pashko/apache-poi
1
0
Fork 0
mirror of https://github.com/apache/poi.git synced 2026-02-27 20:40:08 +08:00
Code Issues Packages Projects Releases Wiki Activity
13,713 Commits 30 Branches 105 Tags
Commit Graph

13713 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dominik Stadler
0ae15edb2c Perform an allocation-check for .emf files 2026-01-24 14:45:16 +01:00
Dominik Stadler
5eba199642 Fix tests for no-scratchpad 2026-01-18 20:53:44 +01:00
Dominik Stadler
0de8ecd6a0 Recent tests add one more file to ooxml-lite 2026-01-18 20:53:44 +01:00
Dominik Stadler
d1f3f9489f Add check for too large allocation in SharedFormulaGroup 
A malformed spreadsheet could trigger a very large allocation.

Can be overruled by users via IOUtils.setByteArrayMaxOverride().

Fixes https://issues.oss-fuzz.com/issues/476431391
 2026-01-18 18:28:36 +01:00
Dominik Stadler
d1f0a88ea1 Avoid NPE in XSLFDiagram 
Throw IllegalStateException instead

Fixes https://issues.oss-fuzz.com/issues/476184825
 2026-01-18 18:28:36 +01:00
Dominik Stadler
beab88fb0e Remove obsolete if-condition 
All branches perform the same action now anyway
 2026-01-18 18:28:36 +01:00
Dominik Stadler
66109187d1 Only allocate the required size for EscherComplexProperty 
Otherwise a malformed document can cause OOM by reserving
large chunks of memory, but only using little of it.

This fixes https://issues.oss-fuzz.com/issues/476184826
 2026-01-18 18:28:36 +01:00
Dominik Stadler
c9b37678cc Introduce getComplexSize() 
To not materialize the array only to get its size
 2026-01-18 18:28:35 +01:00
Dominik Stadler
e54ba888e2 Log instead of an assertion 
Issues which can be triggered by malformed documents
should not use "assert"
 2026-01-18 18:27:05 +01:00
Dominik Stadler
8df367310c Avoid some more NPEs on slightly broken documents 2026-01-18 18:27:05 +01:00
PJ Fanning
58ac8d05f0
throw exception if getAlpha returns very large value (that is too big for int) (#1000) 2026-01-17 15:09:06 +01:00
Jacobo Aragunde Pérez
372388b7ed
Support rendering transparent bitmaps in presentations. (#990) 
* Support rendering transparent bitmaps in presentations.

Add PictureShape.getAlpha() method and implementations for HSLF and
XSLF. Then make use of it in DrawPictureShape to apply the right alpha
value to the picture being drawn.

Fixed a bug in BitmapImageRenderer that considered alpha value 0 as
"fully opaque", when it means "fully transparent" instead.

Finally, added a test for this feature in TestDrawPictureShape for XSLF.
A test for HSLF could not be created because it was not possible to
generate a test file with today's tools; MS Office removes the
bitmap transparency effect when saving as .ppt, and LibreOffice blends
it into the bitmap.

* Address reviewer comments.

* Add comment about default alpha value.

* Prevent NPE in XSLFPictureShape.getAlpha().

* Change wording in comments to avoid the word "percentage".

* Use static vars for extreme alpha values.
 2026-01-17 13:47:09 +01:00
PJ Fanning
e3e04a641f
Fix missing newline at end of TestXSLFTextShape.java 
Add missing newline at the end of the file.
 2026-01-17 13:46:01 +01:00
Dominik Stadler
d72e3a608c Add a file-handler for .emf files 
These can be embedded in slideshows and POI supports
some handling of them.

Also Tika uses this code to extract some textual information
from such images.
 2026-01-16 18:49:27 +01:00
Dominik Stadler
1910fff53e Add a file-handler for .wmf files 
These can be embedded in slideshows and POI supports
some handling of them.

Also Tika uses this code to extract some textual information
from such images.
 2026-01-16 18:49:27 +01:00
Dominik Stadler
22531fe638 Prevent invalid height/width in wmf-images exhausting memory 
Introduce an adjustable limit of maximum number of pixels
for when drawing the image
 2026-01-16 18:49:27 +01:00
Dominik Stadler
9c2f487c98 Bug 69927: Avoid NPE when parsing wmf-file 
headerBitCount can be null if the header contains an
invalid flag
 2026-01-16 18:49:27 +01:00
Dominik Stadler
b09bf904d7 Fix running integration-tests without scratchpad-libraries 2026-01-16 18:49:27 +01:00
Dominik Stadler
2acb5cf66a Avoid several NPEs 
When retrieving picture data
When retrieving text in slides
When handling XSLFTableStyles
In EmbeddedExtractor if ShapeName is not set
In HSSF with invalid EscherSpRecord
In HSSF with invalid RecordStreams
When drawing arcs for shapes in slides
In HSSFPicture.getPictureIndex
Adjust "opens" for tests in poi-ooxml

Either handle it gracefully or throw
IllegalStateException instead for broken files
 2026-01-16 18:49:27 +01:00
dependabot[bot]
d60edd21a3
Bump net.bytebuddy:byte-buddy from 1.18.3 to 1.18.4 (#998) 
Bumps [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) from 1.18.3 to 1.18.4.
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.18.3...byte-buddy-1.18.4)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-version: 1.18.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-16 17:44:32 +01:00
PJ Fanning
fd4d143d44
XSSFReader: tolerate missing comments file (#996) 2026-01-14 21:06:26 +01:00
PJ Fanning
df2d5d62d9
rename param in ColumnHelper 
see #993
 2026-01-13 10:59:09 +01:00
Dominik Stadler
8cdcda2873 Avoid NPE when handling color-highlighting in text-runs 2026-01-12 06:48:24 +01:00
Dominik Stadler
18ef01295d Avoid some NPEs when handling LinkTables 2026-01-12 06:48:24 +01:00
Dominik Stadler
ac4295deac Avoid NPE when a row in a workbook was deleted and thus getRow() returns null 2026-01-12 06:48:23 +01:00
Dominik Stadler
d93a29ae67 Optimize handling of large XSSFTables 
The current implementation calls updateHeaders() very often
causing cloning a sheet to take very long with high CPU.

We can optimize a number of things here:
* Use getTableColumnArray() as the List-based methods
have very costly implementations of hasNext()/next()
* Avoid some duplicated calls to updateHeaders()

There are likely more aggressive optimizations like
only calling updateHeaders() once after cloning,
but this would require more invasive changes in this
rarely used code-area.
 2026-01-12 06:48:23 +01:00
Dominik Stadler
1fc4f9e3b7 Avoid ClastCastException when handling a broken ppt file 2026-01-12 06:48:23 +01:00
Dominik Stadler
b401b92aea Avoid NPE when reading a broken pptx file 2026-01-12 06:48:23 +01:00
Dominik Stadler
a5f5f4294e Avoid NPE when reading a broken xlsb file 
Throw a more useful exception instead
 2026-01-12 06:48:23 +01:00
PJ Fanning
ba04c61188 format methods 2026-01-11 10:34:54 +01:00
Dominik Stadler
f8a8189230 Use the proper add-method to perform the check for max number of children 
If adding is done without check it can trigger OOM when fuzzing.

This should fix https://issues.oss-fuzz.com/issues/391709145
 2026-01-10 13:14:34 +01:00
Dominik Stadler
95b2a1cf1d Avoid NPE with broken files when reading xls file 2026-01-10 13:14:34 +01:00
Dominik Stadler
017ff5f8f8 Implement lazy allocation of data for complex escher properties 
This may reduce memory usage if the content is never used
or not populated for some reason.

This should fix https://issues.oss-fuzz.com/issues/42528528
 2026-01-10 13:14:34 +01:00
PJ Fanning
cc8b6d7591 Update XWPFTheme.java 2026-01-09 14:35:59 +01:00
Jacobo Aragunde Pérez
6670c48c30
Add getter for body elements in XWPFSDTContent. (#991) 
* Add getter for body elements in XWPFSDTContent.

This getter allows to navigate the POI objects stored inside a
XWPFSDTContent object without resorting to navigating XML.

* Address comments in review.
 2026-01-09 13:28:30 +01:00
Etienne Gautier
aead782eb2
XWPF Themes: allow public access of theme and add helpers for theme fonts (#986) 
* allow public access of theme and add helpers for theme fonts

* nit:naming

* add javadoc and tests

* Fix formatting of getMajorFontForScript method

* Refactor font retrieval methods for null checks

* Update XWPFTheme.java

---------

Co-authored-by: PJ Fanning <pjfanning@users.noreply.github.com>
 2026-01-09 13:09:12 +01:00
Dominik Stadler
c94e795f35 Avoid NPE with broken files when writing endnotes for Word documents 
https://issues.oss-fuzz.com/issues/391728757
 2026-01-09 08:45:03 +01:00
Dominik Stadler
e9b33c0b08 Avoid NPE with broken files when writing endnotes for Word documents 
Fixes https://issues.oss-fuzz.com/issues/392690733
 2026-01-09 08:45:03 +01:00
Dominik Stadler
befc941dcf Avoid NPE with broken files when handling paint-style for fill 2026-01-09 08:45:03 +01:00
Dominik Stadler
ac989335d7 Avoid NPE with broken files when handling text-shapes 2026-01-09 08:45:03 +01:00
Dominik Stadler
0ec4434f59 Avoid NPE with broken file 2026-01-09 08:45:03 +01:00
Dominik Stadler
c28aec61d4 Avoid an NPE when reading broken SlideShow-files 2026-01-09 08:45:03 +01:00
Dominik Stadler
b195a3b9ed Avoid an NPE when OPCPackage is closed without being fully initialized 2026-01-06 22:47:00 +01:00
Dominik Stadler
ddf71d0984 Avoid two NPEs which were currently "expected" in tests 
When things go wrong, we always want to give an
explanation via an exception instead of an NPE.
 2026-01-06 22:47:00 +01:00
Dominik Stadler
fb75600872 Don't throw RuntimeException in integration-tests 
This prepares us to include the FileHandlers in fuzz-testing
via oss-fuzz while keeping to not expect any direct
RuntimeException being caught.
 2026-01-06 22:47:00 +01:00
PJ Fanning
4dadb9d6cc
Update copyright year in NOTICE file 2026-01-03 14:38:23 +01:00
PJ Fanning
e7515ba5e6 log4j 2.25.3 2025-12-29 13:29:43 +01:00
dependabot[bot]
c1fac56998
Bump log4jVersion from 2.24.3 to 2.25.3 (#975) 
Bumps `log4jVersion` from 2.24.3 to 2.25.3.

Updates `org.apache.logging.log4j:log4j-bom` from 2.24.3 to 2.25.3
- [Release notes](https://github.com/apache/logging-log4j2/releases)
- [Changelog](https://github.com/apache/logging-log4j2/blob/2.x/RELEASE-NOTES.adoc)
- [Commits](https://github.com/apache/logging-log4j2/compare/rel/2.24.3...rel/2.25.3)

Updates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.24.3 to 2.25.3

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-bom
  dependency-version: 2.25.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.apache.logging.log4j:log4j-slf4j2-impl
  dependency-version: 2.25.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-29 13:27:00 +01:00
PJ Fanning
3a56bbd73b Update TestDetectAsOOXML.java 2025-12-25 11:17:12 +01:00
dependabot[bot]
6d42ff955a
Bump net.bytebuddy:byte-buddy from 1.18.2 to 1.18.3 (#984) 
Bumps [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) from 1.18.2 to 1.18.3.
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.18.2...byte-buddy-1.18.3)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-version: 1.18.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-22 16:10:05 +01:00