pashko/apache-poi
1
0
Fork 0
mirror of https://github.com/apache/poi.git synced 2026-02-27 20:40:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

Prevent invalid height/width in wmf-images exhausting memory

Browse Source 
Introduce an adjustable limit of maximum number of pixels
for when drawing the image
This commit is contained in:
Dominik Stadler 2026-01-16 08:55:27 +01:00
parent 9c2f487c98
commit 22531fe638
1 changed files with 27 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
poi-scratchpad/src/main/java/org/apache/poi/hwmf/record/HwmfBitmapDib.java
View File

@ -51,6 +51,9 @@ import org.apache.poi.util.RecordFormatException;
* The DeviceIndependentBitmap Object defines an image in device-independent bitmap (DIB) format.
*/
public class HwmfBitmapDib implements GenericRecord {
// arbitrarily selected; may need to increase
private static final int DEFAULT_MAX_HEIGHT_WIDTH = 10_000;
protected static int MAX_HEIGHT_WIDTH = DEFAULT_MAX_HEIGHT_WIDTH;
private static final Logger LOG = PoiLogManager.getLogger(HwmfBitmapDib.class);
private static final int BMP_HEADER_SIZE = 14;
@ -532,6 +535,13 @@ public class HwmfBitmapDib implements GenericRecord {
return new BufferedImage(1, 1, BufferedImage.TYPE_INT_ARGB);
}
if (headerHeight > MAX_HEIGHT_WIDTH || headerWidth > MAX_HEIGHT_WIDTH) {
throw new RecordFormatException("The width or height specified in the header exceed the current "
+ "limit. Height: " + headerHeight + ", width: " + headerWidth +
", Max width/height: " + MAX_HEIGHT_WIDTH +
". Limits can be adjusted via 'HwmfBitmapDib.setMaxHeightWidth'");
}
BufferedImage bi = new BufferedImage(headerWidth, headerHeight, BufferedImage.TYPE_INT_ARGB);
Graphics2D g = bi.createGraphics();
g.setRenderingHint(RenderingHints.KEY_ANTIALIASING, RenderingHints.VALUE_ANTIALIAS_ON);
@ -559,4 +569,21 @@ public class HwmfBitmapDib implements GenericRecord {
g.dispose();
return bi;
}
/**
* Adjust limit to prevent broken images from exceeding available
* memory when being drawn.
*
* @param length the max number of pixel of width/height to allow for images
*/
public static void setMaxHeightWidth(int length) {
MAX_HEIGHT_WIDTH = length;
}
/**
* @return the max number of pixel of width/height to allow for images
*/
public static int getMaxHeightWidth() {
return MAX_HEIGHT_WIDTH;
}
}