https://bz.apache.org/bugzilla/show_bug.cgi?id=69705
--- Comment #3 from Dominik Stadler <dominik.stad...@gmx.at> ---
The error message tries to state how you can ignore this in your code if you
are sure the file is not malicious.
Please try the suggestion from the error-message and report back if that does
not work for you.
Related excerpt from the code showing the amount of information which should be
included in the error message:
private static final String MAX_ENTRY_SIZE_MSG =
"Zip bomb detected! The file would exceed the max size of the expanded
data in the zip-file.\n" +
"This may indicates that the file is used to inflate memory usage and
thus could pose a security risk.\n" +
"You can adjust this limit via ZipSecureFile.setMaxEntrySize() if you
need to work with files which are very large.\n" +
"Uncompressed size: %d, Raw/compressed size: %d\n" +
"Limits: MAX_ENTRY_SIZE: %d, Entry: %s";
private static final String MIN_INFLATE_RATIO_MSG =
"Zip bomb detected! The file would exceed the max. ratio of compressed
file size to the size of the expanded data.\n" +
"This may indicate that the file is used to inflate memory usage and
thus could pose a security risk.\n" +
"You can adjust this limit via ZipSecureFile.setMinInflateRatio() if
you need to work with files which exceed this limit.\n" +
"Uncompressed size: %d, Raw/compressed size: %d, ratio: %f\n" +
"Limits: MIN_INFLATE_RATIO: %f, Entry: %s";
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org
