mirrors
/
poi
mirror of https://github.com/apache/poi.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 100 Wiki Activity
Browse Source

Bug 66425: Avoid exceptions found via poi-fuzz 

Capture and report integer overflow as normal
parsing/format exceptions

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63628

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1914401 13f79535-47bb-0310-9956-ffa450edef68
pull/562/head
Dominik Stadler 4 months ago
parent
e0b7dcda83
commit
9fda604fb8
5 changed files with 9 additions and 4 deletions
Split View Show Diff Stats
  1. 7
    2
      poi-examples/src/main/java/org/apache/poi/examples/xssf/eventusermodel/XLSX2CSV.java
  2. 1
    1
      poi-ooxml/src/main/java/org/apache/poi/xssf/extractor/XSSFEventBasedExcelExtractor.java
  3. 1
    1
      poi-ooxml/src/main/java/org/apache/poi/xssf/usermodel/XSSFSheet.java
  4. BIN
      test-data/spreadsheet/clusterfuzz-testcase-minimized-POIXSSFFuzzer-5937385319563264.xlsx
  5. BIN
      test-data/spreadsheet/stress.xls

+ 7
- 2
poi-examples/src/main/java/org/apache/poi/examples/xssf/eventusermodel/XLSX2CSV.java View File

@@ -212,7 +212,7 @@ public class XLSX2CSV {
styles, null, strings, sheetHandler, formatter, false);
sheetParser.setContentHandler(handler);
sheetParser.parse(sheetSource);
} catch(ParserConfigurationException e) {
} catch (ParserConfigurationException e) {
throw new RuntimeException("SAX parser appears to be broken - " + e.getMessage());
}
}
@@ -234,7 +234,12 @@ public class XLSX2CSV {
String sheetName = iter.getSheetName();
this.output.println();
this.output.println(sheetName + " [index=" + index + "]:");
processSheet(styles, strings, new SheetToCSV(), stream);

try {
processSheet(styles, strings, new SheetToCSV(), stream);
} catch (NumberFormatException e) {
throw new IOException("Failed to parse sheet " + sheetName, e);
}
}
++index;
}

+ 1
- 1
poi-ooxml/src/main/java/org/apache/poi/xssf/extractor/XSSFEventBasedExcelExtractor.java View File

@@ -289,7 +289,7 @@ public class XSSFEventBasedExcelExtractor
}

return text.toString();
} catch (IOException | OpenXML4JException | SAXException e) {
} catch (IOException | OpenXML4JException | SAXException | NumberFormatException e) {
LOGGER.atWarn().withThrowable(e).log("Failed to load text");
return "";
}

+ 1
- 1
poi-ooxml/src/main/java/org/apache/poi/xssf/usermodel/XSSFSheet.java View File

@@ -146,7 +146,7 @@ public class XSSFSheet extends POIXMLDocumentPart implements Sheet, OoxmlSheetEx
protected void onDocumentRead() {
try (InputStream stream = getPackagePart().getInputStream()) {
read(stream);
} catch (IOException e){
} catch (IOException | ArithmeticException e){
throw new POIXMLException(e);
}
}

BIN
test-data/spreadsheet/clusterfuzz-testcase-minimized-POIXSSFFuzzer-5937385319563264.xlsx View File


BIN
test-data/spreadsheet/stress.xls View File


Write Preview
Loading…
Cancel
Save