| Summary: | AgileDecryptor cycles | ||
|---|---|---|---|
| Product: | POI | Reporter: | Tom K. <t0m.k> |
| Component: | POIFS | Assignee: | POI Developers List <dev> |
| Status: | RESOLVED WORKSFORME | ||
| Severity: | trivial | ||
| Priority: | P2 | ||
| Version: | 3.8-dev | ||
| Target Milestone: | --- | ||
| Hardware: | PC | ||
| OS: | All | ||
| Bug Depends on: | 55818 | ||
| Bug Blocks: | |||
| Attachments: |
file cannot be opened by POI
Code and xlsx file to reproduce |
||
|
Description
Tom K.
2011-08-05 12:49:23 UTC
(In reply to comment #0) > org.apache.poi.poifs.crypt.AgileDecryptor.ChunkedCipherInputStream.read(byte[], > int, int) does not finish if there are less bytes left in the stream than > requested by 3rd method parameter. It should also return -1 if no bytes were > read because of end of stream. This situation can happen when there are padding bytes and the stream is *longer* than the actual data. Can you upload a test case that shows the problem: I can't reproduce the problem with my MS Office 2010. As of r1293784, POI provides Decryptor#getLength() that returns length of the decrypted data stream. You should change your code to read this length instead of reading to the end of the stream, it should always work. Yegor Created attachment 28743 [details]
file cannot be opened by POI
I found some xls files cannot be opened with the POI methods. However Office and Openoffice can open them.
These files are publicated by a fantasy football site and I suppose that they are created intentionally in this way, in order to avoid that their data could be taken by competitor applications.
Is known it's possible to realize excel files in this way?
Thanks a lot
Hi Yegor, I've run into this when I tried just to save decrypted version of a file without actually examining its contents. When we've started to actually parse the file using other POI stuff, this bug never occurred. I'll attach code to reproduce... Created attachment 28759 [details]
Code and xlsx file to reproduce
The testcase.zip file contains encrypted xlsx file and TestDecryptor class with main method which save decrypted content of a file in another file.
There's also FixedAgileDecryptor class which is slightly adjusted POI AgileDecryptor, but with the cycling fixed. I don't remember anymore what I've changed in there, but it were just few lines... (it's AgileDecryptor from 3.8 beta4)
In the ChunkedCipherInputStream.read method there was a fix as part of #55818 - so I assume this issue has been fixed there.
The first attachment (Voti_37a_SerieA.xls) is a html file, which can be handled by Libre Office and MS Excel (but not MS Excel Viewer), so it's not relevant for this bug report.
The second attachment can be successfully read with the attached TestDecryptor-code and the following code ... so this works-for-me ;)
NPOIFSFileSystem fs = new NPOIFSFileSystem(new File("encrypted.xlsx"));
EncryptionInfo info = new EncryptionInfo(fs);
Decryptor d = Decryptor.getInstance(info);
assertTrue(d.verifyPassword("aaa"));
InputStream is = d.getDataStream(fs);
XSSFWorkbook wb = new XSSFWorkbook(is);
is.close();
Iterator<Row> row = wb.getSheetAt(0).rowIterator();
while (row.hasNext()) {
Cell c = row.next().getCell(0);
if (c == null) continue;
System.out.println(c.getStringCellValue());
}
|