use ArithmeticUtils for calculations that might overflow

author PJ Fanning <fanningpj@apache.org>

Mon, 15 Apr 2019 16:02:53 +0000 (16:02 +0000)

committer PJ Fanning <fanningpj@apache.org>

Mon, 15 Apr 2019 16:02:53 +0000 (16:02 +0000)
author PJ Fanning <fanningpj@apache.org>
Mon, 15 Apr 2019 16:02:53 +0000 (16:02 +0000)
committer PJ Fanning <fanningpj@apache.org>
Mon, 15 Apr 2019 16:02:53 +0000 (16:02 +0000)
diff --git a/src/java/org/apache/poi/poifs/filesystem/POIFSFileSystem.java b/src/java/org/apache/poi/poifs/filesystem/POIFSFileSystem.java

index 65c95ffee058a1f4826afe1f8ca9d6c8ad48fe9a..e68f5d96869972f8cdf0522683cc389db1cfb67b 100644 (file)
--- a/src/java/org/apache/poi/poifs/filesystem/POIFSFileSystem.java
+++ b/src/java/org/apache/poi/poifs/filesystem/POIFSFileSystem.java
@@ -113,8 +113,8 @@ public class POIFSFileSystem extends BlockStore
      protected void createNewDataSource() {
          // Data needs to initially hold just the header block,
          //  a single bat block, and an empty properties section
-        _data = new ByteArrayBackedDataSource(IOUtils.safelyAllocate(
-                bigBlockSize.getBigBlockSize() * 3, MAX_RECORD_LENGTH));
+        long blockSize = ArithmeticUtils.mulAndCheck((long)bigBlockSize.getBigBlockSize(), (long)3);
+        _data = new ByteArrayBackedDataSource(IOUtils.safelyAllocate(blockSize, MAX_RECORD_LENGTH));
      }
  
      /**
diff --git a/src/java/org/apache/poi/ss/util/cellwalk/CellWalk.java b/src/java/org/apache/poi/ss/util/cellwalk/CellWalk.java

index fe1605ce30eda4f8c3186ec5888cfb5564403346..9ab0e530fc96646808b24912b9972171a715f8fc 100644 (file)
--- a/src/java/org/apache/poi/ss/util/cellwalk/CellWalk.java
+++ b/src/java/org/apache/poi/ss/util/cellwalk/CellWalk.java
@@ -17,6 +17,7 @@
  
  package org.apache.poi.ss.util.cellwalk;
  
+import org.apache.commons.math3.util.ArithmeticUtils;
  import org.apache.poi.ss.usermodel.Cell;
  import org.apache.poi.ss.usermodel.CellType;
  import org.apache.poi.ss.usermodel.Row;
@@ -91,9 +92,10 @@ public class CellWalk {
                      continue;
                  }
  
-                ctx.ordinalNumber =
-                        (ctx.rowNumber - firstRow) * width +
-                                (ctx.colNumber - firstColumn + 1);
+                long rowSize = ArithmeticUtils.mulAndCheck(
+                        (long)ArithmeticUtils.subAndCheck(ctx.rowNumber, firstRow), (long)width);
+
+                ctx.ordinalNumber = ArithmeticUtils.addAndCheck(rowSize, (ctx.colNumber - firstColumn + 1));
  
                  handler.onCell(currentCell, ctx);
              }
diff --git a/src/scratchpad/src/org/apache/poi/hslf/record/MasterTextPropAtom.java b/src/scratchpad/src/org/apache/poi/hslf/record/MasterTextPropAtom.java

index ba27d73d84ee82b1c40b4cfc8406283b5acab2e0..d754a10b3c0eece4cc694d81476889df77dd7c5a 100644 (file)
--- a/src/scratchpad/src/org/apache/poi/hslf/record/MasterTextPropAtom.java
+++ b/src/scratchpad/src/org/apache/poi/hslf/record/MasterTextPropAtom.java
@@ -23,6 +23,7 @@ import java.util.ArrayList;
  import java.util.Collections;
  import java.util.List;
  
+import org.apache.commons.math3.util.ArithmeticUtils;
  import org.apache.poi.hslf.model.textproperties.IndentProp;
  import org.apache.poi.util.IOUtils;
  import org.apache.poi.util.LittleEndian;
@@ -113,7 +114,8 @@ public final class MasterTextPropAtom extends RecordAtom {
       */
      private void write() {
          int pos = 0;
-        _data = IOUtils.safelyAllocate(indents.size()*6, MAX_RECORD_LENGTH);
+        long newSize = ArithmeticUtils.mulAndCheck((long)indents.size(), (long)6);
+        _data = IOUtils.safelyAllocate(newSize, MAX_RECORD_LENGTH);
          for (IndentProp prop : indents) {
              LittleEndian.putInt(_data, pos, prop.getCharactersCovered());
              LittleEndian.putShort(_data, pos+4, (short)prop.getIndentLevel());
author	PJ Fanning <fanningpj@apache.org>
	Mon, 15 Apr 2019 16:02:53 +0000 (16:02 +0000)
committer	PJ Fanning <fanningpj@apache.org>
	Mon, 15 Apr 2019 16:02:53 +0000 (16:02 +0000)
src/java/org/apache/poi/poifs/filesystem/POIFSFileSystem.java		patch \| blob \| history
src/java/org/apache/poi/ss/util/cellwalk/CellWalk.java		patch \| blob \| history
src/scratchpad/src/org/apache/poi/hslf/record/MasterTextPropAtom.java		patch \| blob \| history