sahvx655-wq opened a new pull request, #1106:
URL: https://github.com/apache/poi/pull/1106
This PR hardens integer conversions in `HwmfBitmapDib`, `AggregateFunction`,
and `DStarRunner` by replacing narrowing casts with safe conversion methods
that fail fast on overflow instead of silently truncating values.
HwmfBitmapDib
* Replace `(int) Math.max(imageData.length, introSize + headerImageSize)`
with `Math.toIntExact(...)`.
* Prevents silent truncation when image size calculations exceed the
integer range.
AggregateFunction
* Replace `(int) Math.ceil(dn)` with `MathUtil.safeDoubleToInt(...)`.
* Uses POI's existing utility method to validate double-to-int conversions.
DStarRunner
* Replace `(int) Math.round(...)` with `Math.toIntExact(...)`.
* Prevents silent overflow when converting rounded `long` values to `int`.
These changes preserve existing behavior for valid inputs while improving
safety and consistency with recent integer-conversion hardening updates across
the codebase.
Executed the relevant test suites:
bash
./gradlew :poi:test :poi-scratchpad:test -PjdkVersion=17
* 7270 tests executed
* 0 failures
* 30 skipped
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
