We try to avoid throwing ClassCastException, but it was possible to trigger one here with a specially crafted input-file Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61276 git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911536 13f79535-47bb-0310-9956-ffa450edef68tags/REL_5_2_4
@@ -127,6 +127,9 @@ public final class TextObjectRecord extends ContinuableRecord { | |||
throw new RecordFormatException("Read " + ptgs.length | |||
+ " tokens but expected exactly 1"); | |||
} | |||
if (!(ptgs[0] instanceof OperandPtg)) { | |||
throw new IllegalArgumentException("Had unexpected type of ptg at index 0: " + ptgs[0].getClass()); | |||
} | |||
_linkRefPtg = (OperandPtg) ptgs[0]; | |||
_unknownPostFormulaByte = in.remaining() > 0 ? in.readByte() : null; | |||
} else { |
@@ -86,6 +86,8 @@ public abstract class BaseTestIteratingXLS { | |||
excludes.put("61300.xls", RecordFormatException.class); | |||
// BIFF 5 | |||
excludes.put("64130.xls", OldExcelFormatException.class); | |||
// fuzzed binaries | |||
excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-6322470200934400.xls", RuntimeException.class); | |||
return excludes; | |||
} | |||