We are using the Identity Portal to run certification campaigns.
After uploading the excel file containing the items to approve/reject, we are getting the following error message:
18:28:57,974 INFO [com.idmlogic.sigma.manager.impl.SpreadsheetManagerBean] (default task-2188) Uploading file: Certification_Spreadsheet_2023_08_04.xlsx ...
18:28:58,935 INFO [com.idmlogic.sigma.manager.impl.SpreadsheetManagerBean] (default task-2188) Uploading file: Certification_Spreadsheet_2023_08_04.xlsx
18:28:58,971 ERROR [com.idmlogic.sigma.manager.impl.SpreadsheetManagerBean] (default task-2188) Failed to upload the Excel Spreadsheet... Zip bomb detected! The file would exceed the max. ratio of compressed file size to the size of the expanded data.\nThis may indicate that the file is used to inflate memory usage and thus could pose a security risk.\nYou can adjust this limit via ZipSecureFile.setMinInflateRatio() if you need to work with files which exceed this limit.\nUncompressed size: 480497, Raw/compressed size: 4803, ratio: 0.009996\nLimits: MIN_INFLATE_RATIO: 0.010000, Entry: xl/styles.xml
18:28:58,974 ERROR [com.idmlogic.sigma.workers.utils.ExceptionsHelper] (default task-2188) : ErrorCode: 0, ErrorFamily: GENERAL, Message: com.idmlogic.sigma.backend.exceptions.BackendException: Failed to upload the Excel Spreadsheet... Zip bomb detected! The file would exceed the max. ratio of compressed file size to the size of the expanded data.
This may indicate that the file is used to inflate memory usage and thus could pose a security risk.
You can adjust this limit via ZipSecureFile.setMinInflateRatio() if you need to work with files which exceed this limit.
Uncompressed size: 480497, Raw/compressed size: 4803, ratio: 0.009996
Limits: MIN_INFLATE_RATIO: 0.010000, Entry: xl/styles.xml
at com.idmlogic.sigma.manager.impl.SpreadsheetManagerBean.readCertificationExcelSpreadsheet(SpreadsheetManagerBean.java:1165) [sigma.bl-0.0.2-SNAPSHOT.jar:]
at com.idmlogic.sigma.manager.impl.SpreadsheetManagerBean.uploadCertificationExcelSpreadsheet(SpreadsheetManagerBean.java:1000) [sigma.bl-0.0.2-SNAPSHOT.jar:]
Release : 14.4.2
Component : CA Identity Manager
Engineering provided a hotfix DE589413.zip for this issue.
If you are facing the same issue in the 14.4 CP2 standalone environment, then please create a support ticket and request this hotfix.