Bug 66425: Avoid a NullPointerException found via oss-fuzz

We try to avoid throwing NullPointerException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61441

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911890 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/poi-ooxml/src/main/java/org/apache/poi/openxml4j/opc/PackageRelationshipCollection.java b/poi-ooxml/src/main/java/org/apache/poi/openxml4j/opc/PackageRelationshipCollection.java
index 350e63e22d08520b1c8b8a65737ebd09d6a5308a..44feeefeb40a54493b761651edb04a9ce3e8ef5d 100644 (file)
--- a/poi-ooxml/src/main/java/org/apache/poi/openxml4j/opc/PackageRelationshipCollection.java
+++ b/poi-ooxml/src/main/java/org/apache/poi/openxml4j/opc/PackageRelationshipCollection.java
@@ -44,15 +44,10 @@ public final class PackageRelationshipCollection implements Iterable<PackageRela
      */
     private final TreeMap<String, PackageRelationship> relationshipsByID = new TreeMap<>();
 
-    /**
-     * Package relationships ordered by type.
-     */
-    private final TreeMap<String, PackageRelationship> relationshipsByType = new TreeMap<>();
-
     /**
      * A lookup of internal relationships to avoid
      */
-    private HashMap<String, PackageRelationship> internalRelationshipsByTargetName = new HashMap<>();
+    private final HashMap<String, PackageRelationship> internalRelationshipsByTargetName = new HashMap<>();
 
 
     /**
@@ -195,7 +190,6 @@ public final class PackageRelationshipCollection implements Iterable<PackageRela
                     (relPart == null ? "<null>" : relPart.getId()) + " for relationship: " + relPart);
         }
         relationshipsByID.put(relPart.getId(), relPart);
-        relationshipsByType.put(relPart.getRelationshipType(), relPart);
     }
 
     /**
@@ -214,8 +208,8 @@ public final class PackageRelationshipCollection implements Iterable<PackageRela
      */
     public PackageRelationship addRelationship(URI targetUri,
             TargetMode targetMode, String relationshipType, String id) {
-      if (id == null || id.length() == 0) {
-         // Generate a unique ID is id parameter is null.
+      if (id == null || id.isEmpty()) {
+         // Generate a unique ID if id parameter is null.
          if (nextRelationshipId == -1) {
             nextRelationshipId = size() + 1;
          }
@@ -245,7 +239,6 @@ public final class PackageRelationshipCollection implements Iterable<PackageRela
         PackageRelationship rel = relationshipsByID.get(id);
         if (rel != null) {
             relationshipsByID.remove(rel.getId());
-            relationshipsByType.values().remove(rel);
             internalRelationshipsByTargetName.values().remove(rel);
         }
     }
@@ -277,6 +270,11 @@ public final class PackageRelationshipCollection implements Iterable<PackageRela
      * @return The package relationship identified by the specified id.
      */
     public PackageRelationship getRelationshipByID(String id) {
+        if (id == null) {
+            throw new IllegalArgumentException("Cannot read relationship, provided ID is empty: " + id +
+                    ", having relationships: " + relationshipsByID.keySet());
+        }
+
         return relationshipsByID.get(id);
     }
 
@@ -418,7 +416,6 @@ public final class PackageRelationshipCollection implements Iterable<PackageRela
      */
     public void clear() {
         relationshipsByID.clear();
-        relationshipsByType.clear();
         internalRelationshipsByTargetName.clear();
     }
 

diff --git a/test-data/slideshow/clusterfuzz-testcase-minimized-POIFuzzer-5205835528404992.pptx b/test-data/slideshow/clusterfuzz-testcase-minimized-POIFuzzer-5205835528404992.pptx
new file mode 100644 (file)
index 0000000..41b4899
Binary files /dev/null and b/test-data/slideshow/clusterfuzz-testcase-minimized-POIFuzzer-5205835528404992.pptx differ

diff --git a/test-data/spreadsheet/stress.xls b/test-data/spreadsheet/stress.xls
index 21a3abea5c874f7345e04359af260040d7ca790e..5af5cc74d01a2758b359c3c191c20dd27d781a8e 100644 (file)
Binary files a/test-data/spreadsheet/stress.xls and b/test-data/spreadsheet/stress.xls differ