pashko/apache-poi
1
0
Fork 0
mirror of https://github.com/apache/poi.git synced 2026-02-27 20:40:08 +08:00
Code Issues Packages Projects Releases Wiki Activity
13,748 Commits 30 Branches 105 Tags
Commit Graph

13748 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
PJ Fanning
cfb713df29 use javadocs.dev 2026-02-22 23:53:35 +01:00
Dominik Stadler
44598bd030 Avoid OOM with incorrect property sizes 
Add allocation check to verify size >= 0 and < 1mio
Also reformat code to match general coding style

Fixes https://issues.oss-fuzz.com/issues/485091380
 2026-02-21 15:39:55 +01:00
Dominik Stadler
23369586da Avoid assertion when handling slightly corrupted emf-file 
Also remove methods which are identical to the ones in the super-class

Fixes https://issues.oss-fuzz.com/issues/486039135
 2026-02-21 15:39:54 +01:00
Dominik Stadler
9d9865c9b8 Avoid NPE when handling diagrams in pptx 
Fixes https://issues.oss-fuzz.com/issues/484589690
 2026-02-21 15:39:54 +01:00
Dominik Stadler
e9e9612a1f Avoid ClassCastException when reading headers of EMF files 2026-02-21 15:39:54 +01:00
Dominik Stadler
1594baf696 Avoid NPE when updating cell-anchors 2026-02-21 15:39:54 +01:00
Dominik Stadler
839ce4a0f4 Avoid NPE in HSSFShapeGroup.setShapeId() 2026-02-21 15:39:54 +01:00
Dominik Stadler
260b22fb09 Handle slightly broken file with empty BlipFill properly 2026-02-21 15:39:54 +01:00
PJ Fanning
ac4e3c199e more HSSFEventFactory changes 2026-02-20 20:19:10 +01:00
PJ Fanning
a1f6f2786f Update RecordFactoryInputStream.java 2026-02-20 19:55:49 +01:00
PJ Fanning
b923655b43 update tests 2026-02-20 19:48:56 +01:00
PJ Fanning
6b72a2dff3 Update DocumentInputStream.java 2026-02-20 19:46:56 +01:00
PJ Fanning
c7976440c3 Update TestRecordFactoryInputStream.java 2026-02-20 15:10:26 +01:00
PJ Fanning
811eb4a4a8
support reading HSSFWorkbook with password passed as param (#1016) 
* support reading HSSFWorkbook with password passed as param

Update HSSFWorkbook.java

* npe issue

* remove one use of Biff8EncryptionKey

* extractor api

* support changing passwords
 2026-02-20 15:06:33 +01:00
PJ Fanning
6ba4a1b050 Update TestDocumentEncryption.java 2026-02-20 14:52:28 +01:00
PJ Fanning
4efa2b7162 Update OldExcelExtractor.java 2026-02-20 13:47:36 +01:00
PJ Fanning
139321c5e9 Update HSSFWorkbook.java 2026-02-20 12:28:29 +01:00
PJ Fanning
6a9224385e deprecate unnecessary constructor 2026-02-20 12:25:18 +01:00
PJ Fanning
df5604a1d7
check input stream read params (#1012) 2026-02-17 09:20:28 +01:00
PJ Fanning
eafd6c04b8 Update security.xml 2026-02-16 19:59:54 +01:00
dependabot[bot]
e340f313bc
Bump net.bytebuddy:byte-buddy-agent from 1.18.4 to 1.18.5 (#1009) 
Bumps [net.bytebuddy:byte-buddy-agent](https://github.com/raphw/byte-buddy) from 1.18.4 to 1.18.5.
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.18.4...byte-buddy-1.18.5)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy-agent
  dependency-version: 1.18.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-16 16:33:31 +01:00
Dominik Stadler
bc02ef0703 Avoid NPE with malformed wmf headers 2026-02-14 21:26:00 +01:00
Dominik Stadler
692caf0f36 Avoid NPE with malformed master-style 2026-02-14 21:26:00 +01:00
Dominik Stadler
e96c9e17c0 Avoid NPE with malformed EscherAggregate 2026-02-14 21:26:00 +01:00
Dominik Stadler
55c1608a2d Avoid NPE with malformed anchors in slideshow files 2026-02-14 21:26:00 +01:00
Dominik Stadler
5338b17a8f Avoid NPE with malformed Visio diagram 
Fixes https://issues.oss-fuzz.com/issues/477312394
 2026-02-14 21:26:00 +01:00
Dominik Stadler
c92c533d7a Prevent large allocations when writing PPDrawing items 
Add an allocation check which can be disabled if necessary.

Fixes https://issues.oss-fuzz.com/issues/477289649 and https://issues.oss-fuzz.com/issues/479564936
 2026-02-14 21:26:00 +01:00
Yongho Hwang
8d53613bcf
Bug 69935: Add short-based column setters to ClientAnchor (#1006) 
* Bug 69935: Add short-based column setters to ClientAnchor

Introduce short-based column setters on ClientAnchor to complement the existing int-based setters and improve Kotlin property support.

- Add default short setters setCol1(short) and setCol2(short) that delegate to the existing int-based setters.
- Add TestClientAnchorShortSetter to verify both the new short-based setters and the existing int-based setters.

Tests:
- ./gradlew :poi:test --tests 'org.apache.poi.ss.usermodel.TestClientAnchorShortSetter'

* Replace @since TBD with 6.0.0

* Add license header to TestClieAdd ASF license header to TestClientAnchorShortSetterntAnchorShortSetter.java

Added license header to TestClientAnchorShortSetter.java
 2026-02-14 09:50:52 +01:00
Dominik Stadler
62ae400993 Do not call getColumn() twice 
It always iterates over the array of columns, so we
should reuse the result here.
 2026-02-02 18:15:11 +01:00
Dominik Stadler
ae3ed57baa Prevent a file-handle leak 
File-handles could leak when an exception occurs during
class initialization when loading an broken workbook-file
 2026-02-02 18:15:10 +01:00
dependabot[bot]
8f149f51d0
Bump commons-codec:commons-codec from 1.20.0 to 1.21.0 (#1004) 
Bumps [commons-codec:commons-codec](https://github.com/apache/commons-codec) from 1.20.0 to 1.21.0.
- [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt)
- [Commits](https://github.com/apache/commons-codec/compare/rel/commons-codec-1.20.0...rel/commons-codec-1.21.0)

---
updated-dependencies:
- dependency-name: commons-codec:commons-codec
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-30 18:10:06 +01:00
Dominik Stadler
ab196a7441 Use log instead of assert when parsing emf-files 
Assert effectively hides problem in provided input files.
 2026-01-24 14:47:30 +01:00
Dominik Stadler
da3d64d9e3 Add an NPE check when retrieving fonts for bullet-items 2026-01-24 14:47:30 +01:00
Dominik Stadler
04f4c1fa74 Avoid NPE when retrieving sheets by name with invalid name 2026-01-24 14:47:30 +01:00
Dominik Stadler
513a805c25 Describe where to get the latest spotbugs 2026-01-24 14:47:26 +01:00
Dominik Stadler
0ae15edb2c Perform an allocation-check for .emf files 2026-01-24 14:45:16 +01:00
Dominik Stadler
5eba199642 Fix tests for no-scratchpad 2026-01-18 20:53:44 +01:00
Dominik Stadler
0de8ecd6a0 Recent tests add one more file to ooxml-lite 2026-01-18 20:53:44 +01:00
Dominik Stadler
d1f3f9489f Add check for too large allocation in SharedFormulaGroup 
A malformed spreadsheet could trigger a very large allocation.

Can be overruled by users via IOUtils.setByteArrayMaxOverride().

Fixes https://issues.oss-fuzz.com/issues/476431391
 2026-01-18 18:28:36 +01:00
Dominik Stadler
d1f0a88ea1 Avoid NPE in XSLFDiagram 
Throw IllegalStateException instead

Fixes https://issues.oss-fuzz.com/issues/476184825
 2026-01-18 18:28:36 +01:00
Dominik Stadler
beab88fb0e Remove obsolete if-condition 
All branches perform the same action now anyway
 2026-01-18 18:28:36 +01:00
Dominik Stadler
66109187d1 Only allocate the required size for EscherComplexProperty 
Otherwise a malformed document can cause OOM by reserving
large chunks of memory, but only using little of it.

This fixes https://issues.oss-fuzz.com/issues/476184826
 2026-01-18 18:28:36 +01:00
Dominik Stadler
c9b37678cc Introduce getComplexSize() 
To not materialize the array only to get its size
 2026-01-18 18:28:35 +01:00
Dominik Stadler
e54ba888e2 Log instead of an assertion 
Issues which can be triggered by malformed documents
should not use "assert"
 2026-01-18 18:27:05 +01:00
Dominik Stadler
8df367310c Avoid some more NPEs on slightly broken documents 2026-01-18 18:27:05 +01:00
PJ Fanning
58ac8d05f0
throw exception if getAlpha returns very large value (that is too big for int) (#1000) 2026-01-17 15:09:06 +01:00
Jacobo Aragunde Pérez
372388b7ed
Support rendering transparent bitmaps in presentations. (#990) 
* Support rendering transparent bitmaps in presentations.

Add PictureShape.getAlpha() method and implementations for HSLF and
XSLF. Then make use of it in DrawPictureShape to apply the right alpha
value to the picture being drawn.

Fixed a bug in BitmapImageRenderer that considered alpha value 0 as
"fully opaque", when it means "fully transparent" instead.

Finally, added a test for this feature in TestDrawPictureShape for XSLF.
A test for HSLF could not be created because it was not possible to
generate a test file with today's tools; MS Office removes the
bitmap transparency effect when saving as .ppt, and LibreOffice blends
it into the bitmap.

* Address reviewer comments.

* Add comment about default alpha value.

* Prevent NPE in XSLFPictureShape.getAlpha().

* Change wording in comments to avoid the word "percentage".

* Use static vars for extreme alpha values.
 2026-01-17 13:47:09 +01:00
PJ Fanning
e3e04a641f
Fix missing newline at end of TestXSLFTextShape.java 
Add missing newline at the end of the file.
 2026-01-17 13:46:01 +01:00
Dominik Stadler
d72e3a608c Add a file-handler for .emf files 
These can be embedded in slideshows and POI supports
some handling of them.

Also Tika uses this code to extract some textual information
from such images.
 2026-01-16 18:49:27 +01:00
Dominik Stadler
1910fff53e Add a file-handler for .wmf files 
These can be embedded in slideshows and POI supports
some handling of them.

Also Tika uses this code to extract some textual information
from such images.
 2026-01-16 18:49:27 +01:00