vgauravk/sheetjs
1
Fork 0
forked from sheetjs/sheetjs
Code Pull Requests 1 Activity

Fix for CVE-2023-30533 #1

Open
vgauravk wants to merge 3 commits from Fix-v0185 into v0185
pull from: Fix-v0185
merge into: vgauravk:v0185
Conversation 0 Commits 3 Files Changed 7 +15
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 2a9a6f2390 - Show all commits

15
test.js
View File

@ -1769,6 +1769,21 @@ describe('invalid files', function() {
wb.SheetNames.push(wb.SheetNames[0]);
assert.throws(function() { X.write(wb, {type:'binary'}); });
});
it('should fail if sheet name is not valid', function() {
var names = [
"", // cannot be blank
"abcdefghijklmnopqrstuvwxyz1234567890", // cannot exceed 31 chars
"'sheetjs", "sheetjs'", // cannot start or end with apostrophe
"History", // cannot be History
"Sheet:JS", "Sheet]JS", "Sheet[JS", "Sheet*JS", // bad characters
"Sheet?JS", "Sheet\\JS", "Sheet\/JS"
];
names.forEach(function(n) { assert.throws(function() {
var wb = { SheetNames: [n], Sheets: {} };
wb.Sheets[n] = X.utils.aoa_to_sheet([["SheetJS"]]);
X.write(wb, {type:"binary", bookType:"xlsx"});
}); });
});
});
});