sahvx655-wq opened a new pull request, #1107: URL: https://github.com/apache/poi/pull/1107
EmfPolyDraw and WmfCreateRegion allocate arrays directly from count fields read from the input stream. This change applies POI's existing allocation safety checks before the following count-driven allocations: Point arrays in EmfPolyDraw Scan object arrays in WmfCreateRegion Invalid, excessively large, or negative counts are now rejected through POI's standard allocation validation path instead of attempting unchecked array allocations. Tests Added regression tests covering: Integer.MAX_VALUE count in EmfPolyDraw Negative count in WmfCreateRegion These tests verify that malformed inputs are rejected before array allocation occurs. Executed the automated unit tests: ./gradlew :poi-scratchpad:test -PjdkVersion=17 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
