Apache
/
poi
mirror of https://github.com/apache/poi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bug 66425: Avoid a ClassCastException found via oss-fuzz 

We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61259

Also fix handling of NullPointerException

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911517 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Dominik Stadler 2023-08-07 16:18:46 +00:00
parent 738d533a83
commit 8e40aabb18
4 changed files with 21 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
poi-integration/src/test/java/org/apache/poi/stress/TestAllFiles.java
View File

@ -253,13 +253,22 @@ public class TestAllFiles {
Exception e = assertThrows((Class<? extends Exception>)exClass, exec, errPrefix + " expected " + exClass);
String actMsg = pathReplace(e.getMessage());
// verify that message is either null for both or set for both
assertTrue(actMsg != null || StringUtils.isBlank(exMessage),
errPrefix + " for " + exClass + " expected message '" + exMessage + "' but had '" + actMsg + "'");
// perform special handling of NullPointerException as
// JDK started to add more information in some newer JDK, so
// it sometimes has a message and sometimes not!
if (NullPointerException.class.isAssignableFrom(exClass)) {
if (actMsg != null) {
assertTrue(actMsg.contains(exMessage), errPrefix + "Message: "+actMsg+" - didn't contain: "+exMessage);
}
} else {
// verify that message is either null for both or set for both
assertTrue(actMsg != null || StringUtils.isBlank(exMessage),
errPrefix + " for " + exClass + " expected message '" + exMessage + "' but had '" + actMsg + "'");
if (actMsg != null) {
assertTrue(actMsg.contains(exMessage),
errPrefix + "Message: " + actMsg + " - didn't contain: " + exMessage);
if (actMsg != null) {
assertTrue(actMsg.contains(exMessage),
errPrefix + "Message: " + actMsg + " - didn't contain: " + exMessage);
}
}
} else {
assertDoesNotThrow(exec, errPrefix);

7
poi-scratchpad/src/main/java/org/apache/poi/hslf/usermodel/HSLFSlideShowImpl.java
View File

@ -72,6 +72,7 @@ import org.apache.poi.poifs.crypt.EncryptionInfo;
import org.apache.poi.poifs.filesystem.DirectoryNode;
import org.apache.poi.poifs.filesystem.DocumentEntry;
import org.apache.poi.poifs.filesystem.DocumentInputStream;
import org.apache.poi.poifs.filesystem.Entry;
import org.apache.poi.poifs.filesystem.EntryUtils;
import org.apache.poi.poifs.filesystem.POIFSFileSystem;
import org.apache.poi.sl.usermodel.PictureData;
@ -229,7 +230,11 @@ public final class HSLFSlideShowImpl extends POIDocument implements Closeable {
}
// Get the main document stream
DocumentEntry docProps = (DocumentEntry)dir.getEntry(POWERPOINT_DOCUMENT);
final Entry entry = dir.getEntry(POWERPOINT_DOCUMENT);
if (!(entry instanceof DocumentEntry)) {
throw new IllegalArgumentException("Had unexpected type of entry for name: " + POWERPOINT_DOCUMENT + ": " + entry.getClass());
}
DocumentEntry docProps = (DocumentEntry) entry;
// Grab the document stream
int len = docProps.getSize();

BIN
test-data/slideshow/clusterfuzz-testcase-minimized-POIHSLFFuzzer-6416153805979648.ppt Normal file
View File

Binary file not shown.

BIN
test-data/spreadsheet/stress.xls
View File

Binary file not shown.