( buffer: Buffer, limits: OoxmlSizeLimits = DEFAULT_OOXML_SIZE_LIMITS )
| 228 | * downstream parser's own validation and fallbacks. |
| 229 | */ |
| 230 | export function assertOoxmlArchiveWithinLimits( |
| 231 | buffer: Buffer, |
| 232 | limits: OoxmlSizeLimits = DEFAULT_OOXML_SIZE_LIMITS |
| 233 | ): void { |
| 234 | const totalUncompressed = sumDeclaredUncompressedSize(buffer, limits.maxTotalUncompressedBytes) |
| 235 | if (totalUncompressed === null) { |
| 236 | if (isZipShaped(buffer)) { |
| 237 | logger.warn('Rejected ZIP-shaped archive: central directory could not be parsed', { |
| 238 | compressedBytes: buffer.length, |
| 239 | }) |
| 240 | throw new ZipBombError( |
| 241 | 'Unable to inspect ZIP central directory; refusing to parse an unverifiable ZIP-shaped archive' |
| 242 | ) |
| 243 | } |
| 244 | return |
| 245 | } |
| 246 | |
| 247 | if (totalUncompressed > limits.maxTotalUncompressedBytes) { |
| 248 | logger.warn('Rejected OOXML archive: declared expanded size exceeds limit', { |
| 249 | totalUncompressed, |
| 250 | maxTotalUncompressedBytes: limits.maxTotalUncompressedBytes, |
| 251 | compressedBytes: buffer.length, |
| 252 | }) |
| 253 | throw new ZipBombError( |
| 254 | `Decompressed size (${totalUncompressed} bytes) exceeds the maximum allowed ${limits.maxTotalUncompressedBytes} bytes` |
| 255 | ) |
| 256 | } |
| 257 | |
| 258 | const ratio = totalUncompressed / Math.max(buffer.length, 1) |
| 259 | if (totalUncompressed > limits.ratioCheckFloorBytes && ratio > limits.maxCompressionRatio) { |
| 260 | logger.warn('Rejected OOXML archive: compression ratio exceeds limit', { |
| 261 | totalUncompressed, |
| 262 | compressedBytes: buffer.length, |
| 263 | ratio, |
| 264 | maxCompressionRatio: limits.maxCompressionRatio, |
| 265 | }) |
| 266 | throw new ZipBombError( |
| 267 | `Compression ratio (${ratio.toFixed(1)}x) exceeds the maximum allowed ${limits.maxCompressionRatio}x` |
| 268 | ) |
| 269 | } |
| 270 | } |
no test coverage detected