Posted: 18 Jun 2019 4:54 EDT Last activity: 22 Jul 2019 10:23 EDT
zip bomb detected when using pxParseExcelFile API while parsing an excel file
We are using pxParseExcelFile API activity in Pega platform 8.2 to parse an excel file containing around 50 odd columns and 100+ rows. But after invoking the activity with that amount of data we are getting the following exception in logs
"Parse failed for the uploaded file.Zip bomb detected! The file would exceed the max. ratio of compressed file size to the size of the expanded data.
This may indicate that the file is used to inflate memory usage and thus could pose a security risk.
You can adjust this limit via ZipSecureFile.setMinInflateRatio() if you need to work with files which exceed this limit.
Uncompressed size: 104251, Raw/compressed size: 1009, ratio: 0.009679
Limits: MIN_INFLATE_RATIO: 0.010000, Entry: xl/styles.xml "
My question is can we alter this MIN_INFLATE_RATIO thorough a DSS, does pega provide any such feature or extension ?