diff options
| author | Dominik Stadler <centic@apache.org> | 2022-03-20 06:52:47 +0000 |
|---|---|---|
| committer | Dominik Stadler <centic@apache.org> | 2022-03-20 06:52:47 +0000 |
| commit | 9df7e2d8479c8dfcc365e1766407517c90427d6b (patch) | |
| tree | f0963b4c71009da688af734a6152990aae4fdade /poi-scratchpad/src/main | |
| parent | 3ee410e8b54790b3fd22b42ce61f1947a8177fe9 (diff) | |
| download | poi-9df7e2d8479c8dfcc365e1766407517c90427d6b.tar.gz poi-9df7e2d8479c8dfcc365e1766407517c90427d6b.zip | |
Prevent one more case of allocating endlessly on invalid TNEF/HMEF/MAPI files
Limit the number of attributes to 10,000 by default
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1899072 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'poi-scratchpad/src/main')
| -rw-r--r-- | poi-scratchpad/src/main/java/org/apache/poi/hmef/attribute/MAPIAttribute.java | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/poi-scratchpad/src/main/java/org/apache/poi/hmef/attribute/MAPIAttribute.java b/poi-scratchpad/src/main/java/org/apache/poi/hmef/attribute/MAPIAttribute.java index a5f797220e..f851526ea3 100644 --- a/poi-scratchpad/src/main/java/org/apache/poi/hmef/attribute/MAPIAttribute.java +++ b/poi-scratchpad/src/main/java/org/apache/poi/hmef/attribute/MAPIAttribute.java @@ -43,6 +43,7 @@ public class MAPIAttribute { //arbitrarily selected; may need to increase private static final int DEFAULT_MAX_RECORD_LENGTH = 1_000_000; private static int MAX_RECORD_LENGTH = 1_000_000; + private static int MAX_RECORD_COUNT = 10_000; private final MAPIProperty property; private final int type; @@ -183,6 +184,7 @@ public class MAPIAttribute { int values = 1; if(isMV || isVL) { values = LittleEndian.readInt(inp); + IOUtils.safelyAllocateCheck(values, MAX_RECORD_COUNT); } if (type == Types.NULL && values > 1) { |