Question

zip bomb detected when using pxParseExcelFile API while parsing an excel file

We are using pxParseExcelFile API activity in Pega platform 8.2 to parse an excel file containing around 50 odd columns and 100+ rows. But after invoking the activity with that amount of data we are getting the following exception in logs

"Parse failed for the uploaded file.Zip bomb detected! The file would exceed the max. ratio of compressed file size to the size of the expanded data.
This may indicate that the file is used to inflate memory usage and thus could pose a security risk.
You can adjust this limit via ZipSecureFile.setMinInflateRatio() if you need to work with files which exceed this limit.
Uncompressed size: 104251, Raw/compressed size: 1009, ratio: 0.009679
Limits: MIN_INFLATE_RATIO: 0.010000, Entry: xl/styles.xml "

My question is can we alter this MIN_INFLATE_RATIO thorough a DSS, does pega provide any such feature or extension ?

Group Tags

Comments

Keep up to date on this post and subscribe to comments

June 24, 2019 - 3:00am

SR raise : SR-D24952