Java Code Examples for org.apache.poi.openxml4j.util.ZipSecureFile

The following examples show how to use org.apache.poi.openxml4j.util.ZipSecureFile. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: hop   Source File: ExcelInputContentParsingTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testZipBombConfiguration_Default() throws Exception {

  // First set some random values
  Long bogusMaxEntrySize = 1000L;
  ZipSecureFile.setMaxEntrySize( bogusMaxEntrySize );
  Long bogusMaxTextSize = 1000L;
  ZipSecureFile.setMaxTextSize( bogusMaxTextSize );
  Double bogusMinInflateRatio = 0.5d;
  ZipSecureFile.setMinInflateRatio( bogusMinInflateRatio );

  // Verify that the bogus values were set
  assertEquals( bogusMaxEntrySize, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( bogusMaxTextSize, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( bogusMinInflateRatio, (Double) ZipSecureFile.getMinInflateRatio() );

  // Initializing the ExcelInput transform should make the new values to be set
  meta.setSpreadSheetType( SpreadSheetType.SAX_POI );
  init( "Balance_Type_Codes.xlsx" );

  // Verify that the default values were used
  assertEquals( Const.HOP_ZIP_MAX_ENTRY_SIZE_DEFAULT, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( Const.HOP_ZIP_MAX_TEXT_SIZE_DEFAULT, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( Const.HOP_ZIP_MIN_INFLATE_RATIO_DEFAULT, (Double) ZipSecureFile.getMinInflateRatio() );
}
 
Example 2
Source Project: hop   Source File: ExcelInputContentParsingTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testZipBombConfiguration() throws Exception {
  Long maxEntrySizeVal = 3L * 1024 * 1024 * 1024;
  Long maxTextSizeVal = 2L * 1024 * 1024 * 1024;
  Double minInflateRatioVal = 0.123d;

  // First set the property values
  System.setProperty( Const.HOP_ZIP_MAX_ENTRY_SIZE, maxEntrySizeVal.toString() );
  System.setProperty( Const.HOP_ZIP_MAX_TEXT_SIZE, maxTextSizeVal.toString() );
  System.setProperty( Const.HOP_ZIP_MIN_INFLATE_RATIO, minInflateRatioVal.toString() );
  //ExcelInput excelInput = new ExcelInput( null, null, 0, null, null );

  // Initializing the ExcelInput transform should make the new values to be set

  meta.setSpreadSheetType( SpreadSheetType.SAX_POI );
  init( "Balance_Type_Codes.xlsx" );

  // Verify that the setted values were used
  assertEquals( maxEntrySizeVal, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( maxTextSizeVal, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( minInflateRatioVal, (Double) ZipSecureFile.getMinInflateRatio() );
}
 
Example 3
Source Project: hop   Source File: ExcelInputContentParsingTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testXLSXCompressionRatioIsBig() throws Exception {

  // For this zip to be correctly handed, we need to allow a lower inflate ratio
  Double minInflateRatio = 0.007d;
  System.setProperty( Const.HOP_ZIP_MIN_INFLATE_RATIO, minInflateRatio.toString() );

  meta.setSpreadSheetType( SpreadSheetType.SAX_POI );
  init( "Balance_Type_Codes.xlsx" );

  // Verify that the minimum allowed inflate ratio is the expected
  assertEquals( minInflateRatio, (Double) ZipSecureFile.getMinInflateRatio() );

  setFields( new ExcelInputField( "FIST ID", -1, -1 ), new ExcelInputField( "SOURCE SYSTEM", -1, -1 ) );

  process();

  checkErrors();
  checkContent( new Object[][] { { "FIST0200", "ACM" } } );
}
 
Example 4
Source Project: hop   Source File: ExcelInputContentParsingTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testZipBombConfiguration_Default() throws Exception {

  // First set some random values
  Long bogusMaxEntrySize = 1000L;
  ZipSecureFile.setMaxEntrySize( bogusMaxEntrySize );
  Long bogusMaxTextSize = 1000L;
  ZipSecureFile.setMaxTextSize( bogusMaxTextSize );
  Double bogusMinInflateRatio = 0.5d;
  ZipSecureFile.setMinInflateRatio( bogusMinInflateRatio );

  // Verify that the bogus values were set
  assertEquals( bogusMaxEntrySize, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( bogusMaxTextSize, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( bogusMinInflateRatio, (Double) ZipSecureFile.getMinInflateRatio() );

  // Initializing the ExcelInput transform should make the new values to be set
  meta.setSpreadSheetType( SpreadSheetType.SAX_POI );
  init( "Balance_Type_Codes.xlsx" );

  // Verify that the default values were used
  assertEquals( Const.HOP_ZIP_MAX_ENTRY_SIZE_DEFAULT, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( Const.HOP_ZIP_MAX_TEXT_SIZE_DEFAULT, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( Const.HOP_ZIP_MIN_INFLATE_RATIO_DEFAULT, (Double) ZipSecureFile.getMinInflateRatio() );
}
 
Example 5
Source Project: hop   Source File: ExcelInputContentParsingTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testZipBombConfiguration() throws Exception {
  Long maxEntrySizeVal = 3L * 1024 * 1024 * 1024;
  Long maxTextSizeVal = 2L * 1024 * 1024 * 1024;
  Double minInflateRatioVal = 0.123d;

  // First set the property values
  System.setProperty( Const.HOP_ZIP_MAX_ENTRY_SIZE, maxEntrySizeVal.toString() );
  System.setProperty( Const.HOP_ZIP_MAX_TEXT_SIZE, maxTextSizeVal.toString() );
  System.setProperty( Const.HOP_ZIP_MIN_INFLATE_RATIO, minInflateRatioVal.toString() );
  //ExcelInput excelInput = new ExcelInput( null, null, 0, null, null );

  // Initializing the ExcelInput transform should make the new values to be set

  meta.setSpreadSheetType( SpreadSheetType.SAX_POI );
  init( "Balance_Type_Codes.xlsx" );

  // Verify that the setted values were used
  assertEquals( maxEntrySizeVal, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( maxTextSizeVal, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( minInflateRatioVal, (Double) ZipSecureFile.getMinInflateRatio() );
}
 
Example 6
Source Project: hop   Source File: ExcelInputContentParsingTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testXLSXCompressionRatioIsBig() throws Exception {

  // For this zip to be correctly handed, we need to allow a lower inflate ratio
  Double minInflateRatio = 0.007d;
  System.setProperty( Const.HOP_ZIP_MIN_INFLATE_RATIO, minInflateRatio.toString() );

  meta.setSpreadSheetType( SpreadSheetType.SAX_POI );
  init( "Balance_Type_Codes.xlsx" );

  // Verify that the minimum allowed inflate ratio is the expected
  assertEquals( minInflateRatio, (Double) ZipSecureFile.getMinInflateRatio() );

  setFields( new ExcelInputField( "FIST ID", -1, -1 ), new ExcelInputField( "SOURCE SYSTEM", -1, -1 ) );

  process();

  checkErrors();
  checkContent( new Object[][] { { "FIST0200", "ACM" } } );
}
 
Example 7
Source Project: FEBS-Security   Source File: POIUtils.java    License: Apache License 2.0 6 votes vote down vote up
static void writeByLocalOrBrowser(HttpServletResponse response, String fileName, SXSSFWorkbook wb, OutputStream out) {
    try {
        ZipSecureFile.setMinInflateRatio(0L);
        if (response != null) {
            // response对象不为空,响应到浏览器下载
            response.setContentType(FebsConstant.XLSX_CONTENT_TYPE);
            response.setHeader("Content-disposition", "attachment; filename="
                    + URLEncoder.encode(String.format("%s%s", fileName, FebsConstant.XLSX_SUFFIX), "UTF-8"));
            if (out == null) {
                out = response.getOutputStream();
            }
        }
        wb.write(out);
        out.flush();
        out.close();
    } catch (Exception e) {
        log.error(e.getMessage());
    }

}
 
Example 8
@Test
public void testZipBombConfiguration_Default() throws Exception {

  // First set some random values
  Long bogusMaxEntrySize = 1000L;
  ZipSecureFile.setMaxEntrySize( bogusMaxEntrySize );
  Long bogusMaxTextSize = 1000L;
  ZipSecureFile.setMaxTextSize( bogusMaxTextSize );
  Double bogusMinInflateRatio = 0.5d;
  ZipSecureFile.setMinInflateRatio( bogusMinInflateRatio );

  // Verify that the bogus values were set
  assertEquals( bogusMaxEntrySize, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( bogusMaxTextSize, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( bogusMinInflateRatio, (Double) ZipSecureFile.getMinInflateRatio() );

  // Initializing the ExcelInput step should make the new values to be set
  meta.setSpreadSheetType( SpreadSheetType.SAX_POI );
  System.setProperty( Const.KETTLE_XLSX_ZIP_BOMB_CHECK, Boolean.TRUE.toString() );
  init( "Balance_Type_Codes.xlsx" );

  // Verify that the default values were used
  assertEquals( Const.KETTLE_ZIP_MAX_ENTRY_SIZE_DEFAULT, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( Const.KETTLE_ZIP_MAX_TEXT_SIZE_DEFAULT, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( Const.KETTLE_ZIP_MIN_INFLATE_RATIO_DEFAULT, (Double) ZipSecureFile.getMinInflateRatio() );
}
 
Example 9
@Test
public void testZipBombConfiguration_CheckDisabled() throws Exception {

  Double bogusMinInflateRatio = 0.5d;
  ZipSecureFile.setMinInflateRatio( bogusMinInflateRatio );

  // Verify the Min Inflate Ratio was set
  assertEquals( bogusMinInflateRatio, (Double) ZipSecureFile.getMinInflateRatio() );

  // Initializing the ExcelInput step should make the new values to be set
  meta.setSpreadSheetType( SpreadSheetType.SAX_POI );
  // Disabling the zip bomb checking property
  System.setProperty( Const.KETTLE_XLSX_ZIP_BOMB_CHECK, Boolean.FALSE.toString() );
  init( "Balance_Type_Codes.xlsx" );

  assertEquals( Const.KETTLE_ZIP_NEGATIVE_MIN_INFLATE, (Double) ZipSecureFile.getMinInflateRatio() );
}
 
Example 10
@Test
public void testZipBombConfiguration() throws Exception {
  Long maxEntrySizeVal = 3L * 1024 * 1024 * 1024;
  Long maxTextSizeVal = 2L * 1024 * 1024 * 1024;
  Double minInflateRatioVal = 0.123d;

  // First set the property values
  System.setProperty( Const.KETTLE_ZIP_MAX_ENTRY_SIZE, maxEntrySizeVal.toString() );
  System.setProperty( Const.KETTLE_ZIP_MAX_TEXT_SIZE, maxTextSizeVal.toString() );
  System.setProperty( Const.KETTLE_ZIP_MIN_INFLATE_RATIO, minInflateRatioVal.toString() );
  System.setProperty( Const.KETTLE_XLSX_ZIP_BOMB_CHECK, Boolean.TRUE.toString() );
  //ExcelInput excelInput = new ExcelInput( null, null, 0, null, null );

  // Initializing the ExcelInput step should make the new values to be set

  meta.setSpreadSheetType( SpreadSheetType.SAX_POI );
  init( "Balance_Type_Codes.xlsx" );

  // Verify that the setted values were used
  assertEquals( maxEntrySizeVal, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( maxTextSizeVal, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( minInflateRatioVal, (Double) ZipSecureFile.getMinInflateRatio() );
}
 
Example 11
@Test
public void testXLSXCompressionRatioIsBig() throws Exception {

  // For this zip to be correctly handed, we need to allow a lower inflate ratio
  Double minInflateRatio = 0.007d;
  System.setProperty( Const.KETTLE_ZIP_MIN_INFLATE_RATIO, minInflateRatio.toString() );
  System.setProperty( Const.KETTLE_XLSX_ZIP_BOMB_CHECK, Boolean.TRUE.toString() );

  meta.setSpreadSheetType( SpreadSheetType.SAX_POI );
  init( "Balance_Type_Codes.xlsx" );

  // Verify that the minimum allowed inflate ratio is the expected
  assertEquals( minInflateRatio, (Double) ZipSecureFile.getMinInflateRatio() );

  setFields( new ExcelInputField( "FIST ID", -1, -1 ), new ExcelInputField( "SOURCE SYSTEM", -1, -1 ) );

  process();

  checkErrors();
  checkContent( new Object[][] { { "FIST0200", "ACM" } } );
}
 
Example 12
Source Project: poi-tl   Source File: Issue329.java    License: Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("serial")
@Test
public void testDocxTemplateRender() throws Exception {

    // TimeUnit.SECONDS.sleep(20);

    Map<String, Object> datas = new HashMap<String, Object>() {
        {
            // 循环合并模板
            put("docx_template", new DocxRenderData(
                    new File("src/test/resources/template/render_include_merge_template.docx"), dataList));
        }
    };

    // Zip Bomb detected
    ZipSecureFile.setMinInflateRatio(-1.0d);

    XWPFTemplate template = XWPFTemplate.compile("src/test/resources/template/render_include.docx")
            .render(datas);

    template.writeToFile("out_issue_329.docx");

    //System.out.println("game over................");

    //TimeUnit.SECONDS.sleep(10);

}