]> source.dussan.org Git - poi.git/commitdiff
projects / poi.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b4b5603)
improve memory safety in HWPFDocumentCore
authorTim Allison <tallison@apache.org>
Mon, 22 Jun 2020 20:23:19 +0000 (20:23 +0000)
committerTim Allison <tallison@apache.org>
Mon, 22 Jun 2020 20:23:19 +0000 (20:23 +0000)
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1879097 13f79535-47bb-0310-9956-ffa450edef68

src/java/org/apache/poi/util/IOUtils.java patch | blob | history
src/scratchpad/src/org/apache/poi/hwpf/HWPFDocumentCore.java patch | blob | history

diff --git a/src/java/org/apache/poi/util/IOUtils.java b/src/java/org/apache/poi/util/IOUtils.java
index 26f461f12d728eefbd21834469b1c52798ff822c..68f5bbddc5b22403277e58edf228a5d2cce6523f 100644 (file)
--- a/src/java/org/apache/poi/util/IOUtils.java
+++ b/src/java/org/apache/poi/util/IOUtils.java
@@ -188,7 +188,7 @@ public final class IOUtils {
                 baos.write(buffer, 0, readBytes);
             }
 
-            checkByteSizeLimit(readBytes);
+            checkByteSizeLimit(totalBytes);
         } while (totalBytes < len && readBytes > -1);
 
         if (maxLength != Integer.MAX_VALUE && totalBytes == maxLength) {
diff --git a/src/scratchpad/src/org/apache/poi/hwpf/HWPFDocumentCore.java b/src/scratchpad/src/org/apache/poi/hwpf/HWPFDocumentCore.java
index 8910d6d669df4f6d5dbe98a8d4803bd7337fdec2..66c3b51bcc338da8f941c38f65ca370daa377f96 100644 (file)
--- a/src/scratchpad/src/org/apache/poi/hwpf/HWPFDocumentCore.java
+++ b/src/scratchpad/src/org/apache/poi/hwpf/HWPFDocumentCore.java
@@ -67,7 +67,7 @@ public abstract class HWPFDocumentCore extends POIDocument {
     protected static final String STREAM_TABLE_1 = "1Table";
 
     //arbitrarily selected; may need to increase
-    private static final int MAX_RECORD_LENGTH = 1_000_000;
+    private static final int MAX_RECORD_LENGTH = 500_000_000;
 
     /**
      * Size of the not encrypted part of the FIB
@@ -328,7 +328,7 @@ public abstract class HWPFDocumentCore extends POIDocument {
 
         try (DocumentInputStream dis = dir.createDocumentInputStream(documentProps);
              InputStream is = isEncrypted ? getDecryptedStream(dis, streamSize, encryptionOffset) : dis) {
-            return IOUtils.toByteArray(is, Math.min(streamSize, len));
+            return IOUtils.toByteArray(is, Math.min(streamSize, len), MAX_RECORD_LENGTH);
         } catch (GeneralSecurityException e) {
             throw new IOException("Unable to decrypt data for entry: "+name, e);
         }
Mirror of Apache POI: https://github.com/apache/poi