Package org.apache.poi.openxml4j.util

Class ZipSecureFile

    • Constructor Detail

      • ZipSecureFile

        public ZipSecureFile​(java.io.File file)
              throws java.io.IOException
        Throws:
        java.io.IOException

      • ZipSecureFile

        public ZipSecureFile​(java.lang.String name)
              throws java.io.IOException
        Throws:
        java.io.IOException

    • Method Detail

      • setMinInflateRatio

        public static void setMinInflateRatio​(double ratio)
        Sets the ratio between de- and inflated bytes to detect zipbomb. It defaults to 1% (= 0.01d), i.e. when the compression is better than 1% for any given read package part, the parsing will fail indicating a Zip-Bomb.
        Parameters:
        ratio - the ratio between de- and inflated bytes to detect zipbomb

      • getMinInflateRatio

        public static double getMinInflateRatio()
        Returns the current minimum compression rate that is used. See setMinInflateRatio() for details.
        Returns:
        The min accepted compression-ratio.

      • setMaxEntrySize

        public static void setMaxEntrySize​(long maxEntrySize)
        Sets the maximum file size of a single zip entry. It defaults to 4GB, i.e. the 32-bit zip format maximum. This can be used to limit memory consumption and protect against security vulnerabilities when documents are provided by users.
        Parameters:
        maxEntrySize - the max. file size of a single zip entry

      • getMaxEntrySize

        public static long getMaxEntrySize()
        Returns the current maximum allowed uncompressed file size. See setMaxEntrySize() for details.
        Returns:
        The max accepted uncompressed file size.

      • setMaxTextSize

        public static void setMaxTextSize​(long maxTextSize)
        Sets the maximum number of characters of text that are extracted before an exception is thrown during extracting text from documents. This can be used to limit memory consumption and protect against security vulnerabilities when documents are provided by users.
        Parameters:
        maxTextSize - the max. file size of a single zip entry

      • getMaxTextSize

        public static long getMaxTextSize()
        Returns the current maximum allowed text size. See setMaxTextSize() for details.
        Returns:
        The max accepted text size.

      • getInputStream

        public ZipArchiveThresholdInputStream getInputStream​(ZipArchiveEntry entry)
                                              throws java.io.IOException
        Returns an input stream for reading the contents of the specified zip file entry.

        Closing this ZIP file will, in turn, close all input streams that have been returned by invocations of this method.

        Overrides:
        getInputStream in class ZipFile
        Parameters:
        entry - the zip file entry
        Returns:
        the input stream for reading the contents of the specified zip file entry.
        Throws:
        java.io.IOException - if an I/O error has occurred
        java.lang.IllegalStateException - if the zip file has been closed

      • getName

        public java.lang.String getName()
        Returns the path name of the ZIP file.
        Returns:
        the path name of the ZIP file