pashko/apache-poi
1
0
Fork 0
mirror of https://github.com/apache/poi.git synced 2026-02-27 12:30:08 +08:00
Code Issues Packages Projects Releases Wiki Activity
13,748 Commits 30 Branches 105 Tags
Commit Graph

13748 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dominik Stadler
22531fe638 Prevent invalid height/width in wmf-images exhausting memory 
Introduce an adjustable limit of maximum number of pixels
for when drawing the image
 2026-01-16 18:49:27 +01:00
Dominik Stadler
9c2f487c98 Bug 69927: Avoid NPE when parsing wmf-file 
headerBitCount can be null if the header contains an
invalid flag
 2026-01-16 18:49:27 +01:00
Dominik Stadler
b09bf904d7 Fix running integration-tests without scratchpad-libraries 2026-01-16 18:49:27 +01:00
Dominik Stadler
2acb5cf66a Avoid several NPEs 
When retrieving picture data
When retrieving text in slides
When handling XSLFTableStyles
In EmbeddedExtractor if ShapeName is not set
In HSSF with invalid EscherSpRecord
In HSSF with invalid RecordStreams
When drawing arcs for shapes in slides
In HSSFPicture.getPictureIndex
Adjust "opens" for tests in poi-ooxml

Either handle it gracefully or throw
IllegalStateException instead for broken files
 2026-01-16 18:49:27 +01:00
dependabot[bot]
d60edd21a3
Bump net.bytebuddy:byte-buddy from 1.18.3 to 1.18.4 (#998) 
Bumps [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) from 1.18.3 to 1.18.4.
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.18.3...byte-buddy-1.18.4)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-version: 1.18.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-16 17:44:32 +01:00
PJ Fanning
fd4d143d44
XSSFReader: tolerate missing comments file (#996) 2026-01-14 21:06:26 +01:00
PJ Fanning
df2d5d62d9
rename param in ColumnHelper 
see #993
 2026-01-13 10:59:09 +01:00
Dominik Stadler
8cdcda2873 Avoid NPE when handling color-highlighting in text-runs 2026-01-12 06:48:24 +01:00
Dominik Stadler
18ef01295d Avoid some NPEs when handling LinkTables 2026-01-12 06:48:24 +01:00
Dominik Stadler
ac4295deac Avoid NPE when a row in a workbook was deleted and thus getRow() returns null 2026-01-12 06:48:23 +01:00
Dominik Stadler
d93a29ae67 Optimize handling of large XSSFTables 
The current implementation calls updateHeaders() very often
causing cloning a sheet to take very long with high CPU.

We can optimize a number of things here:
* Use getTableColumnArray() as the List-based methods
have very costly implementations of hasNext()/next()
* Avoid some duplicated calls to updateHeaders()

There are likely more aggressive optimizations like
only calling updateHeaders() once after cloning,
but this would require more invasive changes in this
rarely used code-area.
 2026-01-12 06:48:23 +01:00
Dominik Stadler
1fc4f9e3b7 Avoid ClastCastException when handling a broken ppt file 2026-01-12 06:48:23 +01:00
Dominik Stadler
b401b92aea Avoid NPE when reading a broken pptx file 2026-01-12 06:48:23 +01:00
Dominik Stadler
a5f5f4294e Avoid NPE when reading a broken xlsb file 
Throw a more useful exception instead
 2026-01-12 06:48:23 +01:00
PJ Fanning
ba04c61188 format methods 2026-01-11 10:34:54 +01:00
Dominik Stadler
f8a8189230 Use the proper add-method to perform the check for max number of children 
If adding is done without check it can trigger OOM when fuzzing.

This should fix https://issues.oss-fuzz.com/issues/391709145
 2026-01-10 13:14:34 +01:00
Dominik Stadler
95b2a1cf1d Avoid NPE with broken files when reading xls file 2026-01-10 13:14:34 +01:00
Dominik Stadler
017ff5f8f8 Implement lazy allocation of data for complex escher properties 
This may reduce memory usage if the content is never used
or not populated for some reason.

This should fix https://issues.oss-fuzz.com/issues/42528528
 2026-01-10 13:14:34 +01:00
PJ Fanning
cc8b6d7591 Update XWPFTheme.java 2026-01-09 14:35:59 +01:00
Jacobo Aragunde Pérez
6670c48c30
Add getter for body elements in XWPFSDTContent. (#991) 
* Add getter for body elements in XWPFSDTContent.

This getter allows to navigate the POI objects stored inside a
XWPFSDTContent object without resorting to navigating XML.

* Address comments in review.
 2026-01-09 13:28:30 +01:00
Etienne Gautier
aead782eb2
XWPF Themes: allow public access of theme and add helpers for theme fonts (#986) 
* allow public access of theme and add helpers for theme fonts

* nit:naming

* add javadoc and tests

* Fix formatting of getMajorFontForScript method

* Refactor font retrieval methods for null checks

* Update XWPFTheme.java

---------

Co-authored-by: PJ Fanning <pjfanning@users.noreply.github.com>
 2026-01-09 13:09:12 +01:00
Dominik Stadler
c94e795f35 Avoid NPE with broken files when writing endnotes for Word documents 
https://issues.oss-fuzz.com/issues/391728757
 2026-01-09 08:45:03 +01:00
Dominik Stadler
e9b33c0b08 Avoid NPE with broken files when writing endnotes for Word documents 
Fixes https://issues.oss-fuzz.com/issues/392690733
 2026-01-09 08:45:03 +01:00
Dominik Stadler
befc941dcf Avoid NPE with broken files when handling paint-style for fill 2026-01-09 08:45:03 +01:00
Dominik Stadler
ac989335d7 Avoid NPE with broken files when handling text-shapes 2026-01-09 08:45:03 +01:00
Dominik Stadler
0ec4434f59 Avoid NPE with broken file 2026-01-09 08:45:03 +01:00
Dominik Stadler
c28aec61d4 Avoid an NPE when reading broken SlideShow-files 2026-01-09 08:45:03 +01:00
Dominik Stadler
b195a3b9ed Avoid an NPE when OPCPackage is closed without being fully initialized 2026-01-06 22:47:00 +01:00
Dominik Stadler
ddf71d0984 Avoid two NPEs which were currently "expected" in tests 
When things go wrong, we always want to give an
explanation via an exception instead of an NPE.
 2026-01-06 22:47:00 +01:00
Dominik Stadler
fb75600872 Don't throw RuntimeException in integration-tests 
This prepares us to include the FileHandlers in fuzz-testing
via oss-fuzz while keeping to not expect any direct
RuntimeException being caught.
 2026-01-06 22:47:00 +01:00
PJ Fanning
4dadb9d6cc
Update copyright year in NOTICE file 2026-01-03 14:38:23 +01:00
PJ Fanning
e7515ba5e6 log4j 2.25.3 2025-12-29 13:29:43 +01:00
dependabot[bot]
c1fac56998
Bump log4jVersion from 2.24.3 to 2.25.3 (#975) 
Bumps `log4jVersion` from 2.24.3 to 2.25.3.

Updates `org.apache.logging.log4j:log4j-bom` from 2.24.3 to 2.25.3
- [Release notes](https://github.com/apache/logging-log4j2/releases)
- [Changelog](https://github.com/apache/logging-log4j2/blob/2.x/RELEASE-NOTES.adoc)
- [Commits](https://github.com/apache/logging-log4j2/compare/rel/2.24.3...rel/2.25.3)

Updates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.24.3 to 2.25.3

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-bom
  dependency-version: 2.25.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.apache.logging.log4j:log4j-slf4j2-impl
  dependency-version: 2.25.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-29 13:27:00 +01:00
PJ Fanning
3a56bbd73b Update TestDetectAsOOXML.java 2025-12-25 11:17:12 +01:00
dependabot[bot]
6d42ff955a
Bump net.bytebuddy:byte-buddy from 1.18.2 to 1.18.3 (#984) 
Bumps [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) from 1.18.2 to 1.18.3.
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.18.2...byte-buddy-1.18.3)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-version: 1.18.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-22 16:10:05 +01:00
emmanueldufour
528591ba11
Allow to load a word document with chartex chart (#982) 
* Allow to load a word document with chartex chart

ChartEx (new charts introduced in Office 2016) will raise exceptions in underlying XML parsing, we catch them here in order to still be able to load the document

* spacing

some extra spaces were unbearable and could have prevented the pull request

* add test

* Update POIXMLDocumentPart.java

* Update POIXMLDocumentPart.java

* Update POIXMLDocumentPart.java

* reduce risk of swallowing zip bomb exceptions

* Update POIXMLDocumentPart.java

---------

Co-authored-by: PJ Fanning <pjfanning@users.noreply.github.com>
 2025-12-19 20:10:25 +01:00
PJ Fanning
c703d00300 Update build.gradle 2025-12-19 17:31:40 +01:00
Dominik Stadler
9e1afbbab1 Fix some more Gradle deprecation-warnings in preparation for Gradle 9 
Only signing-handling in poi-ooxml is still remaining, but
this deprecation seems to have been moved to Gradle 10 anyway.

Gradle 9 will require JDK 17, though, so we can only upgrade
when the min. supported JDK is bumped once more.
 2025-12-19 16:15:21 +01:00
dependabot[bot]
3ac160b57d
Bump org.sonarqube from 7.2.1.6560 to 7.2.2.6593 (#983) 
Bumps org.sonarqube from 7.2.1.6560 to 7.2.2.6593.

---
updated-dependencies:
- dependency-name: org.sonarqube
  dependency-version: 7.2.2.6593
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-19 16:09:48 +01:00
PJ Fanning
f2c52141c7
remove pre-existing inline strings when updating value (#962) 
* remove pre-existing inline strings when updating value

* Update TestXSSFCell.java
 2025-12-18 19:45:50 +01:00
Dominik Stadler
fd66689944 Improve message if test fails 2025-12-17 22:12:41 +01:00
Dominik Stadler
97a97bd75c JavaDoc: Don't link to classes from "poi-ooxml" in module "poi" 
Otherwise building javadoc in CI fails sometimes, maybe if
the repository is cleaned before building.

And add some missing javadoc
 2025-12-17 22:12:41 +01:00
Dominik Stadler
338882ac88 Convert some files to unix newlines 
Otherwise these can cause issues when checking out
sources on Windows
 2025-12-17 22:11:29 +01:00
Dominik Stadler
2dd124eb42 Fix some Gradle deprecation warnings 
A number of warnings still remain,
they seem a bit more complicated to fix.
 2025-12-17 22:11:29 +01:00
PJ Fanning
fe3359bd79
refactor recurse check (#979) 2025-12-17 22:08:23 +01:00
PJ Fanning
6762b5a9fb Revert "Update XSSFCell.java" 
This reverts commit 037a001719d3beb8f31cb4022dd34cd28a318c61.
 2025-12-17 21:49:08 +01:00
PJ Fanning
037a001719 Update XSSFCell.java 2025-12-17 21:31:06 +01:00
PJ Fanning
3a69605f4c
[bz-69905] check cell before recursing (#978) 2025-12-17 21:29:03 +01:00
dependabot[bot]
08e9bb00d4
Bump org.sonarqube from 7.2.0.6526 to 7.2.1.6560 (#976) 
Bumps org.sonarqube from 7.2.0.6526 to 7.2.1.6560.

---
updated-dependencies:
- dependency-name: org.sonarqube
  dependency-version: 7.2.1.6560
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-17 21:24:32 +01:00
Jacobo Aragunde Pérez
4fb34ebeae
Fix rules for table style application in XSLFTables. (#969) 
* Fix rules for table style application in XSLFTables.

Table styles contain rules for first and last rows/columns, even and
odd rows/columns... When one of these rules is empty, we are supposed
to fall back to the "whole table" rules. The fallback must also be
applied for the format that's not explicitly specified in the specific
rules.

when the corresponding specific rule is missing some info.

Fallback must also be applied when the corresponding specific rule is
missing some info. A couple of examples from the reproducer/test file
included:

The included reproducer/test file contained a few problems related to
table style application:
* The second style for horizontal/vertical banding (band2H, band2V) was
  never applied.
* In the table with horizontal banding enabled, the style band1H did
  not set a font color, POI returned a null font color instead of the
  color from wholeTable.
* In the table with horizontal banding enabled, the style band2H did
  not set a background color, POI returned null instead of the color
  specified in wholeTable.

This patches fixes the behaviors mentioned above, making POI behavior
match the one from MS Office and LibreOffice.

* Replace uses of java.util.list.getFirst().
 2025-12-16 18:03:45 +01:00