jmestwa-coder opened a new pull request, #1045: URL: https://github.com/apache/poi/pull/1045
### Summary Reject invalid WMF files where `unitsPerInch = 0` to prevent unsafe scaling behavior. --- ### Problem `unitsPerInch` from the placeable WMF header is used as a divisor in scaling calculations. If it is `0`, this leads to: - Division by zero - Infinite dimensions - Potentially excessive image allocation This originates from externally supplied WMF input. --- ### Root Cause `unitsPerInch` is not validated before being used in scaling. --- ### Fix - Read `unitsPerInch` as unsigned (`readUShort`) - Reject `unitsPerInch == 0` at the parser boundary by throwing `RecordFormatException` --- ### Why This Change Allowing `unitsPerInch = 0` produces infinite dimensions during scaling, which can result in unsafe memory allocation. Rejecting this value prevents undefined and unsafe behavior during WMF processing. --- ### Tests - Added regression test for `unitsPerInch = 0` → verifies rejection - Added valid case → verifies finite, positive dimensions Tests are deterministic and in-memory. --- ### Compatibility - No API changes - No behavior change for valid WMF files - Only invalid input is rejected -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
