SheetJS
diff --git a/‎.npmignore
Lines changed: 1 addition & 0 deletions b/‎.npmignore
Lines changed: 1 addition & 0 deletions
diff --git a/‎bin/xlsx.njs
Lines changed: 1 addition & 0 deletions b/‎bin/xlsx.njs
Lines changed: 1 addition & 0 deletions
diff --git a/‎bits/01_version.js
Lines changed: 1 addition & 1 deletion b/‎bits/01_version.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎bits/22_xmlutils.js
Lines changed: 1 addition & 1 deletion b/‎bits/22_xmlutils.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎bits/28_binstructs.js
Lines changed: 4 additions & 1 deletion b/‎bits/28_binstructs.js
Lines changed: 4 additions & 1 deletion
diff --git a/‎bits/39_xlsbiff.js
Lines changed: 1 addition & 1 deletion b/‎bits/39_xlsbiff.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎bits/40_harb.js
Lines changed: 1 addition & 2 deletions b/‎bits/40_harb.js
Lines changed: 1 addition & 2 deletions
diff --git a/‎bits/67_wsxml.js
Lines changed: 2 additions & 0 deletions b/‎bits/67_wsxml.js
Lines changed: 2 additions & 0 deletions
diff --git a/‎bits/76_xls.js
Lines changed: 11 additions & 5 deletions b/‎bits/76_xls.js
Lines changed: 11 additions & 5 deletions
diff --git a/‎dist/xlsx.core.min.js
Lines changed: 13 additions & 13 deletions b/‎dist/xlsx.core.min.js
Lines changed: 13 additions & 13 deletions
@@ -39,6 +39,7 @@ tmp
 .gitattributes
 .fossaignore
 .spelling
+.eslintignore
 .eslintrc
 .jshintrc
 CONTRIBUTING.md
 
@@ -4,6 +4,7 @@
 /* vim: set ts=2 ft=javascript: */
 var n = "xlsx";
 var X = require('../');
+try { X = require('../xlsx.flow'); } catch(e) {}
 require('exit-on-epipe');
 var fs = require('fs'), program = require('commander');
 program
 
@@ -1 +1 @@
-XLSX.version = '0.16.9';
+XLSX.version = '0.17.0';
@@ -1,6 +1,6 @@
 var XML_HEADER = '<?xml version="1.0" encoding="UTF-8" standalone="yes"?>\r\n';
 var attregexg=/([^"\s?>\/]+)\s*=\s*((?:")([^"]*)(?:")|(?:')([^']*)(?:')|([^'">\s]+))/g;
-var tagregex=/<[\/\?]?[a-zA-Z0-9:_-]+(?:\s+[^"\s?>\/]+\s*=\s*(?:"[^"]*"|'[^']*'|[^'">\s=]+))*\s?[\/\?]?>/mg;
+var tagregex=/<[\/\?]?[a-zA-Z0-9:_-]+(?:\s+[^"\s?>\/]+\s*=\s*(?:"[^"]*"|'[^']*'|[^'">\s=]+))*\s*[\/\?]?>/mg;
 
 if(!(XML_HEADER.match(tagregex))) tagregex = /<[^>]*>/g;
 var nsregex=/<\w*:/, nsregex2 = /<(\/?)\w+:/;
 
@@ -177,7 +177,10 @@ var write_UncheckedRfX = write_RfX;
 
 /* [MS-XLS] 2.5.342 ; [MS-XLSB] 2.5.171 */
 /* TODO: error checking, NaN and Infinity values are not valid Xnum */
-function parse_Xnum(data/*::, length*/) { return data.read_shift(8, 'f'); }
+function parse_Xnum(data/*::, length*/) {
+	if(data.length - data.l < 8) throw "XLS Xnum Buffer underflow";
+	return data.read_shift(8, 'f');
+}
 function write_Xnum(data, o) { return (o || new_buf(8)).write_shift(8, data, 'f'); }
 
 /* [MS-XLSB] 2.4.324 BrtColor */
 
@@ -697,7 +697,7 @@ function parse_Lbl(blob, length, opts) {
 	var name = parse_XLUnicodeStringNoCch(blob, cch, opts);
 	if(flags & 0x20) name = XLSLblBuiltIn[name.charCodeAt(0)];
 	var npflen = target - blob.l; if(opts && opts.biff == 2) --npflen;
-	var rgce = target == blob.l || cce === 0 ? [] : parse_NameParsedFormula(blob, npflen, opts, cce);
+	var rgce = (target == blob.l || cce === 0 || !(npflen > 0)) ? [] : parse_NameParsedFormula(blob, npflen, opts, cce);
 	return {
 		chKey: chKey,
 		Name: name,
 
@@ -85,7 +85,7 @@ function dbf_to_aoa(buf, opts)/*:AOA*/ {
 	var /*filedate = new Date(),*/ nrow = 0, fpos = 0;
 	if(ft == 0x02) nrow = d.read_shift(2);
 	/*filedate = new Date(d.read_shift(1) + 1900, d.read_shift(1) - 1, d.read_shift(1));*/d.l += 3;
-	if(ft != 0x02) nrow = d.read_shift(4);
+	if(ft != 0x02) nrow = d.read_shift(4); if(nrow > 1048576) nrow = 1e6;
 	if(ft != 0x02) fpos = d.read_shift(2);
 	var rlen = d.read_shift(2);
 
@@ -822,7 +822,6 @@ var PRN = (function() {
 			}
 			// If line ends in \r OR \n
 			else if(str.charCodeAt(5) == 13 || str.charCodeAt(5) == 10 ) {
-				//
 				sep = str.charAt(4); str = str.slice(6);
 			}
 		}
 
@@ -238,6 +238,8 @@ function parse_ws_xml_sheetviews(data, wb/*:WBWBProps*/) {
 		// $FlowIgnore
 		if(!wb.Views[i]) wb.Views[i] = {};
 		// $FlowIgnore
+		if(+tag.zoomScale) wb.Views[i].zoom = +tag.zoomScale;
+		// $FlowIgnore
 		if(parsexmlbool(tag.rightToLeft)) wb.Views[i].RTL = true;
 	});
 }
 
@@ -38,10 +38,12 @@ function slurp(R, blob, length/*:number*/, opts)/*:any*/ {
 	var l = length;
 	var bufs = [];
 	var d = blob.slice(blob.l,blob.l+l);
-	if(opts && opts.enc && opts.enc.insitu) switch(R.n) {
-	case 'BOF': case 'FilePass': case 'FileLock': case 'InterfaceHdr': case 'RRDInfo': case 'RRDHead': case 'UsrExcl': break;
+	if(opts && opts.enc && opts.enc.insitu && d.length > 0) switch(R.n) {
+	case 'BOF': case 'FilePass': case 'FileLock': case 'InterfaceHdr': case 'RRDInfo': case 'RRDHead': case 'UsrExcl': case 'EOF':
+		break;
+	case 'BoundSheet8':
+		break;
 	default:
-		if(d.length === 0) break;
 		opts.enc.insitu(d);
 	}
 	bufs.push(d);
@@ -52,15 +54,19 @@ function slurp(R, blob, length/*:number*/, opts)/*:any*/ {
 		l = __readUInt16LE(blob,blob.l+2);
 		start = blob.l + 4;
 		if(next.n == 'ContinueFrt') start += 4;
-		else if(next.n.slice(0,11) == 'ContinueFrt') start += 12;
-		bufs.push(blob.slice(start,blob.l+4+l));
+		else if(next.n.slice(0,11) == 'ContinueFrt') {
+			start += 12;
+		}
+		d = blob.slice(start,blob.l+4+l);
+		bufs.push(d);
 		blob.l += 4+l;
 		next = (XLSRecordEnum[__readUInt16LE(blob, blob.l)]);
 	}
 	var b = (bconcat(bufs)/*:any*/);
 	prep_blob(b, 0);
 	var ll = 0; b.lens = [];
 	for(var j = 0; j < bufs.length; ++j) { b.lens.push(ll); ll += bufs[j].length; }
+	if(b.length < length) throw "XLS Record " + (R && R.n || "??") + " Truncated: " + b.length + " < " + length;
 	return R.f(b, b.length, opts);
 }
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-XLSX.version = '0.16.9';`
	`1`	`+XLSX.version = '0.17.0';`
Original file line number	Diff line number	Diff line change
`@@ -85,7 +85,7 @@ function dbf_to_aoa(buf, opts)/:AOA/ {`
`85`	`85`	`var /filedate = new Date(),/ nrow = 0, fpos = 0;`
`86`	`86`	`if(ft == 0x02) nrow = d.read_shift(2);`
`87`	`87`	`/filedate = new Date(d.read_shift(1) + 1900, d.read_shift(1) - 1, d.read_shift(1));/d.l += 3;`
`88`		`- if(ft != 0x02) nrow = d.read_shift(4);`
	`88`	`+ if(ft != 0x02) nrow = d.read_shift(4); if(nrow > 1048576) nrow = 1e6;`
`89`	`89`	`if(ft != 0x02) fpos = d.read_shift(2);`
`90`	`90`	`var rlen = d.read_shift(2);`
`91`	`91`
`@@ -822,7 +822,6 @@ var PRN = (function() {`
`822`	`822`	`}`
`823`	`823`	`// If line ends in \r OR \n`
`824`	`824`	`else if(str.charCodeAt(5) == 13 \|\| str.charCodeAt(5) == 10 ) {`
`825`		`- //`
`826`	`825`	`sep = str.charAt(4); str = str.slice(6);`
`827`	`826`	`}`
`828`	`827`	`}`
Original file line number	Diff line number	Diff line change
`@@ -238,6 +238,8 @@ function parse_ws_xml_sheetviews(data, wb/:WBWBProps/) {`
`238`	`238`	`// $FlowIgnore`
`239`	`239`	`if(!wb.Views[i]) wb.Views[i] = {};`
`240`	`240`	`// $FlowIgnore`
	`241`	`+ if(+tag.zoomScale) wb.Views[i].zoom = +tag.zoomScale;`
	`242`	`+ // $FlowIgnore`
`241`	`243`	`if(parsexmlbool(tag.rightToLeft)) wb.Views[i].RTL = true;`
`242`	`244`	`});`
`243`	`245`	`}`