min(_block_size, data.length-offset);
public class NPOIFSFileSystem extends BlockStore
implements POIFSViewable, Closeable
{
- private static final POILogger LOG = POILogFactory.getLogger(NPOIFSFileSystem.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
+ private static final POILogger LOG = POILogFactory.getLogger(NPOIFSFileSystem.class);
/**
* Convenience method for clients that want to avoid the auto-close behaviour of the constructor.
if(newFS) {
// Data needs to initially hold just the header block,
// a single bat block, and an empty properties section
- _data = new ByteArrayBackedDataSource(new byte[bigBlockSize.getBigBlockSize()*3]);
+ _data = new ByteArrayBackedDataSource(IOUtils.safelyAllocate(
+ bigBlockSize.getBigBlockSize()*3, MAX_RECORD_LENGTH));
}
}
import java.io.IOException;
import java.io.OutputStream;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianConsts;
import org.apache.poi.util.LittleEndianOutputStream;
*/
public class Ole10Native {
+
public static final String OLE10_NATIVE = "\u0001Ole10Native";
protected static final String ISO1 = "ISO-8859-1";
-
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000_000;
+
// (the fields as they appear in the raw record:)
private int totalSize; // 4 bytes, total size of record not including this field
private short flags1 = 2; // 2 bytes, unknown, mostly [02 00]
public static Ole10Native createFromEmbeddedOleObject(DirectoryNode directory) throws IOException, Ole10NativeException {
DocumentEntry nativeEntry =
(DocumentEntry)directory.getEntry(OLE10_NATIVE);
- byte[] data = new byte[nativeEntry.getSize()];
+ byte[] data = IOUtils.safelyAllocate(nativeEntry.getSize(), MAX_RECORD_LENGTH);
int readBytes = directory.createDocumentInputStream(nativeEntry).read(data);
assert(readBytes == data.length);
if ((long)dataSize + (long)ofs > (long)data.length) { //cast to avoid overflow
throw new Ole10NativeException("Invalid Ole10Native: declared data length > available data");
}
- dataBuffer = new byte[dataSize];
+ dataBuffer = IOUtils.safelyAllocate(dataSize, MAX_RECORD_LENGTH);
System.arraycopy(data, ofs, dataBuffer, 0, dataSize);
ofs += dataSize;
}
package org.apache.poi.poifs.nio;
+import org.apache.poi.util.IOUtils;
+
import java.io.IOException;
import java.io.OutputStream;
import java.nio.ByteBuffer;
* A POIFS {@link DataSource} backed by a byte array.
*/
public class ByteArrayBackedDataSource extends DataSource {
+ //Can we make this shorter?
+ private static final int MAX_RECORD_LENGTH = Integer.MAX_VALUE;
+
private byte[] buffer;
private long size;
difference = 4096;
}
- byte[] nb = new byte[(int)(difference+buffer.length)];
+ long totalLen = difference+buffer.length;
+ byte[] nb = IOUtils.safelyAllocate(totalLen, MAX_RECORD_LENGTH);
System.arraycopy(buffer, 0, nb, 0, (int)size);
buffer = nb;
}
import org.apache.poi.poifs.filesystem.NPOIFSFileSystem;
import org.apache.poi.poifs.filesystem.NPOIFSStream;
import org.apache.poi.poifs.storage.HeaderBlock;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
public final class NPropertyTable extends PropertyTableBase {
private static final POILogger _logger =
POILogFactory.getLogger(NPropertyTable.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private POIFSBigBlockSize _bigBigBlockSize;
public NPropertyTable(HeaderBlock headerBlock)
bb.array().length == bigBlockSize.getBigBlockSize()) {
data = bb.array();
} else {
- data = new byte[bigBlockSize.getBigBlockSize()];
+ data = IOUtils.safelyAllocate(bigBlockSize.getBigBlockSize(), MAX_RECORD_LENGTH);
int toRead = data.length;
if (bb.remaining() < bigBlockSize.getBigBlockSize()) {
* @author Marc Johnson (mjohnson at apache dot org)
*/
public final class DocumentBlock extends BigBlock {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private static final byte _default_value = ( byte ) 0xFF;
private byte[] _data;
private int _bytes_read;
private DocumentBlock(POIFSBigBlockSize bigBlockSize)
{
super(bigBlockSize);
- _data = new byte[ bigBlockSize.getBigBlockSize() ];
+ _data = IOUtils.safelyAllocate(bigBlockSize.getBigBlockSize(), MAX_RECORD_LENGTH);
Arrays.fill(_data, _default_value);
}
* The block containing the archive header
*/
public final class HeaderBlock implements HeaderBlockConstants {
- private static final byte _default_value = ( byte ) 0xFF;
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
+ private static final byte _default_value = ( byte ) 0xFF;
/**
* What big block size the file uses. Most files
// Fetch the rest of the block if needed
if(bigBlockSize.getBigBlockSize() != 512) {
int rest = bigBlockSize.getBigBlockSize() - 512;
- byte[] tmp = new byte[rest];
+ byte[] tmp = IOUtils.safelyAllocate(rest, MAX_RECORD_LENGTH);
IOUtils.readFully(stream, tmp);
}
}
public class RawDataBlock
implements ListManagedBlock
{
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private byte[] _data;
private boolean _eof;
private boolean _hasData;
*/
public RawDataBlock(final InputStream stream, int blockSize)
throws IOException {
- _data = new byte[ blockSize ];
+ _data = IOUtils.safelyAllocate(blockSize, MAX_RECORD_LENGTH);
int count = IOUtils.readFully(stream, _data);
_hasData = (count > 0);
import org.apache.poi.ss.formula.ptg.Ptg;
import org.apache.poi.ss.formula.ptg.TblPtg;
import org.apache.poi.ss.util.CellReference;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianByteArrayInputStream;
import org.apache.poi.util.LittleEndianInput;
*/
public class Formula {
+ //Arbitrarily set. May need to increase.
+ private static final int MAX_ENCODED_LEN = 100000;
+
private static final Formula EMPTY = new Formula(new byte[0], 0);
/** immutable */
* @return A new formula object as read from the stream. Possibly empty, never <code>null</code>.
*/
public static Formula read(int encodedTokenLen, LittleEndianInput in, int totalEncodedLen) {
- byte[] byteEncoding = new byte[totalEncodedLen];
+ byte[] byteEncoding = IOUtils.safelyAllocate(totalEncodedLen, MAX_ENCODED_LEN);
in.readFully(byteEncoding);
return new Formula(byteEncoding, encodedTokenLen);
}
import java.util.regex.Pattern;
import org.apache.poi.ss.formula.ptg.Ptg;
+import org.apache.poi.util.IOUtils;
/**
* Converts the text meta-data file into a <tt>FunctionMetadataRegistry</tt>
*/
final class FunctionMetadataReader {
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private static final String METADATA_FILE_NAME = "functionMetadata.txt";
/** plain ASCII text metadata file uses three dots for ellipsis */
// (all unspecified params are assumed to be the same as the last)
nItems --;
}
- byte[] result = new byte[nItems];
+ byte[] result = IOUtils.safelyAllocate(nItems, MAX_RECORD_LENGTH);
for (int i = 0; i < nItems; i++) {
result[i] = parseOperandTypeCode(array[i]);
}
* The default buffer size to use for the skip() methods.
*/
private static final int SKIP_BUFFER_SIZE = 2048;
+ private static int BYTE_ARRAY_MAX_OVERRIDE = -1;
private static byte[] SKIP_BYTE_BUFFER;
private IOUtils() {
// no instances of this class
}
+ /**
+ * If this value is set to > 0, {@link #safelyAllocate(long, int)} will ignore the
+ * maximum record length parameter. This is designed to allow users to bypass
+ * the hard-coded maximum record lengths if they are willing to accept the risk
+ * of an OutOfMemoryException.
+ *
+ * @param maxOverride
+ * @since 4.0.0
+ */
+ public static void setByteArrayMaxOverride(int maxOverride) {
+ BYTE_ARRAY_MAX_OVERRIDE = maxOverride;
+ }
+
/**
* Peeks at the first 8 bytes of the stream. Returns those bytes, but
* with the stream unaffected. Requires a stream that supports mark/reset,
if (length > (long)Integer.MAX_VALUE) {
throw new RecordFormatException("Can't allocate an array > "+Integer.MAX_VALUE);
}
- if (length > maxLength) {
- throw new RecordFormatException("Not allowed to allocate an array > "+
- maxLength+" for this record type." +
- "If the file is not corrupt, please open an issue on bugzilla to request " +
- "increasing the maximum allowable size for this record type");
+ if (BYTE_ARRAY_MAX_OVERRIDE > 0) {
+ if (length > BYTE_ARRAY_MAX_OVERRIDE) {
+ throwRFE(length, BYTE_ARRAY_MAX_OVERRIDE);
+ }
+ } else if (length > maxLength) {
+ throwRFE(length, maxLength);
}
return new byte[(int)length];
}
+
+ private static void throwRFE(long length, int maxLength) {
+ throw new RecordFormatException("Tried to allocate an array of length "+length +
+ ", but "+ maxLength+" is the maximum for this record type.\n" +
+ "If the file is not corrupt, please open an issue on bugzilla to request \n" +
+ "increasing the maximum allowable size for this record type.\n"+
+ "As a temporary workaround, consider setting a higher override value with " +
+ "IOUtils.setByteArrayMaxOverride()");
+
+ }
}
* http://marknelson.us/1989/10/01/lzw-data-compression/
*/
public abstract class LZWDecompresser {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
/**
* Does the mask bit mean it's compressed or uncompressed?
*/
// These are bytes as looked up in the dictionary
// It needs to be signed, as it'll get passed on to
// the output stream
- byte[] dataB = new byte[16+codeLengthIncrease];
+ byte[] dataB = IOUtils.safelyAllocate(16+codeLengthIncrease, MAX_RECORD_LENGTH);
// This is an unsigned byte read from the stream
// It needs to be unsigned, so that bit stuff works
int dataI;
* @param size
* Number of bytes to copy.
* @return The byteArray value
+ *
+ * @see #getByteArray(byte[], int, int, long) if size is not a constant
+ *
* @throws IndexOutOfBoundsException
* - if copying would cause access of data outside array bounds.
*/
return copy;
}
+ /**
+ * Copy a portion of a byte array
+ *
+ * @param data
+ * the original byte array
+ * @param offset
+ * Where to start copying from.
+ * @param size
+ * Number of bytes to copy.
+ * @param maxSize
+ * Size must be <= maxSize or an exception is thrown.
+ * Use this to avoid potential OOMs on corrupt data.
+ * @return The byteArray value
+ * @throws IndexOutOfBoundsException
+ * - if copying would cause access of data outside array bounds.
+ */
+ public static byte[] getByteArray( byte[] data, int offset, int size, int maxSize)
+ {
+ byte[] copy = IOUtils.safelyAllocate(size, maxSize);
+ System.arraycopy( data, offset, copy, 0, size );
+
+ return copy;
+ }
+
+
/**
* get a double value from a byte array, reads it in little endian format
* then converts the resulting revolting IEEE 754 (curse them) floating
@Internal
public class StringUtil {
protected static final Charset ISO_8859_1 = Charset.forName("ISO-8859-1");
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 10000000;
+
public static final Charset UTF16LE = Charset.forName("UTF-16LE");
public static final Charset UTF8 = Charset.forName("UTF-8");
public static final Charset WIN_1252 = Charset.forName("cp1252");
}
public static String readCompressedUnicode(LittleEndianInput in, int nChars) {
- byte[] buf = new byte[nChars];
+ byte[] buf = IOUtils.safelyAllocate(nChars, MAX_RECORD_LENGTH);
in.readFully(buf);
return new String(buf, ISO_8859_1);
}
}
public static String readUnicodeLE(LittleEndianInput in, int nChars) {
- byte[] bytes = new byte[nChars*2];
+ byte[] bytes = IOUtils.safelyAllocate(nChars*2, MAX_RECORD_LENGTH);
in.readFully(bytes);
return new String(bytes, UTF16LE);
}
import org.apache.poi.poifs.crypt.agile.AgileEncryptionVerifier.AgileCertificateEntry;
import org.apache.poi.poifs.crypt.standard.EncryptionRecord;
import org.apache.poi.poifs.filesystem.DirectoryNode;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianByteArrayOutputStream;
import org.apache.poi.util.LittleEndianConsts;
import com.microsoft.schemas.office.x2006.keyEncryptor.password.CTPasswordKeyEncryptor;
public class AgileEncryptor extends Encryptor implements Cloneable {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private byte integritySalt[];
private byte pwHash[];
int keySize = header.getKeySize()/8;
int hashSize = header.getHashAlgorithm().hashSize;
- byte[] newVerifierSalt = new byte[blockSize]
- , newVerifier = new byte[blockSize]
- , newKeySalt = new byte[blockSize]
- , newKeySpec = new byte[keySize]
- , newIntegritySalt = new byte[hashSize];
+ byte[] newVerifierSalt = IOUtils.safelyAllocate(blockSize, MAX_RECORD_LENGTH)
+ , newVerifier = IOUtils.safelyAllocate(blockSize, MAX_RECORD_LENGTH)
+ , newKeySalt = IOUtils.safelyAllocate(blockSize, MAX_RECORD_LENGTH)
+ , newKeySpec = IOUtils.safelyAllocate(keySize, MAX_RECORD_LENGTH)
+ , newIntegritySalt = IOUtils.safelyAllocate(hashSize, MAX_RECORD_LENGTH);
r.nextBytes(newVerifierSalt); // blocksize
r.nextBytes(newVerifier); // blocksize
r.nextBytes(newKeySalt); // blocksize
@Beta
public class EmbeddedExtractor implements Iterable<EmbeddedExtractor> {
private static final POILogger LOG = POILogFactory.getLogger(EmbeddedExtractor.class);
-
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
// contentType
private static final String CONTENT_TYPE_BYTES = "binary/octet-stream";
private static final String CONTENT_TYPE_PDF = "application/pdf";
}
int pictureBytesLen = idxEnd-idxStart+6;
- byte[] pdfBytes = new byte[pictureBytesLen];
+ byte[] pdfBytes = IOUtils.safelyAllocate(pictureBytesLen, MAX_RECORD_LENGTH);
System.arraycopy(pictureBytes, idxStart, pdfBytes, 0, pictureBytesLen);
String filename = source.getShapeName().trim();
if (!endsWithIgnoreCase(filename, ".pdf")) {
public class XMLSlideShow extends POIXMLDocument
implements SlideShow<XSLFShape,XSLFTextParagraph> {
private static final POILogger LOG = POILogFactory.getLogger(XMLSlideShow.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
private CTPresentation _presentation;
private List<XSLFSlide> _slides;
public XSLFPictureData addPicture(File pict, PictureType format) throws IOException
{
int length = (int) pict.length();
- byte[] data = new byte[length];
+ byte[] data = IOUtils.safelyAllocate(length, MAX_RECORD_LENGTH);
FileInputStream is = new FileInputStream(pict);
try {
IOUtils.readFully(is, data);
import java.io.InputStream;
import java.util.BitSet;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndianInputStream;
@Internal
public abstract class XSSFBParser {
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private final LittleEndianInputStream is;
private final BitSet records;
}
if (records == null || records.get(recordId)) {
- //add sanity check for length?
- byte[] buff = new byte[(int) recordLength];
+ byte[] buff = IOUtils.safelyAllocate(recordLength, MAX_RECORD_LENGTH);
is.readFully(buff);
handleRecord(recordId, buff);
} else {
import java.util.Map;
import java.util.StringTokenizer;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LocaleUtil;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
* to process the chunk value area
*/
public final class ChunkFactory {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
+
/** The version of the currently open document */
private int version;
/**
}
// Now, create the chunk
- byte[] contents = new byte[header.getLength()];
+ byte[] contents = IOUtils.safelyAllocate(header.getLength(), MAX_RECORD_LENGTH);
System.arraycopy(data, offset+header.getSizeInBytes(), contents, 0, contents.length);
Chunk chunk = new Chunk(header, trailer, separator, contents);
import java.io.IOException;
import org.apache.poi.hdgf.HDGFLZW;
+import org.apache.poi.util.IOUtils;
/**
* A StreamStore where the data on-disk is compressed,
* using the crazy Visio LZW
*/
public final class CompressedStreamStore extends StreamStore {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
/** The raw, compressed contents */
private byte[] compressedContents;
/**
protected CompressedStreamStore(byte[] data, int offset, int length) throws IOException {
this(decompress(data,offset,length));
- compressedContents = new byte[length];
+ compressedContents = IOUtils.safelyAllocate(length, MAX_RECORD_LENGTH);
System.arraycopy(data, offset, compressedContents, 0, length);
}
/**
package org.apache.poi.hdgf.streams;
+import org.apache.poi.util.IOUtils;
+
/**
* Holds the representation of the stream on-disk, and
* handles de-compressing it as required.
* In future, may also handle writing it back out again
*/
public class StreamStore { // TODO - instantiable superclass
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 10_000_000;
+
private byte[] contents;
/**
* Creates a new, non compressed Stream Store
*/
protected StreamStore(byte[] data, int offset, int length) {
- contents = new byte[length];
+ contents = IOUtils.safelyAllocate(length, MAX_RECORD_LENGTH);
System.arraycopy(data, offset, contents, 0, length);
}
protected void prependContentsWith(byte[] b) {
- byte[] newContents = new byte[contents.length + b.length];
+ byte[] newContents = IOUtils.safelyAllocate(contents.length + b.length, MAX_RECORD_LENGTH);
System.arraycopy(b, 0, newContents, 0, b.length);
System.arraycopy(contents, 0, newContents, b.length, contents.length);
contents = newContents;
@Internal
public class HemfCommentEMFPlus extends AbstractHemfComment {
- private static final int MAX_RECORD_LENGTH = 1000000;
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
long dataSize;
@Internal
public class HemfCommentPublic {
- private static final int MAX_RECORD_LENGTH = 1000000;
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
/**
*/
@Internal
public class HemfCommentRecord implements HemfRecord {
- private static final int MAX_RECORD_LENGTH = 1000000;
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
public final static long COMMENT_EMFSPOOL = 0x00000000;
public final static long COMMENT_EMFPLUS = 0x2B464D45;
@Internal
public class HemfHeader implements HemfRecord {
- private static final int MAX_RECORD_LENGTH = 1000000;
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
private Rectangle boundsRectangle;
public class HemfText {
private static final Charset UTF16LE = Charset.forName("UTF-16LE");
- private static final int MAX_RECORD_LENGTH = 1000000;
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
public static class ExtCreateFontIndirectW extends UnimplementedHemfRecord {
}
* or one of its {@link Attachment}s.
*/
public class MAPIAttribute {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private final MAPIProperty property;
private final int type;
private final byte[] data;
} else {
// Custom name was stored
int mplen = LittleEndian.readInt(inp);
- byte[] mpdata = new byte[mplen];
+ byte[] mpdata = IOUtils.safelyAllocate(mplen, MAX_RECORD_LENGTH);
IOUtils.readFully(inp, mpdata);
name = StringUtil.getFromUnicodeLE(mpdata, 0, (mplen/2)-1);
skipToBoundary(mplen, inp);
}
for(int j=0; j<values; j++) {
int len = getLength(type, inp);
- byte[] data = new byte[len];
+ byte[] data = IOUtils.safelyAllocate(len, MAX_RECORD_LENGTH);
IOUtils.readFully(inp, data);
skipToBoundary(len, inp);
private static void skipToBoundary(int length, InputStream inp) throws IOException {
// Data is always padded out to a 4 byte boundary
if(length % 4 != 0) {
- int skip = 4 - (length % 4);
- byte[] padding = new byte[skip];
- IOUtils.readFully(inp, padding);
+ int toSkip = 4 - (length % 4);
+ long skipped = IOUtils.skipFully(inp, toSkip);
+ if (skipped != toSkip) {
+ throw new IOException("tried to skip "+toSkip +" but only skipped:"+skipped);
+ }
}
}
}
import org.apache.poi.hmef.CompressedRTF;
import org.apache.poi.hmef.HMEFMessage;
import org.apache.poi.hsmf.datatypes.MAPIProperty;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.StringUtil;
/**
* to a {@link HMEFMessage} or one of its {@link Attachment}s.
*/
public final class MAPIRtfAttribute extends MAPIAttribute {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private final byte[] decompressed;
private final String data;
CompressedRTF rtf = new CompressedRTF();
byte[] tmp = rtf.decompress(new ByteArrayInputStream(data));
if(tmp.length > rtf.getDeCompressedSize()) {
- this.decompressed = new byte[rtf.getDeCompressedSize()];
+ this.decompressed = IOUtils.safelyAllocate(rtf.getDeCompressedSize(), MAX_RECORD_LENGTH);
System.arraycopy(tmp, 0, decompressed, 0, decompressed.length);
} else {
this.decompressed = tmp;
* ones, so we can't just re-use the HSMF ones.
*/
public class TNEFAttribute {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private final TNEFProperty property;
private final int type;
private final byte[] data;
int length = LittleEndian.readInt(inp);
property = TNEFProperty.getBest(id, type);
- data = new byte[length];
+ data = IOUtils.safelyAllocate(length, MAX_RECORD_LENGTH);
IOUtils.readFully(inp, data);
checksum = LittleEndian.readUShort(inp);
import org.apache.poi.hmef.attribute.TNEFProperty;
import org.apache.poi.hmef.attribute.TNEFStringAttribute;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
* Developer focused raw dumper
*/
public final class HMEFDumper {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
public static void main(String[] args) throws Exception {
if(args.length < 1) {
throw new IllegalArgumentException("Filename must be given");
thisLen = len - offset;
}
- byte data[] = new byte[thisLen];
+ byte data[] = IOUtils.safelyAllocate(thisLen, MAX_RECORD_LENGTH);
System.arraycopy(attr.getData(), offset, data, 0, thisLen);
System.out.print(
import org.apache.poi.ddf.DefaultEscherRecordFactory;
import org.apache.poi.ddf.EscherRecord;
import org.apache.poi.poifs.filesystem.DirectoryNode;
+import org.apache.poi.util.IOUtils;
/**
* Parent class of all Escher parts
*/
public abstract class EscherPart extends HPBFPart {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private EscherRecord[] records;
/**
size += records[i].getRecordSize();
}
- byte data[] = new byte[size];
+ byte data[] = IOUtils.safelyAllocate(size, MAX_RECORD_LENGTH);
size = 0;
for(int i=0; i<records.length; i++) {
int thisSize =
import org.apache.poi.hpbf.model.qcbits.QCTextBit;
import org.apache.poi.hpbf.model.qcbits.UnknownQCBit;
import org.apache.poi.poifs.filesystem.DirectoryNode;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LocaleUtil;
import org.apache.poi.util.POILogFactory;
*/
public final class QuillContents extends HPBFPart {
private static POILogger logger = POILogFactory.getLogger(QuillContents.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
private static final String[] PATH = { "Quill", "QuillSub", "CONTENTS", };
private QCBit[] bits;
int from = (int)LittleEndian.getUInt(data, offset+16);
int len = (int)LittleEndian.getUInt(data, offset+20);
- byte[] bitData = new byte[len];
+ byte[] bitData = IOUtils.safelyAllocate(len, MAX_RECORD_LENGTH);
System.arraycopy(data, from, bitData, 0, len);
// Create
package org.apache.poi.hpbf.model.qcbits;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.StringUtil;
/**
* A Text based bit of Quill Contents
*/
public final class QCTextBit extends QCBit {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
public QCTextBit(String thingType, String bitType, byte[] data) {
super(thingType, bitType, data);
}
}
public void setText(String text) {
- byte data[] = new byte[text.length()*2];
+ byte data[] = IOUtils.safelyAllocate(text.length()*2, MAX_RECORD_LENGTH);
StringUtil.putUnicodeLE(text, data, 0);
setData(data);
}
import javax.imageio.ImageIO;
import org.apache.poi.hslf.usermodel.HSLFPictureData;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Units;
/**
public byte[] getData(){
byte[] rawdata = getRawData();
int prefixLen = 16*getUIDInstanceCount()+1;
- byte[] imgdata = new byte[rawdata.length-prefixLen];
+ byte[] imgdata = IOUtils.safelyAllocate(rawdata.length-prefixLen, rawdata.length);
System.arraycopy(rawdata, prefixLen, imgdata, 0, imgdata.length);
return imgdata;
}
import java.io.IOException;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
* Represents a DIB picture data in a PPT file
*/
public final class DIB extends Bitmap {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
/**
* Size of the BITMAPFILEHEADER structure preceding the actual DIB bytes
*/
LittleEndian.putInt(header, 10, offset);
//DIB data is the header + dib bytes
- byte[] dib = new byte[header.length + data.length];
+ byte[] dib = IOUtils.safelyAllocate(header.length + data.length, MAX_RECORD_LENGTH);
System.arraycopy(header, 0, dib, 0, header.length);
System.arraycopy(data, 0, dib, header.length, data.length);
@Override
public void setData(byte[] data) throws IOException {
//cut off the bitmap file-header
- byte[] dib = new byte[data.length-HEADER_SIZE];
+ byte[] dib = IOUtils.safelyAllocate(data.length-HEADER_SIZE, data.length);
System.arraycopy(data, HEADER_SIZE, dib, 0, dib.length);
super.setData(dib);
}
*/
public final class PPTXMLDump {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private static final int HEADER_SIZE = 8; //size of the record header
private static final int PICT_HEADER_SIZE = 25; //size of the picture header
private static final String PICTURES_ENTRY = "Pictures";
System.arraycopy(data, pos, header, 0, header.length);
int size = LittleEndian.getInt(header, 4) - 17;
- byte[] pictdata = new byte[size];
+ byte[] pictdata = IOUtils.safelyAllocate(size, MAX_RECORD_LENGTH);
System.arraycopy(data, pos + PICT_HEADER_SIZE, pictdata, 0, pictdata.length);
pos += PICT_HEADER_SIZE + size;
* from hslf.record.RecordTypes also)
*/
public final class SlideShowDumper {
- private byte[] docstream;
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
+ private byte[] docstream;
/** Do we try to use DDF to understand the escher objects? */
private boolean ddfEscher;
final String ind = (indent == 0) ? "%1$s" : "%1$"+indent+"s";
- byte[] contents = new byte[len];
+ byte[] contents = IOUtils.safelyAllocate(len, MAX_RECORD_LENGTH);
System.arraycopy(docstream,pos,contents,0,len);
DefaultEscherRecordFactory erf = new HSLFEscherRecordFactory();
EscherRecord record = erf.createRecord(contents,0);
import java.io.IOException;
import java.io.OutputStream;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
*/
public final class AnimationInfoAtom extends RecordAtom {
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
/**
* whether the animation plays in the reverse direction
*/
System.arraycopy(source,start,_header,0,8);
// Grab the record data
- _recdata = new byte[len-8];
+ _recdata = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_recdata,0,len-8);
}
import java.io.IOException;
import java.io.OutputStream;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.StringUtil;
*/
public final class CString extends RecordAtom {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private byte[] _header;
private static long _type = 4026l;
System.arraycopy(source,start,_header,0,8);
// Grab the text
- _text = new byte[len-8];
+ _text = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_text,0,len-8);
}
/**
import java.util.Date;
import org.apache.poi.hslf.util.SystemTimeUtils;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
public final class Comment2000Atom extends RecordAtom
{
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
/**
* Record header.
*/
System.arraycopy(source,start,_header,0,8);
// Get the record data.
- _data = new byte[len-8];
+ _data = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_data,0,len-8);
}
import org.apache.poi.poifs.filesystem.DirectoryNode;
import org.apache.poi.poifs.filesystem.DocumentEntry;
import org.apache.poi.poifs.filesystem.NPOIFSFileSystem;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
public class CurrentUserAtom
{
private final static POILogger logger = POILogFactory.getLogger(CurrentUserAtom.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
/** Standard Atom header */
public static final byte[] atomHeader = new byte[] { 0, 0, -10, 15 };
// Grab the contents
int len = docProps.getSize();
- _contents = new byte[len];
+ _contents = IOUtils.safelyAllocate(len, MAX_RECORD_LENGTH);
InputStream in = dir.createDocumentInputStream("Current User");
int readLen = in.read(_contents);
in.close();
int len = 2*(int)usernameLen;
if(_contents.length >= start+len) {
- byte[] textBytes = new byte[len];
+ byte[] textBytes = IOUtils.safelyAllocate(len, MAX_RECORD_LENGTH);
System.arraycopy(_contents,start,textBytes,0,len);
lastEditUser = StringUtil.getFromUnicodeLE(textBytes);
} else {
// Fake from the 8 bit version
- byte[] textBytes = new byte[(int)usernameLen];
+ byte[] textBytes = IOUtils.safelyAllocate(usernameLen, MAX_RECORD_LENGTH);
System.arraycopy(_contents,28,textBytes,0,(int)usernameLen);
lastEditUser = StringUtil.getFromCompressedUnicode(textBytes,0,(int)usernameLen);
}
// 4 = revision
// 3 * len = ascii + unicode
int size = 8 + 20 + 4 + (3 * lastEditUser.length());
- _contents = new byte[size];
+ _contents = IOUtils.safelyAllocate(size, MAX_RECORD_LENGTH);
// First we have a 8 byte atom header
System.arraycopy(atomHeader,0,_contents,0,4);
// The username gets stored twice, once as US
// ascii, and again as unicode laster on
- byte[] asciiUN = new byte[lastEditUser.length()];
+ byte[] asciiUN = IOUtils.safelyAllocate(lastEditUser.length(), MAX_RECORD_LENGTH);
StringUtil.putCompressedUnicode(lastEditUser,asciiUN,0);
// Now we're able to do the length of the last edited user
LittleEndian.putInt(_contents,28+asciiUN.length,(int)releaseVersion);
// username in unicode
- byte [] ucUN = new byte[lastEditUser.length()*2];
+ byte [] ucUN = IOUtils.safelyAllocate(lastEditUser.length()*2, MAX_RECORD_LENGTH);
StringUtil.putUnicodeLE(lastEditUser,ucUN,0);
System.arraycopy(ucUN,0,_contents,28+asciiUN.length+4,ucUN.length);
package org.apache.poi.hslf.record;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import java.io.IOException;
import java.io.OutputStream;
public final class DocumentAtom extends RecordAtom
{
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private byte[] _header;
private static long _type = 1001l;
showComments = source[start+39+8];
// If there's any other bits of data, keep them about
- reserved = new byte[len-40-8];
+ reserved = IOUtils.safelyAllocate(len-40-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+48,reserved,0,reserved.length);
}
import java.io.IOException;
import java.io.OutputStream;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
*/
public class ExEmbedAtom extends RecordAtom {
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
/**
* Embedded document does not follow the color scheme.
*/
System.arraycopy(source,start,_header,0,8);
// Get the record data.
- _data = new byte[len-8];
+ _data = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_data,0,len-8);
// Must be at least 8 bytes long
import java.io.IOException;
import java.io.OutputStream;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
* @author Nick Burch
*/
public final class ExHyperlinkAtom extends RecordAtom {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
/**
* Record header.
*/
System.arraycopy(source,start,_header,0,8);
// Get the record data.
- _data = new byte[len-8];
+ _data = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_data,0,len-8);
// Must be at least 4 bytes long
import java.io.IOException;
import java.io.OutputStream;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
*/
public final class ExMediaAtom extends RecordAtom
{
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
/**
* A bit that specifies whether the audio or video data is repeated continuously during playback.
System.arraycopy(source,start,_header,0,8);
// Grab the record data
- _recdata = new byte[len-8];
+ _recdata = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_recdata,0,len-8);
}
import java.io.IOException;
import java.io.OutputStream;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
public class ExObjListAtom extends RecordAtom
{
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
/**
* Record header.
*/
System.arraycopy(source,start,_header,0,8);
// Get the record data.
- _data = new byte[len-8];
+ _data = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_data,0,len-8);
// Must be at least 4 bytes long
import java.io.IOException;
import java.io.OutputStream;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
*/
public class ExOleObjAtom extends RecordAtom {
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
/**
* The object) is displayed as an embedded object inside of a container,
*/
System.arraycopy(source,start,_header,0,8);
// Get the record data.
- _data = new byte[len-8];
+ _data = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_data,0,len-8);
// Must be at least 24 bytes long
import java.util.zip.InflaterInputStream;
import org.apache.poi.util.BoundedInputStream;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
*/
public class ExOleObjStg extends PositionDependentRecordAtom implements PersistRecord {
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private int _persistId; // Found from PersistPtrHolder
/**
System.arraycopy(source,start,_header,0,8);
// Get the record data.
- _data = new byte[len-8];
+ _data = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_data,0,len-8);
}
import java.util.Arrays;
import org.apache.poi.hslf.exceptions.HSLFException;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.StringUtil;
*/
public final class FontEntityAtom extends RecordAtom {
- /**
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
+ /**
* record header
*/
private byte[] _header;
System.arraycopy(source,start,_header,0,8);
// Grab the record data
- _recdata = new byte[len-8];
+ _recdata = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_recdata,0,len-8);
}
import org.apache.poi.ddf.EscherRecordFactory;
import org.apache.poi.ddf.EscherSerializationListener;
import org.apache.poi.hslf.exceptions.HSLFException;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
*/
public class HSLFEscherClientDataRecord extends EscherClientDataRecord {
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private final List<Record> _childRecords = new ArrayList<>();
public List<? extends Record> getHSLFChildRecords() {
@Override
public int fillFields(byte[] data, int offset, EscherRecordFactory recordFactory) {
int bytesRemaining = readHeader( data, offset );
- byte remainingData[] = new byte[bytesRemaining];
+ byte remainingData[] = IOUtils.safelyAllocate(bytesRemaining, MAX_RECORD_LENGTH);
System.arraycopy(data, offset+8, remainingData, 0, bytesRemaining);
setRemainingData(remainingData);
return bytesRemaining + 8;
package org.apache.poi.hslf.record;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import java.io.IOException;
import java.io.OutputStream;
public final class HeadersFootersAtom extends RecordAtom {
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
+
/**
* A bit that specifies whether the date is displayed in the footer.
* @see #getMask()
System.arraycopy(source,start,_header,0,8);
// Grab the record data
- _recdata = new byte[len-8];
+ _recdata = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_recdata,0,len-8);
}
import java.io.IOException;
import java.io.OutputStream;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
*/
public class InteractiveInfoAtom extends RecordAtom {
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
+
/**
* Action Table
*/
System.arraycopy(source,start,_header,0,8);
// Get the record data.
- _data = new byte[len-8];
+ _data = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_data,0,len-8);
// Must be at least 16 bytes long
import java.util.List;
import org.apache.poi.hslf.model.textproperties.IndentProp;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.POILogger;
* Specifies the Indent Level for the text
*/
public final class MasterTextPropAtom extends RecordAtom {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
/**
* Record header.
*/
System.arraycopy(source,start,_header,0,8);
// Get the record data.
- _data = new byte[len-8];
+ _data = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_data,0,len-8);
try {
*/
private void write() {
int pos = 0;
- _data = new byte[indents.size()*6];
+ _data = IOUtils.safelyAllocate(indents.size()*6, MAX_RECORD_LENGTH);
for (IndentProp prop : indents) {
LittleEndian.putInt(_data, pos, prop.getCharactersCovered());
LittleEndian.putShort(_data, pos+4, (short)prop.getIndentLevel());
package org.apache.poi.hslf.record;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import java.io.IOException;
import java.io.OutputStream;
public final class NotesAtom extends RecordAtom
{
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private byte[] _header;
private static long _type = 1009l;
}
// There might be 2 more bytes, which are a reserved field
- reserved = new byte[len-14];
+ reserved = IOUtils.safelyAllocate(len-14, MAX_RECORD_LENGTH);
System.arraycopy(source,start+14,reserved,0,reserved.length);
}
import org.apache.poi.ddf.EscherSpgrRecord;
import org.apache.poi.ddf.EscherTextboxRecord;
import org.apache.poi.sl.usermodel.ShapeType;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.POILogger;
// For now, pretending to be an atom. Might not always be, but that
// would require a wrapping class
public final class PPDrawing extends RecordAtom {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
+
private byte[] _header;
private long _type;
_type = LittleEndian.getUShort(_header,2);
// Get the contents for now
- final byte[] contents = new byte[len];
+ final byte[] contents = IOUtils.safelyAllocate(len, MAX_RECORD_LENGTH);
System.arraycopy(source,start,contents,0,len);
// Build up a tree of Escher records contained within
package org.apache.poi.hslf.record;
import org.apache.poi.ddf.*;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import java.io.OutputStream;
*/
public final class PPDrawingGroup extends RecordAtom {
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
+
private byte[] _header;
private EscherContainerRecord dggContainer;
//cached dgg
System.arraycopy(source,start,_header,0,8);
// Get the contents for now
- byte[] contents = new byte[len];
+ byte[] contents = IOUtils.safelyAllocate(len, MAX_RECORD_LENGTH);
System.arraycopy(source,start,contents,0,len);
DefaultEscherRecordFactory erf = new HSLFEscherRecordFactory();
import org.apache.poi.hslf.exceptions.CorruptPowerPointFileException;
import org.apache.poi.hslf.exceptions.HSLFException;
import org.apache.poi.util.BitField;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.POILogger;
public final class PersistPtrHolder extends PositionDependentRecordAtom
{
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private final byte[] _header;
private byte[] _ptrData; // Will need to update this once we allow updates to _slideLocations
private long _type;
// count * 32 bit offsets
// Repeat as many times as you have data
_slideLocations = new HashMap<>();
- _ptrData = new byte[len-8];
+ _ptrData = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_ptrData,0,_ptrData.length);
int pos = 0;
import java.io.OutputStream;
import org.apache.poi.hslf.record.SlideAtomLayout.SlideLayoutType;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
public static final int USES_MASTER_SLIDE_ID = 0x80000000;
// private static final int MASTER_SLIDE_ID = 0x00000000;
- private byte[] _header;
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
+ private byte[] _header;
private static long _type = 1007l;
private int masterID;
// If there's any other bits of data, keep them about
// 8 bytes header + 20 bytes to flags + 2 bytes flags = 30 bytes
- reserved = new byte[len-30];
+ reserved = IOUtils.safelyAllocate(len-30, MAX_RECORD_LENGTH);
System.arraycopy(source,start+30,reserved,0,reserved.length);
}
package org.apache.poi.hslf.record;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import java.io.IOException;
import java.io.OutputStream;
* @author Nick Burch
*/
public final class SlidePersistAtom extends RecordAtom {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 32;
+
private byte[] _header;
private static long _type = 1011l;
// Finally you have typically 4 or 8 bytes of reserved fields,
// all zero running from 24 bytes in to the end
- reservedFields = new byte[len-24];
+ reservedFields = IOUtils.safelyAllocate(len-24, MAX_RECORD_LENGTH);
System.arraycopy(source,start+24,reservedFields,0,reservedFields.length);
}
import java.io.IOException;
import java.io.OutputStream;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
*/
public final class SoundData extends RecordAtom {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
/**
* Record header.
*/
System.arraycopy(source,start,_header,0,8);
// Get the record data.
- _data = new byte[len-8];
+ _data = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_data,0,len-8);
}
import java.util.List;
import org.apache.poi.hslf.model.textproperties.TextPFException9;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
/**
* The atom record that specifies additional text formatting.
*/
public final class StyleTextProp9Atom extends RecordAtom {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private final TextPFException9[] autoNumberSchemes;
/** Record header. */
private byte[] header;
this.length = LittleEndian.getInt(header, 4);
// Get the record data.
- data = new byte[len-8];
+ data = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source, start+8, data, 0, len-8);
for (int i = 0; i < data.length; ) {
final TextPFException9 item = new TextPFException9(data, i);
import org.apache.poi.hslf.model.textproperties.TextPropCollection;
import org.apache.poi.hslf.model.textproperties.TextPropCollection.TextPropType;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.POILogger;
public final class StyleTextPropAtom extends RecordAtom {
public static final long _type = RecordTypes.StyleTextPropAtom.typeID;
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private byte[] _header;
private byte[] reserved;
// Save the contents of the atom, until we're asked to go and
// decode them (via a call to setParentTextSize(int)
- rawContents = new byte[len-8];
+ rawContents = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,rawContents,0,rawContents.length);
reserved = new byte[0];
// Handle anything left over
if(pos < rawContents.length) {
- reserved = new byte[rawContents.length-pos];
+ reserved = IOUtils.safelyAllocate(rawContents.length-pos, rawContents.length);
System.arraycopy(rawContents,pos,reserved,0,reserved.length);
}
out.append(" original byte stream \n");
- byte buf[] = new byte[rawContents.length+reserved.length];
+ byte buf[] = IOUtils.safelyAllocate(rawContents.length+reserved.length, MAX_RECORD_LENGTH);
System.arraycopy(rawContents, 0, buf, 0, rawContents.length);
System.arraycopy(reserved, 0, buf, rawContents.length, reserved.length);
out.append( HexDump.dump(buf, 0, 0) );
import java.io.OutputStream;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.StringUtil;
public final class TextBytesAtom extends RecordAtom {
public static final long _type = RecordTypes.TextBytesAtom.typeID;
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private byte[] _header;
/** The bytes that make up the text */
System.arraycopy(source,start,_header,0,8);
// Grab the text
- _text = new byte[len-8];
+ _text = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_text,0,len-8);
}
import java.io.OutputStream;
import org.apache.poi.util.HexDump;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.StringUtil;
public final class TextCharsAtom extends RecordAtom {
public static final long _type = RecordTypes.TextCharsAtom.typeID;
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private byte[] _header;
/** The bytes that make up the text */
/** Updates the text in the Atom. */
public void setText(String text) {
// Convert to little endian unicode
- _text = new byte[text.length()*2];
+ _text = IOUtils.safelyAllocate(text.length()*2, MAX_RECORD_LENGTH);
StringUtil.putUnicodeLE(text,_text,0);
// Update the size (header bytes 5-8)
System.arraycopy(source,start,_header,0,8);
// Grab the text
- _text = new byte[len-8];
+ _text = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_text,0,len-8);
}
/**
import java.io.IOException;
import java.io.OutputStream;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.POILogger;
* Ruler of a text as it differs from the style's ruler settings.
*/
public final class TextRulerAtom extends RecordAtom {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
/**
* Record header.
*/
System.arraycopy(source,start,_header,0,8);
// Get the record data.
- _data = new byte[len-8];
+ _data = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_data,0,len-8);
try {
import java.util.List;
import org.apache.poi.hslf.exceptions.HSLFException;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianByteArrayInputStream;
* @author Yegor Kozlov
*/
public final class TextSpecInfoAtom extends RecordAtom {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private static final long _type = RecordTypes.TextSpecInfoAtom.typeID;
/**
System.arraycopy(source,start,_header,0,8);
// Get the record data.
- _data = new byte[len-8];
+ _data = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_data,0,len-8);
}
import org.apache.poi.util.*;
public class TextSpecInfoRun {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
/**
* A enum that specifies the spelling status of a run of text.
*/
if (smartTagFld.isSet(mask)) {
// An unsigned integer specifies the count of items in rgSmartTagIndex.
int count = source.readInt();
- smartTagsBytes = new byte[4+count*4];
+ smartTagsBytes = IOUtils.safelyAllocate(4+count*4, MAX_RECORD_LENGTH);
LittleEndian.putInt(smartTagsBytes, 0, count);
// An array of SmartTagIndex that specifies the indices.
// The count of items in the array is specified by count.
package org.apache.poi.hslf.record;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import java.io.OutputStream;
* @author Yegor Kozlov
*/
public final class TxInteractiveInfoAtom extends RecordAtom {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
/**
* Record header.
*/
System.arraycopy(source,start,_header,0,8);
// Get the record data.
- _data = new byte[len-8];
+ _data = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_data,0,len-8);
}
import org.apache.poi.hslf.exceptions.HSLFException;
import org.apache.poi.hslf.model.textproperties.TextPropCollection;
import org.apache.poi.hslf.model.textproperties.TextPropCollection.TextPropType;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.LittleEndianOutputStream;
import org.apache.poi.util.POILogFactory;
*/
public final class TxMasterStyleAtom extends RecordAtom {
private static final POILogger LOG = POILogFactory.getLogger(TxMasterStyleAtom.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
/**
* Maximum number of indentation levels allowed in PowerPoint documents
_header = new byte[8];
System.arraycopy(source,start,_header,0,8);
- _data = new byte[len-8];
+ _data = IOUtils.safelyAllocate(len-8, MAX_RECORD_LENGTH);
System.arraycopy(source,start+8,_data,0,_data.length);
//read available styles
package org.apache.poi.hslf.record;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import java.io.IOException;
import java.io.OutputStream;
public final class UnknownRecordPlaceholder extends RecordAtom
{
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private byte[] _contents;
private long _type;
if(len < 0) { len = 0; }
// Treat as an atom, grab and hold everything
- _contents = new byte[len];
+ _contents = IOUtils.safelyAllocate(len, MAX_RECORD_LENGTH);
System.arraycopy(source,start,_contents,0,len);
_type = LittleEndian.getUShort(_contents,2);
}
* understanding DocSlideList and DocNotesList) - handle Slide creation cleaner
*/
public final class HSLFSlideShow implements SlideShow<HSLFShape,HSLFTextParagraph>, Closeable {
- /** Powerpoint document entry/stream name */
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 10_000_000;
+
+ /** Powerpoint document entry/stream name */
public static final String POWERPOINT_DOCUMENT = "PowerPoint Document";
enum LoadSavePhase {
if (format == null || format.nativeId == -1) { // fail early
throw new IllegalArgumentException("Unsupported picture format: " + format);
}
- int length = (int) pict.length();
- byte[] data = new byte[length];
+ byte[] data = IOUtils.safelyAllocate(pict.length(), MAX_RECORD_LENGTH);
FileInputStream is = new FileInputStream(pict);
try {
IOUtils.readFully(is, data);
public final class HSLFSlideShowImpl extends POIDocument implements Closeable {
public static final int UNSET_OFFSET = -1;
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 10_000_000;
+
// For logging
private POILogger logger = POILogFactory.getLogger(this.getClass());
pict.setSignature(signature);
// Copy the data, ready to pass to PictureData
- byte[] imgdata = new byte[imgsize];
+ byte[] imgdata = IOUtils.safelyAllocate(imgsize, MAX_RECORD_LENGTH);
System.arraycopy(pictstream, pos, imgdata, 0, imgdata.length);
pict.setRawData(imgdata);
public abstract class PropertiesChunk extends Chunk {
public static final String NAME = "__properties_version1.0";
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
/** For logging problems we spot with the file */
private POILogger logger = POILogFactory.getLogger(PropertiesChunk.class);
}
// Grab the data block
- byte[] data = new byte[length];
+ byte[] data = IOUtils.safelyAllocate(length, MAX_RECORD_LENGTH);
IOUtils.readFully(value, data);
// Skip over any padding
public class HwmfText {
private static final POILogger logger = POILogFactory.getLogger(HwmfText.class);
- private static final int MAX_RECORD_LENGTH = 1000000;
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
/**
* The META_SETTEXTCHAREXTRA record defines inter-character spacing for text justification in the
import org.apache.poi.poifs.filesystem.EntryUtils;
import org.apache.poi.poifs.filesystem.NPOIFSFileSystem;
import org.apache.poi.poifs.filesystem.POIFSFileSystem;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndianByteArrayOutputStream;
public final class HWPFDocument extends HWPFDocumentCore {
/*package*/ static final String PROPERTY_PRESERVE_BIN_TABLES = "org.apache.poi.hwpf.preserveBinTables";
private static final String PROPERTY_PRESERVE_TEXT_TABLE = "org.apache.poi.hwpf.preserveTextTable";
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
private static final String STREAM_DATA = "Data";
// preserve space for the FileInformationBlock because we will be writing
// it after we write everything else.
- byte[] placeHolder = new byte[fibSize];
+ byte[] placeHolder = IOUtils.safelyAllocate(fibSize, MAX_RECORD_LENGTH);
wordDocumentStream.write(placeHolder);
int mainOffset = wordDocumentStream.size();
int tableOffset = 0;
protected static final String STREAM_TABLE_0 = "0Table";
protected static final String STREAM_TABLE_1 = "1Table";
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
/**
* Size of the not encrypted part of the FIB
*/
is = dec.getDataStream(dis, streamSize, 0);
if (encryptionOffset > 0) {
ChunkedCipherInputStream cis = (ChunkedCipherInputStream)is;
- byte plain[] = new byte[encryptionOffset];
+ byte plain[] = IOUtils.safelyAllocate(encryptionOffset, MAX_RECORD_LENGTH);
cis.readPlain(plain, 0, encryptionOffset);
bos.write(plain);
}
import org.apache.poi.poifs.filesystem.DirectoryNode;
import org.apache.poi.poifs.filesystem.POIFSFileSystem;
import org.apache.poi.util.CodePageUtil;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.NotImplemented;
import org.apache.poi.util.POILogFactory;
private static final POILogger logger = POILogFactory
.getLogger( HWPFOldDocument.class );
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 1_000_000;
+
private final static Charset DEFAULT_CHARSET = StringUtil.WIN_1252;
private OldTextPieceTable tpt;
// Generate a single Text Piece Table, with a single Text Piece
// which covers all the (8 bit only) text in the file
tpt = new OldTextPieceTable();
- byte[] textData = new byte[_fib.getFibBase().getFcMac()-_fib.getFibBase().getFcMin()];
+ byte[] textData = IOUtils.safelyAllocate(
+ _fib.getFibBase().getFcMac()-_fib.getFibBase().getFcMin(), MAX_RECORD_LENGTH);
System.arraycopy(_mainStream, _fib.getFibBase().getFcMin(), textData, 0, textData.length);
int numChars = textData.length;
import java.util.List;
import org.apache.poi.hwpf.sprm.SprmBuffer;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.RecordFormatException;
public final class CHPFormattedDiskPage extends FormattedDiskPage
{
private static final int FC_SIZE = 4;
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private ArrayList<CHPX> _chpxList = new ArrayList<>();
private ArrayList<CHPX> _overFlow;
int size = LittleEndian.getUByte(_fkp, _offset + chpxOffset);
- byte[] chpx = new byte[size];
+ byte[] chpx = IOUtils.safelyAllocate(size, MAX_RECORD_LENGTH);
System.arraycopy(_fkp, _offset + ++chpxOffset, chpx, 0, size);
return chpx;
@Internal
public class ComplexFileTable {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private static final byte GRPPRL_TYPE = 1;
private static final byte TEXT_PIECE_TABLE_TYPE = 2;
offset++;
int size = LittleEndian.getShort(tableStream, offset);
offset += LittleEndian.SHORT_SIZE;
- byte[] bs = LittleEndian.getByteArray(tableStream, offset, size);
+ byte[] bs = LittleEndian.getByteArray(tableStream, offset, size, MAX_RECORD_LENGTH);
offset += size;
SprmBuffer sprmBuffer = new SprmBuffer(bs, false, 0);
import java.io.IOException;
import org.apache.poi.hwpf.model.types.DOPAbstractType;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
public final class DocumentProperties extends DOPAbstractType
{
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private byte[] _preserved;
/**
if ( length != supportedSize )
{
this._preserved = LittleEndian.getByteArray( tableStream, offset
- + supportedSize, length - supportedSize );
+ + supportedSize, length - supportedSize, MAX_RECORD_LENGTH );
}
else
{
import org.apache.poi.util.BitField;
import org.apache.poi.util.BitFieldFactory;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
@Internal
public final class Ffn
{
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private int _cbFfnM1;//total length of FFN - 1.
private byte _info;
private static BitField _prq = BitFieldFactory.getInstance(0x0003);// pitch request
public byte[] toByteArray()
{
int offset = 0;
- byte[] buf = new byte[this.getSize()];
+ byte[] buf = IOUtils.safelyAllocate(this.getSize(), MAX_RECORD_LENGTH);
buf[offset] = (byte)_cbFfnM1;
offset += LittleEndian.BYTE_SIZE;
import java.util.HashSet;
import java.util.Locale;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.POILogFactory;
@Internal
public final class FileInformationBlock
{
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
public static final POILogger logger = POILogFactory
.getLogger( FileInformationBlock.class );
// first short is already read as _nFibNew
final int fibRgCswNewLength = ( _cswNew - 1 )
* LittleEndian.SHORT_SIZE;
- _fibRgCswNew = new byte[fibRgCswNewLength];
- LittleEndian.getByteArray( mainDocument, offset, fibRgCswNewLength );
+ _fibRgCswNew = IOUtils.safelyAllocate(fibRgCswNewLength, MAX_RECORD_LENGTH);
+ LittleEndian.getByteArray( mainDocument, offset, fibRgCswNewLength, MAX_RECORD_LENGTH );
offset += fibRgCswNewLength;
}
else
import java.util.Arrays;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
@Internal
public final class ListLevel
{
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private static final POILogger logger = POILogFactory
.getLogger( ListLevel.class );
_lvlf = new LVLF( data, offset );
offset += LVLF.getSize();
+ //short -- no need to safely allocate
_grpprlPapx = new byte[_lvlf.getCbGrpprlPapx()];
System.arraycopy( data, offset, _grpprlPapx, 0, _lvlf.getCbGrpprlPapx() );
offset += _lvlf.getCbGrpprlPapx();
+ //short -- no need to safely allocate
_grpprlChpx = new byte[_lvlf.getCbGrpprlChpx()];
System.arraycopy( data, offset, _grpprlChpx, 0, _lvlf.getCbGrpprlChpx() );
offset += _lvlf.getCbGrpprlChpx();
public byte[] toByteArray()
{
- byte[] buf = new byte[getSizeInBytes()];
+ byte[] buf = IOUtils.safelyAllocate(getSizeInBytes(), MAX_RECORD_LENGTH);
int offset = 0;
_lvlf.setCbGrpprlChpx( (short) _grpprlChpx.length );
import java.util.Collections;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
// section properties, and we're trying to decode them as if they
// were the new ones, we sometimes "need" more data than we have.
// As a workaround, have a few extra 0 bytes on the end!
- byte[] buf = new byte[sepxSize+2];
+ byte[] buf = IOUtils.safelyAllocate(sepxSize+2, Short.MAX_VALUE+2);
fileOffset += LittleEndian.SHORT_SIZE;
System.arraycopy(documentStream, fileOffset, buf, 0, buf.length);
sepx = new SEPX(sed, startAt, endAt, buf);
import java.util.Collections;
import org.apache.poi.util.CodePageUtil;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
private static final POILogger logger = POILogFactory
.getLogger(OldTextPieceTable.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000_000;
+
public OldTextPieceTable() {
super();
}
int textSizeBytes = textSizeChars * multiple;
// Grab the data that makes up the piece
- byte[] buf = new byte[textSizeBytes];
+ byte[] buf = IOUtils.safelyAllocate(textSizeBytes, MAX_RECORD_LENGTH);
System.arraycopy(documentStream, start, buf, 0, textSizeBytes);
// And now build the piece
import java.util.Collections;
import java.util.List;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
size--;
}
- byte[] papx = new byte[size];
+ byte[] papx = IOUtils.safelyAllocate(size, 512);
System.arraycopy(_fkp, _offset + ++papxOffset, papx, 0, size);
return papx;
}
public class PICFAndOfficeArtData
{
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private List<EscherRecord> _blipRecords;
private short _cchPicName;
offset += 1;
_stPicName = LittleEndian.getByteArray( dataStream, offset,
- _cchPicName );
+ _cchPicName, MAX_RECORD_LENGTH);
offset += _cchPicName;
}
import java.util.ArrayList;
import java.util.List;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
* See page 184 of official documentation for details
*/
public final class PlexOfCps {
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private int _iMac;
private int _cbStruct;
private List<GenericPropertyNode> _props;
int structBufSize = +(_cbStruct * size);
int bufSize = cpBufSize + structBufSize;
- byte[] buf = new byte[bufSize];
+ byte[] buf = IOUtils.safelyAllocate(bufSize, MAX_RECORD_LENGTH);
int nodeEnd = 0;
for (int x = 0; x < size; x++) {
int start = LittleEndian.getInt(buf, offset + getIntOffset(index));
int end = LittleEndian.getInt(buf, offset + getIntOffset(index + 1));
- byte[] struct = new byte[_cbStruct];
+ byte[] struct = IOUtils.safelyAllocate(_cbStruct, MAX_RECORD_LENGTH);
System.arraycopy(buf, offset + getStructOffset(index), struct, 0,
_cbStruct);
import java.util.List;
import org.apache.poi.hwpf.model.io.HWPFFileSystem;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.POILogFactory;
@Internal
public class SectionTable
{
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private final static POILogger _logger = POILogFactory.getLogger(SectionTable.class);
private static final int SED_SIZE = 12;
{
// The first short at the offset is the size of the grpprl.
int sepxSize = LittleEndian.getShort(documentStream, fileOffset);
- byte[] buf = new byte[sepxSize];
+ byte[] buf = IOUtils.safelyAllocate(sepxSize, MAX_RECORD_LENGTH);
fileOffset += LittleEndian.SHORT_SIZE;
System.arraycopy(documentStream, fileOffset, buf, 0, buf.length);
_sections.add(new SEPX(sed, startAt, endAt, buf));
import org.apache.poi.hwpf.usermodel.CharacterProperties;
import org.apache.poi.hwpf.usermodel.ParagraphProperties;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.POILogFactory;
{
private static final POILogger logger = POILogFactory.getLogger( StyleDescription.class );
-
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
private final static int PARAGRAPH_STYLE = 1;
private final static int CHARACTER_STYLE = 2;
// private final static int TABLE_STYLE = 3;
int upxSize = LittleEndian.getShort(std, varOffset);
varOffset += LittleEndian.SHORT_SIZE;
- byte[] upx = new byte[upxSize];
+ byte[] upx = IOUtils.safelyAllocate(upxSize, Short.MAX_VALUE);
System.arraycopy(std, varOffset, upx, 0, upxSize);
_upxs[x] = new UPX(upx);
varOffset += upxSize;
import java.util.List;
import org.apache.poi.poifs.common.POIFSConstants;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
public class TextPieceTable implements CharIndexTranslator {
private static final POILogger logger = POILogFactory
.getLogger(TextPieceTable.class);
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000_000;
+
// int _multiple;
int _cpMin;
int textSizeBytes = textSizeChars * multiple;
// Grab the data that makes up the piece
- byte[] buf = new byte[textSizeBytes];
+ byte[] buf = IOUtils.safelyAllocate(textSizeBytes, MAX_RECORD_LENGTH);
System.arraycopy(documentStream, start, buf, 0, textSizeBytes);
// And now build the piece
int mod = (offset % POIFSConstants.SMALLER_BIG_BLOCK_SIZE);
if (mod != 0) {
mod = POIFSConstants.SMALLER_BIG_BLOCK_SIZE - mod;
- byte[] buf = new byte[mod];
+ byte[] buf = IOUtils.safelyAllocate(mod, MAX_RECORD_LENGTH);
docStream.write(buf);
}
import java.util.Arrays;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
@Internal
public final class SprmBuffer implements Cloneable
{
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
byte[] _buf;
boolean _istd;
int _offset;
public SprmBuffer( int sprmsStartOffset )
{
- _buf = new byte[sprmsStartOffset + 4];
+ _buf = IOUtils.safelyAllocate(sprmsStartOffset + 4, MAX_RECORD_LENGTH);
_offset = sprmsStartOffset;
_sprmsStartOffset = sprmsStartOffset;
}
// commented - buffer shall not contain any additional bytes --
// sergey
// byte[] newBuf = new byte[_offset + addition + 6];
- byte[] newBuf = new byte[_offset + addition];
+ byte[] newBuf = IOUtils.safelyAllocate(_offset + addition, MAX_RECORD_LENGTH);
System.arraycopy( _buf, 0, newBuf, 0, _buf.length );
_buf = newBuf;
}
import java.util.List;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
@Internal
public final class SprmUtils
{
+
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
public SprmUtils()
{
}
public static byte[] shortArrayToByteArray(short[] convert)
{
- byte[] buf = new byte[convert.length * LittleEndian.SHORT_SIZE];
+ byte[] buf = IOUtils.safelyAllocate(convert.length * LittleEndian.SHORT_SIZE, MAX_RECORD_LENGTH);
for (int x = 0; x < convert.length; x++)
{
public static byte[] getGrpprl(List<byte[]> sprmList, int size)
{
// spit out the final grpprl
- byte[] grpprl = new byte[size];
+ byte[] grpprl = IOUtils.safelyAllocate(size, MAX_RECORD_LENGTH);
int listSize = sprmList.size() - 1;
int index = 0;
for (; listSize >= 0; listSize--)
import org.apache.poi.hwpf.usermodel.TableAutoformatLookSpecifier;
import org.apache.poi.hwpf.usermodel.TableCellDescriptor;
import org.apache.poi.hwpf.usermodel.TableProperties;
+import org.apache.poi.util.IOUtils;
import org.apache.poi.util.Internal;
import org.apache.poi.util.LittleEndian;
@Internal
public final class TableSprmCompressor
{
+ //arbitrarily selected; may need to increase
+ private static final int MAX_RECORD_LENGTH = 100_000;
+
public TableSprmCompressor()
{
}
if (newTAP.getItcMac() > 0)
{
int itcMac = newTAP.getItcMac();
- byte[] buf = new byte[1 + (LittleEndian.SHORT_SIZE*(itcMac + 1)) + (TableCellDescriptor.SIZE*itcMac)];
+ byte[] buf = IOUtils.safelyAllocate(
+ 1 + (LittleEndian.SHORT_SIZE*(itcMac + 1)) + (TableCellDescriptor.SIZE*itcMac),
+ MAX_RECORD_LENGTH);
buf[0] = (byte)itcMac;
short[] dxaCenters = newTAP.getRgdxaCenter();
projects / poi.git / commitdiff