Java Code Examples for org.apache.poi.openxml4j.util.ZipSecureFile#setMinInflateRatio()

@Test
public void testZipBombConfiguration_Default() throws Exception {

  // First set some random values
  Long bogusMaxEntrySize = 1000L;
  ZipSecureFile.setMaxEntrySize( bogusMaxEntrySize );
  Long bogusMaxTextSize = 1000L;
  ZipSecureFile.setMaxTextSize( bogusMaxTextSize );
  Double bogusMinInflateRatio = 0.5d;
  ZipSecureFile.setMinInflateRatio( bogusMinInflateRatio );

  // Verify that the bogus values were set
  assertEquals( bogusMaxEntrySize, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( bogusMaxTextSize, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( bogusMinInflateRatio, (Double) ZipSecureFile.getMinInflateRatio() );

  // Initializing the ExcelInput transform should make the new values to be set
  meta.setSpreadSheetType( SpreadSheetType.SAX_POI );
  init( "Balance_Type_Codes.xlsx" );

  // Verify that the default values were used
  assertEquals( Const.HOP_ZIP_MAX_ENTRY_SIZE_DEFAULT, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( Const.HOP_ZIP_MAX_TEXT_SIZE_DEFAULT, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( Const.HOP_ZIP_MIN_INFLATE_RATIO_DEFAULT, (Double) ZipSecureFile.getMinInflateRatio() );
}
 

@Test
public void testZipBombConfiguration_Default() throws Exception {

  // First set some random values
  Long bogusMaxEntrySize = 1000L;
  ZipSecureFile.setMaxEntrySize( bogusMaxEntrySize );
  Long bogusMaxTextSize = 1000L;
  ZipSecureFile.setMaxTextSize( bogusMaxTextSize );
  Double bogusMinInflateRatio = 0.5d;
  ZipSecureFile.setMinInflateRatio( bogusMinInflateRatio );

  // Verify that the bogus values were set
  assertEquals( bogusMaxEntrySize, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( bogusMaxTextSize, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( bogusMinInflateRatio, (Double) ZipSecureFile.getMinInflateRatio() );

  // Initializing the ExcelInput transform should make the new values to be set
  meta.setSpreadSheetType( SpreadSheetType.SAX_POI );
  init( "Balance_Type_Codes.xlsx" );

  // Verify that the default values were used
  assertEquals( Const.HOP_ZIP_MAX_ENTRY_SIZE_DEFAULT, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( Const.HOP_ZIP_MAX_TEXT_SIZE_DEFAULT, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( Const.HOP_ZIP_MIN_INFLATE_RATIO_DEFAULT, (Double) ZipSecureFile.getMinInflateRatio() );
}
 

static void writeByLocalOrBrowser(HttpServletResponse response, String fileName, SXSSFWorkbook wb, OutputStream out) {
    try {
        ZipSecureFile.setMinInflateRatio(0L);
        if (response != null) {
            // response对象不为空,响应到浏览器下载
            response.setContentType(FebsConstant.XLSX_CONTENT_TYPE);
            response.setHeader("Content-disposition", "attachment; filename="
                    + URLEncoder.encode(String.format("%s%s", fileName, FebsConstant.XLSX_SUFFIX), "UTF-8"));
            if (out == null) {
                out = response.getOutputStream();
            }
        }
        wb.write(out);
        out.flush();
        out.close();
    } catch (Exception e) {
        log.error(e.getMessage());
    }

}
 

@Test
public void testZipBombConfiguration_Default() throws Exception {

  // First set some random values
  Long bogusMaxEntrySize = 1000L;
  ZipSecureFile.setMaxEntrySize( bogusMaxEntrySize );
  Long bogusMaxTextSize = 1000L;
  ZipSecureFile.setMaxTextSize( bogusMaxTextSize );
  Double bogusMinInflateRatio = 0.5d;
  ZipSecureFile.setMinInflateRatio( bogusMinInflateRatio );

  // Verify that the bogus values were set
  assertEquals( bogusMaxEntrySize, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( bogusMaxTextSize, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( bogusMinInflateRatio, (Double) ZipSecureFile.getMinInflateRatio() );

  // Initializing the ExcelInput step should make the new values to be set
  meta.setSpreadSheetType( SpreadSheetType.SAX_POI );
  System.setProperty( Const.KETTLE_XLSX_ZIP_BOMB_CHECK, Boolean.TRUE.toString() );
  init( "Balance_Type_Codes.xlsx" );

  // Verify that the default values were used
  assertEquals( Const.KETTLE_ZIP_MAX_ENTRY_SIZE_DEFAULT, (Long) ZipSecureFile.getMaxEntrySize() );
  assertEquals( Const.KETTLE_ZIP_MAX_TEXT_SIZE_DEFAULT, (Long) ZipSecureFile.getMaxTextSize() );
  assertEquals( Const.KETTLE_ZIP_MIN_INFLATE_RATIO_DEFAULT, (Double) ZipSecureFile.getMinInflateRatio() );
}
 

@Test
public void testZipBombConfiguration_CheckDisabled() throws Exception {

  Double bogusMinInflateRatio = 0.5d;
  ZipSecureFile.setMinInflateRatio( bogusMinInflateRatio );

  // Verify the Min Inflate Ratio was set
  assertEquals( bogusMinInflateRatio, (Double) ZipSecureFile.getMinInflateRatio() );

  // Initializing the ExcelInput step should make the new values to be set
  meta.setSpreadSheetType( SpreadSheetType.SAX_POI );
  // Disabling the zip bomb checking property
  System.setProperty( Const.KETTLE_XLSX_ZIP_BOMB_CHECK, Boolean.FALSE.toString() );
  init( "Balance_Type_Codes.xlsx" );

  assertEquals( Const.KETTLE_ZIP_NEGATIVE_MIN_INFLATE, (Double) ZipSecureFile.getMinInflateRatio() );
}
 

@SuppressWarnings("serial")
@Test
public void testDocxTemplateRender() throws Exception {

    // TimeUnit.SECONDS.sleep(20);

    Map<String, Object> datas = new HashMap<String, Object>() {
        {
            // 循环合并模板
            put("docx_template", new DocxRenderData(
                    new File("src/test/resources/template/render_include_merge_template.docx"), dataList));
        }
    };

    // Zip Bomb detected
    ZipSecureFile.setMinInflateRatio(-1.0d);

    XWPFTemplate template = XWPFTemplate.compile("src/test/resources/template/render_include.docx")
            .render(datas);

    template.writeToFile("out_issue_329.docx");

    //System.out.println("game over................");

    //TimeUnit.SECONDS.sleep(10);

}