pjfanning commented on code in PR #1080:
URL: https://github.com/apache/poi/pull/1080#discussion_r3299347752
##########
poi/src/test/java/org/apache/poi/poifs/filesystem/TestOle10Native.java:
##########
@@ -107,4 +108,23 @@ void testOleNativeOOM() throws IOException {
}
}
+ @Test
+ void testOle10NativeUtf16SizeOverflow() {
+ // command2 declares 0x40000001 UTF-16 chars; the byte count (size *
2) overflows
+ // a signed int to a negative value that slips past the
MAX_STRING_LENGTH cap.
+ byte[] data = new byte[34];
+ LittleEndian.putShort(data, 4, (short) 2); // flags1 -> parsed
encoding
+ data[6] = 'A'; // label (AsciiZ)
+ data[8] = 'B'; // fileName (AsciiZ)
+ // flags2, unknown1, ascii command length and data length stay zero
+ LittleEndian.putInt(data, 22, 0x40000001); // command2 char count
+ LittleEndian.putInt(data, 0, data.length - 4); // totalSize
+
+ RecordFormatException ex = assertThrows(
+ RecordFormatException.class,
+ () -> new Ole10Native(data, 0)
+ );
+ assertTrue(ex.getMessage().contains("Tried to allocate"));
Review Comment:
Use POITestCase assertContains
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
