mirrors
/
poi
mirror of https://github.com/apache/poi.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 100 Wiki Activity
Browse Source

Bug 66425: Avoid a ClassCastException found via oss-fuzz 

We try to avoid throwing ClassCastException but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61162

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911459 13f79535-47bb-0310-9956-ffa450edef68
tags/REL_5_2_4
Dominik Stadler 8 months ago
parent
acf61f325f
commit
57d746827f
4 changed files with 8 additions and 9 deletions
Split View Show Diff Stats
  1. 2
    8
      poi-integration/src/test/java/org/apache/poi/stress/HPBFFileHandler.java
  2. 6
    1
      poi-scratchpad/src/main/java/org/apache/poi/hpbf/model/HPBFPart.java
  3. BIN
      test-data/publisher/clusterfuzz-testcase-minimized-POIHPBFFuzzer-4701121678278656.pub
  4. BIN
      test-data/spreadsheet/stress.xls

+ 2
- 8
poi-integration/src/test/java/org/apache/poi/stress/HPBFFileHandler.java View File

@@ -45,22 +45,16 @@ public class HPBFFileHandler extends POIFSFileHandler {
void test() throws Exception {
File file = new File("test-data/publisher/SampleBrochure.pub");

InputStream stream = new FileInputStream(file);
try {
try (InputStream stream = new FileInputStream(file)) {
handleFile(stream, file.getPath());
} finally {
stream.close();
}

handleExtracting(file);

stream = new FileInputStream(file);
try {
try (InputStream stream = new FileInputStream(file)) {
try (PublisherTextExtractor extractor = new PublisherTextExtractor(stream)) {
assertNotNull(extractor.getText());
}
} finally {
stream.close();
}
}


+ 6
- 1
poi-scratchpad/src/main/java/org/apache/poi/hpbf/model/HPBFPart.java View File

@@ -23,6 +23,7 @@ import java.io.InputStream;

import org.apache.commons.io.input.UnsynchronizedByteArrayInputStream;
import org.apache.poi.poifs.filesystem.DirectoryNode;
import org.apache.poi.poifs.filesystem.Entry;
import org.apache.poi.util.IOUtils;

/**
@@ -57,7 +58,11 @@ public abstract class HPBFPart {
DirectoryNode dir = baseDir;
for(int i=0; i<path.length-1; i++) {
try {
dir = (DirectoryNode)dir.getEntry(path[i]);
Entry entry = dir.getEntry(path[i]);
if (!(entry instanceof DirectoryNode)) {
throw new IllegalArgumentException("Had unexpected type of entry for path: " + path[i] + ": " + entry);
}
dir = (DirectoryNode) entry;
} catch (FileNotFoundException e) {
throw new IllegalArgumentException("File invalid - failed to find directory entry '"
+ path[i] + "': " + e);

BIN
test-data/publisher/clusterfuzz-testcase-minimized-POIHPBFFuzzer-4701121678278656.pub View File


BIN
test-data/spreadsheet/stress.xls View File


Write Preview
Loading…
Cancel
Save