MCPcopy Index your code
hub / github.com/simstudioai/sim / assertOoxmlArchiveWithinLimits

Function assertOoxmlArchiveWithinLimits

apps/sim/lib/file-parsers/zip-guard.ts:230–270  ·  view source on GitHub ↗
(
  buffer: Buffer,
  limits: OoxmlSizeLimits = DEFAULT_OOXML_SIZE_LIMITS
)

Source from the content-addressed store, hash-verified

228 * downstream parser's own validation and fallbacks.
229 */
230export function assertOoxmlArchiveWithinLimits(
231 buffer: Buffer,
232 limits: OoxmlSizeLimits = DEFAULT_OOXML_SIZE_LIMITS
233): void {
234 const totalUncompressed = sumDeclaredUncompressedSize(buffer, limits.maxTotalUncompressedBytes)
235 if (totalUncompressed === null) {
236 if (isZipShaped(buffer)) {
237 logger.warn('Rejected ZIP-shaped archive: central directory could not be parsed', {
238 compressedBytes: buffer.length,
239 })
240 throw new ZipBombError(
241 'Unable to inspect ZIP central directory; refusing to parse an unverifiable ZIP-shaped archive'
242 )
243 }
244 return
245 }
246
247 if (totalUncompressed > limits.maxTotalUncompressedBytes) {
248 logger.warn('Rejected OOXML archive: declared expanded size exceeds limit', {
249 totalUncompressed,
250 maxTotalUncompressedBytes: limits.maxTotalUncompressedBytes,
251 compressedBytes: buffer.length,
252 })
253 throw new ZipBombError(
254 `Decompressed size (${totalUncompressed} bytes) exceeds the maximum allowed ${limits.maxTotalUncompressedBytes} bytes`
255 )
256 }
257
258 const ratio = totalUncompressed / Math.max(buffer.length, 1)
259 if (totalUncompressed > limits.ratioCheckFloorBytes && ratio > limits.maxCompressionRatio) {
260 logger.warn('Rejected OOXML archive: compression ratio exceeds limit', {
261 totalUncompressed,
262 compressedBytes: buffer.length,
263 ratio,
264 maxCompressionRatio: limits.maxCompressionRatio,
265 })
266 throw new ZipBombError(
267 `Compression ratio (${ratio.toFixed(1)}x) exceeds the maximum allowed ${limits.maxCompressionRatio}x`
268 )
269 }
270}

Callers 4

parseBufferMethod · 0.90
parseBufferMethod · 0.90
zip-guard.test.tsFile · 0.90
parseBufferMethod · 0.90

Calls 3

isZipShapedFunction · 0.85
warnMethod · 0.65

Tested by

no test coverage detected