https://bz.apache.org/bugzilla/show_bug.cgi?id=66412
Bug ID: 66412 Summary: [PATCH] Support SST records with incorrect string count not at the end of the stream Product: POI Version: 5.3.x-dev Hardware: PC OS: All Status: NEW Severity: normal Priority: P2 Component: HSSF Assignee: dev@poi.apache.org Reporter: simon.car...@cloudpay.net Target Milestone: --- This patch fixes #65543. It includes a new unit test. The current behaviour is: read the number of strings in the string table. Then attempt to read that many number of strings. Using subsequent records if needed. If there are less strings present than reported, pad the internal string table with empty strings. This only works when there are no more records in the stream. This patch adds a check to ensure that the next record is a continuation record. If it is not then the internal string table is padded as before. Index: poi/src/main/java/org/apache/poi/hssf/record/SSTDeserializer.java =================================================================== --- poi/src/main/java/org/apache/poi/hssf/record/SSTDeserializer.java (revision 1906402) +++ poi/src/main/java/org/apache/poi/hssf/record/SSTDeserializer.java (working copy) @@ -49,7 +49,7 @@ for (int i=0;i<stringCount;i++) { // Extract exactly the count of strings from the SST record. UnicodeString str; - if (in.available() == 0 && !in.hasNextRecord()) { + if (in.available() == 0 && (!in.hasNextRecord() || in.getNextSid() != ContinueRecord.sid)) { LOG.atError().log("Ran out of data before creating all the strings! String at index {}", box(i)); str = new UnicodeString(""); } else { Index: poi/src/test/java/org/apache/poi/hssf/record/TestSSTDeserializer.java =================================================================== --- poi/src/test/java/org/apache/poi/hssf/record/TestSSTDeserializer.java (revision 1906402) +++ poi/src/test/java/org/apache/poi/hssf/record/TestSSTDeserializer.java (working copy) @@ -120,4 +120,23 @@ assertEquals( "At a dinner party orAt At At ", strings.get( 0 ) + "" ); } + + /** + * Ensure that invalid SST records with an incorrect number of strings specified, does not consume non-continuation records. + */ + @Test + void test65543() throws IOException { + final byte[] sstRecord = readSampleHexData("notenoughstrings.txt", "sst-record", SSTRecord.sid); + byte[] nonContinuationRecord = readSampleHexData("notenoughstrings.txt", "non-continuation-record", ExtSSTRecord.sid); + RecordInputStream in = TestcaseRecordInputStream.create(concat(sstRecord, nonContinuationRecord)); + + IntMapper<UnicodeString> strings = new IntMapper<>(); + SSTDeserializer deserializer = new SSTDeserializer( strings ); + + // The record data in notenoughstrings.txt only contains 1 string, deliberately pass in a larger number. + deserializer.manufactureStrings( 2, in ); + + assertEquals( "At a dinner party or", strings.get( 0 ) + "" ); + assertEquals( "", strings.get( 1 ) + "" ); + } } Index: test-data/spreadsheet/notenoughstrings.txt =================================================================== --- test-data/spreadsheet/notenoughstrings.txt (nonexistent) +++ test-data/spreadsheet/notenoughstrings.txt (working copy) @@ -0,0 +1,13 @@ +[sst-record] +14 00 # String length 0x14=20 +01 # Option flag, 16bit +# String: At a dinner party or +41 00 74 00 20 00 61 00 20 00 +64 00 69 00 6E 00 6E 00 65 00 +72 00 20 00 70 00 61 00 72 00 +74 00 79 00 20 00 6F 00 72 00 + +# This is not a complete record +# It only matters that the record type is not 0x003C +[non-continuation-record] +00 11 22 33 Property changes on: test-data/spreadsheet/notenoughstrings.txt ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org For additional commands, e-mail: dev-h...@poi.apache.org