https://bugs.documentfoundation.org/show_bug.cgi?id=163384
--- Comment #5 from Mike Kaganski <[email protected]> --- (In reply to Andreas Reichel from comment #4) > Please what does "bug in the generator" mean in this context? Do you refer > to Apache Commons Compress, which is used for Apache POI SXSSF? Yes. > If so, why the file can be Unzipped without any problems and also be opened > in Excel, Gnumeric and Google Sheet? (It also could be opened in LibreOffice > before 2nd Quarter 2024 or so). And in current LibreOffice, too - but only after it informed you about the problem it found. The commit mentioned in comment 3 was "package: add additional consistency checks for local file header". And it does what it says: it checks the ZIP for additional inconsistencies, among others, for "gaps and overlaps". And the files generated by Apache POI indeed have gaps - some bytes not used in the content. Since they are unused, indeed they don't *prevent* (break) the content from reading; but their existence means that they may contain arbitrary content. And the hardened check in newer LibreOffice warns about it, because it has no idea what the creator had in mind, when creating those suspicious gaps. When you learned it, you are free to try to continue loading it in repair mode. Specifically attachment 197444 (i.e., https://manticore-projects.com/download/manticore_7841765197550883476.xlsx) has the gaps at offsets 017C to 0184 02A2 to 02AA 0379 to 0381 04C6 to 04CE 0588 to 0590 0811 to 0819 0931 to 0939 0A56 to 0A5E 11B2 to 11BA (the values are from the unallocated object in the patch; I didn't check if it uses some additional offset maybe). Anyway, these numbers or slightly different, the program tells you that it found them, and they are suspicious. A good generator should not create such gaps. -- You are receiving this mail because: You are the assignee for the bug.
