お世話になっております。
jetと申します。
早速ですが、現在freegenの機能でexcelを読み込んで処理をしている箇所があるのですが、
excelのファイルサイズが450kbyte程度を超えると
poiのzip bomb検出機能が働いて、例外が発生する場合があります。
この例外はpoiの保護機能なので、
ZipSecureFile.setMinInflateRatio()で0を指定すると無効にできるようなのですが、
そういった設定をすることは可能でしょうか。
例外のスタックトレースは以下の通りです。
2021-04-19 15:58:26,644 [main] INFO (DfDataSourceHandler#prepare():81) - user = freegen
2021-04-19 15:58:33,928 [main] ERROR (DfDBFluteTaskUtil#logException():150) - Look! Read the message below.
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Failed to execute DBFlute Task 'df-freegen'.
[Advice]
Check the exception messages and the stack traces.
* * * * * * * * * */
java.lang.IllegalStateException: Failed to create workbook: ..\excel\client\src\app\bus\l3.xlsx
at org.dbflute.helper.io.xls.DfXlsFactory.createXSSFWorkbook(DfXlsFactory.java:104)
at org.dbflute.helper.io.xls.DfXlsFactory.createWorkbook(DfXlsFactory.java:82)
at org.dbflute.logic.manage.freegen.table.xls.DfXlsTableLoader.loadTable(DfXlsTableLoader.java:103)
at org.dbflute.logic.manage.freegen.DfFreeGenInitializer.initialize(DfFreeGenInitializer.java:94)
at org.dbflute.task.manage.DfFreeGenTask.prepareFreeGenRequestList(DfFreeGenTask.java:99)
at org.dbflute.task.manage.DfFreeGenTask.doExecute(DfFreeGenTask.java:89)
at org.dbflute.task.bs.DfAbstractTexenTask$1.callActualExecute(DfAbstractTexenTask.java:129)
at org.dbflute.task.bs.assistant.DfTaskBasicController.doExecute(DfTaskBasicController.java:192)
at org.dbflute.task.bs.assistant.DfTaskBasicController.execute(DfTaskBasicController.java:78)
at org.dbflute.task.bs.DfAbstractTexenTask.execute(DfAbstractTexenTask.java:151)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:288)
at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:105)
at org.apache.tools.ant.Task.perform(Task.java:348)
at org.apache.tools.ant.Target.execute(Target.java:357)
at org.apache.tools.ant.Target.performTasks(Target.java:385)
at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1329)
at org.apache.tools.ant.Project.executeTarget(Project.java:1298)
at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:41)
at org.apache.tools.ant.Project.executeTargets(Project.java:1181)
at org.apache.tools.ant.Main.runBuild(Main.java:698)
at org.apache.tools.ant.Main.startAnt(Main.java:199)
at org.apache.tools.ant.launch.Launcher.run(Launcher.java:257)
at org.apache.tools.ant.launch.Launcher.main(Launcher.java:104)
Caused by: org.dbflute.util.DfReflectionUtil$ReflectionFailureException: The InvocationTargetException occurred: public org.apache.poi.xssf.usermodel.XSSFWorkbook(java.io.InputStream) throws java.io.IOException
at org.dbflute.util.DfReflectionUtil.newInstance(DfReflectionUtil.java:144)
at org.dbflute.helper.io.xls.DfXlsFactory.createXSSFWorkbook(DfXlsFactory.java:100)
... 25 more
Caused by: java.io.IOException: Zip bomb detected! The file would exceed the max. ratio of compressed file size to the size of the expanded data.
This may indicate that the file is used to inflate memory usage and thus could pose a security risk.
You can adjust this limit via ZipSecureFile.setMinInflateRatio() if you need to work with files which exceed this limit.
Uncompressed size: 358495, Raw/compressed size: 3584, ratio: 0.009997
Limits: MIN_INFLATE_RATIO: 0.010000, Entry: xl/styles.xml
at org.apache.poi.openxml4j.util.ZipArchiveThresholdInputStream.checkThreshold(ZipArchiveThresholdInputStream.java:132)
at org.apache.poi.openxml4j.util.ZipArchiveThresholdInputStream.read(ZipArchiveThresholdInputStream.java:82)
at org.apache.poi.util.IOUtils.toByteArray(IOUtils.java:182)
at org.apache.poi.util.IOUtils.toByteArray(IOUtils.java:149)
at org.apache.poi.openxml4j.util.ZipArchiveFakeEntry.<init>(ZipArchiveFakeEntry.java:47)
at org.apache.poi.openxml4j.util.ZipInputStreamZipEntrySource.<init>(ZipInputStreamZipEntrySource.java:53)
at org.apache.poi.openxml4j.opc.ZipPackage.<init>(ZipPackage.java:106)
at org.apache.poi.openxml4j.opc.OPCPackage.open(OPCPackage.java:307)
at org.apache.poi.ooxml.util.PackageHelper.open(PackageHelper.java:47)
at org.apache.poi.xssf.usermodel.XSSFWorkbook.<init>(XSSFWorkbook.java:309)
at sun.reflect.GeneratedConstructorAccessor30.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at org.dbflute.util.DfReflectionUtil.newInstance(DfReflectionUtil.java:135)
... 26 more