https://bz.apache.org/bugzilla/show_bug.cgi?id=65742
--- Comment #5 from [email protected] --- (In reply to PJ Fanning from comment #4) > I would argue that noone should be accepting microsoft format files from > untrusted sources. It is up to anybody you decides to expose themselves to > accepting rogue files that they should validate the inputs before parsing it > with POI. Yes, POI may not handle all kinds of checks/validations by itself. I suggest POI can wrap the exceptions as xxxException accordingly. Therefore, user can properly handle the error when it happens. [ CWE 248 Uncaught exception (https://cwe.mitre.org/data/definitions/248.html)] In the meantime, I am testing the unreleased version 5.2.0-SNAPSHOT. Is there an easy way to build this version? -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
