Apache
/
poi
mirror of https://github.com/apache/poi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,965 Commits 25 Branches 101 Tags 246 MiB
Commit Graph

83 Commits

Author SHA1 Message Date
Dominik Stadler 9ae14ef6f0 Bug 66425: Avoid a ClassCastException found via oss-fuzz 
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61400

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911618 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-12 17:37:14 +00:00
Dominik Stadler 733d3d10ea Bug 66425: Avoid a NullPointerException found via oss-fuzz 
We try to avoid throwing NullPointerException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61390

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911615 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-12 14:53:58 +00:00
Dominik Stadler f034ca26b9 Bug 66425: Avoid a NullPointerException found via oss-fuzz 
We try to avoid throwing NullPointerException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61372

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911603 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-11 14:46:04 +00:00
Dominik Stadler 80264d5648 Bug 66425: Avoid a ClassCastException found via oss-fuzz 
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61330

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911586 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-10 06:14:44 +00:00
Dominik Stadler 107def2e65 Bug 66425: Avoid a StackOverflowException found via oss-fuzz 
We try to avoid causing StackOverflow, but it was possible
to trigger one here with a specially crafted input-file.

This puts a limit on the number of nested children in place
and logs a warning when the Stream is not fully parsed.

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61256

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911577 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-09 16:16:49 +00:00
Dominik Stadler ccec6c4bf8 Bug 66425: Avoid a ClassCastException found via oss-fuzz 
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61306

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911573 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-09 10:09:16 +00:00
Dominik Stadler b757cf607e Try to adjust for strange null-message for ArrayIndexOutOfBoundsException 
Some CI runs seem to throw the exception with an empty message instead of 
the expected text.

I could not reproduce this consistently and so we only can disable a
check in this case.

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911572 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-09 09:53:54 +00:00
Dominik Stadler fdeae16b0c Bug 66425: Avoid a ClassCastException found via oss-fuzz 
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61317

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911565 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-09 07:23:04 +00:00
Dominik Stadler 2e8afc0c01 Bug 66425: Avoid a StackOverflowException found via oss-fuzz 
We try to avoid causing StackOverflow, but it was possible
to trigger one here with a specially crafted input-file.

This puts a limit on the number of nested properties in place
and logs a warning when the StyleSheet is not fully parsed.

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61252

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911563 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-09 05:45:21 +00:00
Dominik Stadler e706f37170 Bug 66425: Avoid a ClassCastException found via oss-fuzz 
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61276

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911536 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-08 08:48:13 +00:00
Dominik Stadler 1b7613329e Bug 66425: Add memory-safeguard in one more place 
We try to generally avoid overly large allocations in places
where arrays are allocated. 

We add one more such check for pictures in HSLF.

We might need to increase the used value of 10MB if users report 
larger files being used frequently. 

Overriding this check via IOUtils is possible.

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911525 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-07 20:35:59 +00:00
Dominik Stadler 163ff25594 Bug 66425: Avoid a ClassCastException found via oss-fuzz 
We try to avoid throwing NullPointerException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61266

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911523 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-07 20:01:19 +00:00
Dominik Stadler 8e40aabb18 Bug 66425: Avoid a ClassCastException found via oss-fuzz 
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61259

Also fix handling of NullPointerException

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911517 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-07 16:18:46 +00:00
Dominik Stadler 5efa428ca0 Bug 66425: Avoid a ClassCastException found via oss-fuzz 
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61242

Also enhance output of some test-failures and allow an empty exception message

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911515 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-07 15:15:38 +00:00
Dominik Stadler 2c5264277a Bug 66425: Avoid an AssertionError found via oss-fuzz 
We try to avoid throwing AssertionError to be triggered by input data, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61251

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911514 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-07 14:32:11 +00:00
Dominik Stadler f6b1435db1 Bug 66425: Avoid a ClassCastException found via oss-fuzz 
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61243

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911507 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-07 12:09:31 +00:00
Dominik Stadler a8b31c37a6 Bug 66425: Avoid a ClassCastException found via oss-fuzz 
Add exception details and fix expected exceptions to make tests run again

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911503 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-07 11:11:08 +00:00
Dominik Stadler 31fd087a48 Bug 66425: Avoid a ClassCastException found via oss-fuzz 
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61249

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911501 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-07 09:42:17 +00:00
Dominik Stadler 6f054ddce1 Fix expected exception text and print out which FileHandler failed in integration-tests 
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911495 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-06 17:13:46 +00:00
Dominik Stadler 1e8e95c3a6 Bug 66425: Avoid a ClassCastException found via oss-fuzz 
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file

Also rework test a bit to use try-with-resources and proper formatting

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61221

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911494 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-06 14:57:47 +00:00
Dominik Stadler 57d746827f Bug 66425: Avoid a ClassCastException found via oss-fuzz 
We try to avoid throwing ClassCastException but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61162

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911459 13f79535-47bb-0310-9956-ffa450edef68
 2023-08-05 12:13:13 +00:00
Andreas Beeker c41176f207 #66115 - Some Password protected XLS files are not read 
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1901996 13f79535-47bb-0310-9956-ffa450edef68
 2022-06-16 22:56:47 +00:00
Dominik Stadler f8e27ee19b Prevent an overly large allocation when using HPSF 
Add a sample document from fuzzing which contains invalid/oversized values

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1899749 13f79535-47bb-0310-9956-ffa450edef68
 2022-04-11 13:51:31 +00:00
Dominik Stadler 7283d7ed64 Make all text-extractors always return a non-null String 
This changes the expected exception of some test-files

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1897319 13f79535-47bb-0310-9956-ffa450edef68
 2022-01-22 06:58:43 +00:00
Dominik Stadler 729d78cda6 Limit allocated elements in the PlfLfo structure for word documents 
Use large allocation-detection here as well,
otherwise some documents can try to allocate too much memory.

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1896744 13f79535-47bb-0310-9956-ffa450edef68
 2022-01-06 11:10:00 +00:00
PJ Fanning a6b9f5c006 update stress.xls 
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1891729 13f79535-47bb-0310-9956-ffa450edef68
 2021-07-22 17:23:00 +00:00
Dominik Stadler f71833e1d9 Do not return null for POITextExtractor.getMetadataTextExtractor() for old Excel files 
To adhere to the JavaDoc of the POITextExtractor interface which does not document a
possible null return.

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1889205 13f79535-47bb-0310-9956-ffa450edef68
 2021-04-26 15:12:32 +00:00
Marius Volkhart d1c9a07860 Add the ability to edit HSLFPictureData contents 
Pictures can now be edited by calling HSLFPictureData#setData(byte[]). The byte[] should contain the image data as an image viewer might read it.

To enable this functionality, a tighter coupling between the EscherBSERecords of the slideshow and the HSLFPictureData was required. This ensures that changes in image data size are accurately recorded in the records.

In the course of coupling the records and the HSLFPictureData, various scenarios arose where a mapping of records to pictures was non-trivial. Accordingly, the HSLFSlideShowImpl#matchPicturesAndRecords(...) function was added to perform a more sophisticated matching pass. This function is heavily exercised by org.apache.poi.hslf.usermodel.TestBugs.testFile[5] and PPTX2PNG.render[2], as well as the new TestPictures#testSlideshowWithIncorrectOffsets().

Closes #225

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1887017 13f79535-47bb-0310-9956-ffa450edef68
 2021-02-28 23:16:14 +00:00
Andreas Beeker 8f2c722fd3 Integration tests - try to fix Oracle/OpenJDK vs IBM-JDK error message differences on XXE files 
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1885625 13f79535-47bb-0310-9956-ffa450edef68
 2021-01-17 21:20:05 +00:00
Andreas Beeker 8d0e84f257 integration tests: ignore hsmf/lots-of-recipients.msg because of concurrent test errors - also takes too long to process 
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1885603 13f79535-47bb-0310-9956-ffa450edef68
 2021-01-17 15:51:41 +00:00
Andreas Beeker 44efecf42e integration tests: Fix handling of NullPointerExceptions for Java 16+ (again ...) 
Refactor TestAllFiles to provide an API for mass testing

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1885576 13f79535-47bb-0310-9956-ffa450edef68
 2021-01-16 15:51:00 +00:00
Andreas Beeker 5e110d7216 integration tests: NullPointerExceptions contain now a description in Java 16+ 
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1885549 13f79535-47bb-0310-9956-ffa450edef68
 2021-01-16 09:55:42 +00:00
Andreas Beeker 309e657b0d #65046 - Simplify integration tests 
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1885538 13f79535-47bb-0310-9956-ffa450edef68
 2021-01-15 23:50:42 +00:00