pashko/apache-poi
1
0
Fork 0
mirror of https://github.com/apache/poi.git synced 2026-02-27 20:40:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

check input stream read params (#1012)

Browse Source
This commit is contained in:
PJ Fanning 2026-02-17 09:20:28 +01:00 committed by GitHub
parent eafd6c04b8
commit df5604a1d7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
poi/src/main/java/org/apache/poi/util/RLEDecompressingInputStream.java
View File

@ -20,6 +20,7 @@ package org.apache.poi.util;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.util.Locale; import java.util.Locale;
import java.util.Objects;
import org.apache.commons.io.input.UnsynchronizedByteArrayInputStream; import org.apache.commons.io.input.UnsynchronizedByteArrayInputStream;
import org.apache.commons.io.output.UnsynchronizedByteArrayOutputStream; import org.apache.commons.io.output.UnsynchronizedByteArrayOutputStream;
@ -101,9 +102,8 @@ public class RLEDecompressingInputStream extends InputStream {
@Override @Override
public int read(byte[] b, int off, int l) throws IOException { public int read(byte[] b, int off, int l) throws IOException {
if (len == -1) { Objects.requireNonNull(b, "b == null");
return -1; Objects.checkFromIndexSize(off, l, b.length);
}
int offset = off; int offset = off;
int length = l; int length = l;
while (length > 0) { while (length > 0) {

3
poi/src/test/java/org/apache/poi/POIDataSamples.java
View File

@ -21,6 +21,7 @@ import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.io.UncheckedIOException; import java.io.UncheckedIOException;
import java.nio.file.Files; import java.nio.file.Files;
import java.util.Objects;
import org.apache.commons.io.output.UnsynchronizedByteArrayOutputStream; import org.apache.commons.io.output.UnsynchronizedByteArrayOutputStream;
import org.apache.poi.poifs.filesystem.POIFSFileSystem; import org.apache.poi.poifs.filesystem.POIFSFileSystem;
@ -246,6 +247,8 @@ public final class POIDataSamples {
} }
@Override @Override
public int read(byte[] b, int off, int len) throws IOException { public int read(byte[] b, int off, int len) throws IOException {
Objects.requireNonNull(b, "b == null");
Objects.checkFromIndexSize(off, len, b.length);
return _is.read(b, off, len); return _is.read(b, off, len);
} }
@Override @Override

6
poi/src/test/java/org/apache/poi/hssf/dev/BiffDumpingStream.java
View File

@ -20,6 +20,7 @@ package org.apache.poi.hssf.dev;
import java.io.DataInputStream; import java.io.DataInputStream;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.util.Objects;
import org.apache.poi.hssf.record.RecordInputStream; import org.apache.poi.hssf.record.RecordInputStream;
import org.apache.poi.util.LittleEndian; import org.apache.poi.util.LittleEndian;
@ -63,9 +64,8 @@ final class BiffDumpingStream extends InputStream {
@Override @Override
public int read(byte[] b, int off, int len) throws IOException { public int read(byte[] b, int off, int len) throws IOException {
if (b == null || off < 0 || len < 0 || b.length < off + len) { Objects.requireNonNull(b, "b == null");
throw new IllegalArgumentException(); Objects.checkFromIndexSize(off, len, b.length);
}
if (_currentPos >= _currentSize) { if (_currentPos >= _currentSize) {
fillNextBuffer(); fillNextBuffer();
} }