https://bz.apache.org/bugzilla/show_bug.cgi?id=69705
Bug ID: 69705
Summary: ZIP BOMB DETECTED WHILE WORKING WITH apache poi 5.0.0
Product: POI
Version: unspecified
Hardware: PC
OS: Mac OS X 10.1
Status: NEW
Severity: normal
Priority: P2
Component: XSSF
Assignee: dev@poi.apache.org
Reporter: rakhi.naraya...@gmail.com
Target Milestone: ---
I am trying with this simple code in my application which will set the value
only only for 1000 rows.
For &rowNum = 2 To 1000
For &colNum = 1 To 18
If &colNum = 14 Or
&colNum = 16 Then
&ssObject.SetCellstring(&rowNum, &colNum, &rowNum | "-" | &colNum);
End-If;
End-For;
End-For;
I am getting zip bomb detected in this.Could you please help to resolve this.
SetCellstring will internally call setStringValue and setFormat . the code is
as below.
public void setStringValue(String stringValue)
{
LOGGER.info("Enter setStringValue " + stringValue);
cell.setCellType(CellType.STRING);
cell.setCellValue(stringValue);
LOGGER.info("Exit getStringValue ");
}
public void setFormat(String format)
{
LOGGER.info("Enter setFormat " + format);
if (format == null)
return;
CellStyle cellStyle = wb.createCellStyle();
DataFormat dataFormat = wb.createDataFormat();
CellStyle currentCellStyle = cell.getCellStyle();
if (cellStyle != null)
{
cellStyle.cloneStyleFrom(currentCellStyle);
}
cellStyle.setDataFormat(dataFormat.getFormat(format));
cell.setCellStyle(cellStyle);
LOGGER.info("Exit setFormat ");
}
We are not doing any customization in poi code.
why calling any of this poi functions for 1000 rows causing the issue.When i
reduce the row count to 200 or 300 issue resolves.
That will have only poi methods setcelltype and setcellvalue
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org
