jmestwa-coder opened a new pull request, #1079: URL: https://github.com/apache/poi/pull/1079
readXLWideString and readXLNullableWideString size the string as 2*(int)numChars, which overflows for char counts at or above 0x40000000 read from an .xlsb stream. The wrapped negative length slips past the offset+numBytes > data.length check, so an oversized record throws a raw StringIndexOutOfBoundsException instead of XSSFBParseException, and high-bit counts read the wrong length and desync the record stream. Compute the byte count in long so the bounds check applies before narrowing. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
