Bug 66425: Avoid a ClassCastException found via oss-fuzz

author Dominik Stadler <centic@apache.org>

Mon, 7 Aug 2023 16:18:46 +0000 (16:18 +0000)

committer Dominik Stadler <centic@apache.org>

Mon, 7 Aug 2023 16:18:46 +0000 (16:18 +0000)
author Dominik Stadler <centic@apache.org>
Mon, 7 Aug 2023 16:18:46 +0000 (16:18 +0000)
committer Dominik Stadler <centic@apache.org>
Mon, 7 Aug 2023 16:18:46 +0000 (16:18 +0000)
diff --git a/poi-integration/src/test/java/org/apache/poi/stress/TestAllFiles.java b/poi-integration/src/test/java/org/apache/poi/stress/TestAllFiles.java

index ed96cde4e895718a0fbd841978cbdac4f2ce0fa5..5171158965695ce8200fe7f33fae02e582534149 100644 (file)
--- a/poi-integration/src/test/java/org/apache/poi/stress/TestAllFiles.java
+++ b/poi-integration/src/test/java/org/apache/poi/stress/TestAllFiles.java
@@ -253,13 +253,22 @@ public class TestAllFiles {
              Exception e = assertThrows((Class<? extends Exception>)exClass, exec, errPrefix + " expected " + exClass);
              String actMsg = pathReplace(e.getMessage());
  
-            // verify that message is either null for both or set for both
-            assertTrue(actMsg != null || StringUtils.isBlank(exMessage),
-                    errPrefix + " for " + exClass + " expected message '" + exMessage + "' but had '" + actMsg + "'");
-
-            if (actMsg != null) {
-                assertTrue(actMsg.contains(exMessage),
-                        errPrefix + "Message: " + actMsg + " - didn't contain: " + exMessage);
+            // perform special handling of NullPointerException as
+            // JDK started to add more information in some newer JDK, so
+            // it sometimes has a message and sometimes not!
+            if (NullPointerException.class.isAssignableFrom(exClass)) {
+                if (actMsg != null) {
+                    assertTrue(actMsg.contains(exMessage), errPrefix + "Message: "+actMsg+" - didn't contain: "+exMessage);
+                }
+            } else {
+                // verify that message is either null for both or set for both
+                assertTrue(actMsg != null || StringUtils.isBlank(exMessage),
+                        errPrefix + " for " + exClass + " expected message '" + exMessage + "' but had '" + actMsg + "'");
+
+                if (actMsg != null) {
+                    assertTrue(actMsg.contains(exMessage),
+                            errPrefix + "Message: " + actMsg + " - didn't contain: " + exMessage);
+                }
              }
          } else {
              assertDoesNotThrow(exec, errPrefix);
diff --git a/poi-scratchpad/src/main/java/org/apache/poi/hslf/usermodel/HSLFSlideShowImpl.java b/poi-scratchpad/src/main/java/org/apache/poi/hslf/usermodel/HSLFSlideShowImpl.java

index 54edf47faa6f2b35982b4c385e71437a3a991171..70fb2870266a314f0cd9bfc484bd500ca2e042a0 100644 (file)
--- a/poi-scratchpad/src/main/java/org/apache/poi/hslf/usermodel/HSLFSlideShowImpl.java
+++ b/poi-scratchpad/src/main/java/org/apache/poi/hslf/usermodel/HSLFSlideShowImpl.java
@@ -72,6 +72,7 @@ import org.apache.poi.poifs.crypt.EncryptionInfo;
  import org.apache.poi.poifs.filesystem.DirectoryNode;
  import org.apache.poi.poifs.filesystem.DocumentEntry;
  import org.apache.poi.poifs.filesystem.DocumentInputStream;
+import org.apache.poi.poifs.filesystem.Entry;
  import org.apache.poi.poifs.filesystem.EntryUtils;
  import org.apache.poi.poifs.filesystem.POIFSFileSystem;
  import org.apache.poi.sl.usermodel.PictureData;
@@ -229,7 +230,11 @@ public final class HSLFSlideShowImpl extends POIDocument implements Closeable {
          }
  
          // Get the main document stream
-        DocumentEntry docProps = (DocumentEntry)dir.getEntry(POWERPOINT_DOCUMENT);
+        final Entry entry = dir.getEntry(POWERPOINT_DOCUMENT);
+        if (!(entry instanceof DocumentEntry)) {
+            throw new IllegalArgumentException("Had unexpected type of entry for name: " + POWERPOINT_DOCUMENT + ": " + entry.getClass());
+        }
+        DocumentEntry docProps = (DocumentEntry) entry;
  
          // Grab the document stream
          int len = docProps.getSize();
diff --git a/test-data/slideshow/clusterfuzz-testcase-minimized-POIHSLFFuzzer-6416153805979648.ppt b/test-data/slideshow/clusterfuzz-testcase-minimized-POIHSLFFuzzer-6416153805979648.ppt

new file mode 100644 (file)

index 0000000..a47bcf5

Binary files /dev/null and b/test-data/slideshow/clusterfuzz-testcase-minimized-POIHSLFFuzzer-6416153805979648.ppt differ
diff --git a/test-data/spreadsheet/stress.xls b/test-data/spreadsheet/stress.xls

index 3018e322b36706679e4f0e9f7e4e0dcb6f1123bb..3215a910a349916eca0db9d36fabccd5f14350d9 100644 (file)

Binary files a/test-data/spreadsheet/stress.xls and b/test-data/spreadsheet/stress.xls differ
author	Dominik Stadler <centic@apache.org>
	Mon, 7 Aug 2023 16:18:46 +0000 (16:18 +0000)
committer	Dominik Stadler <centic@apache.org>
	Mon, 7 Aug 2023 16:18:46 +0000 (16:18 +0000)
poi-integration/src/test/java/org/apache/poi/stress/TestAllFiles.java		patch \| blob \| history
poi-scratchpad/src/main/java/org/apache/poi/hslf/usermodel/HSLFSlideShowImpl.java		patch \| blob \| history
test-data/slideshow/clusterfuzz-testcase-minimized-POIHSLFFuzzer-6416153805979648.ppt	[new file with mode: 0644]	patch \| blob
test-data/spreadsheet/stress.xls		patch \| blob \| history