diff options
| author | Dominik Stadler <centic@apache.org> | 2023-08-12 17:37:14 +0000 |
|---|---|---|
| committer | Dominik Stadler <centic@apache.org> | 2023-08-12 17:37:14 +0000 |
| commit | 9ae14ef6f024b9e5390614b0b2d455777eda3435 (patch) | |
| tree | d5a9c1ea66b8bcae0986870242205fc631e4072f | |
| parent | 733d3d10ead2619e6bf10a1f431fd659cf178f03 (diff) | |
| download | poi-9ae14ef6f024b9e5390614b0b2d455777eda3435.tar.gz poi-9ae14ef6f024b9e5390614b0b2d455777eda3435.zip | |
Bug 66425: Avoid a ClassCastException found via oss-fuzz
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61400
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911618 13f79535-47bb-0310-9956-ffa450edef68
| -rw-r--r-- | poi-scratchpad/src/main/java/org/apache/poi/hsmf/datatypes/RecipientChunks.java | 37 | ||||
| -rw-r--r-- | test-data/hsmf/clusterfuzz-testcase-minimized-POIHSMFFuzzer-5336473854148608.msg | bin | 0 -> 61529 bytes | |||
| -rw-r--r-- | test-data/spreadsheet/stress.xls | bin | 46592 -> 46592 bytes |
3 files changed, 21 insertions, 16 deletions
diff --git a/poi-scratchpad/src/main/java/org/apache/poi/hsmf/datatypes/RecipientChunks.java b/poi-scratchpad/src/main/java/org/apache/poi/hsmf/datatypes/RecipientChunks.java index 8b37806fdc..d333a7b55d 100644 --- a/poi-scratchpad/src/main/java/org/apache/poi/hsmf/datatypes/RecipientChunks.java +++ b/poi-scratchpad/src/main/java/org/apache/poi/hsmf/datatypes/RecipientChunks.java @@ -187,7 +187,7 @@ public final class RecipientChunks implements ChunkGroupWithProperties { } /** Holds all the chunks that were found. */ - private List<Chunk> allChunks = new ArrayList<>(); + private final List<Chunk> allChunks = new ArrayList<>(); @Override public Map<MAPIProperty, List<PropertyValue>> getProperties() { @@ -212,21 +212,26 @@ public final class RecipientChunks implements ChunkGroupWithProperties { */ @Override public void record(Chunk chunk) { - if (chunk.getChunkId() == RECIPIENT_SEARCH.id) { - // TODO - parse - recipientSearchChunk = (ByteChunk) chunk; - } else if (chunk.getChunkId() == RECIPIENT_NAME.id) { - recipientDisplayNameChunk = (StringChunk) chunk; - } else if (chunk.getChunkId() == RECIPIENT_DISPLAY_NAME.id) { - recipientNameChunk = (StringChunk) chunk; - } else if (chunk.getChunkId() == RECIPIENT_EMAIL_ADDRESS.id) { - recipientEmailChunk = (StringChunk) chunk; - } else if (chunk.getChunkId() == RECIPIENT_SMTP_ADDRESS.id) { - recipientSMTPChunk = (StringChunk) chunk; - } else if (chunk.getChunkId() == DELIVERY_TYPE.id) { - deliveryTypeChunk = (StringChunk) chunk; - } else if (chunk instanceof PropertiesChunk) { - recipientProperties = (PropertiesChunk) chunk; + try { + if (chunk.getChunkId() == RECIPIENT_SEARCH.id) { + // TODO - parse + recipientSearchChunk = (ByteChunk) chunk; + } else if (chunk.getChunkId() == RECIPIENT_NAME.id) { + recipientDisplayNameChunk = (StringChunk) chunk; + } else if (chunk.getChunkId() == RECIPIENT_DISPLAY_NAME.id) { + recipientNameChunk = (StringChunk) chunk; + } else if (chunk.getChunkId() == RECIPIENT_EMAIL_ADDRESS.id) { + recipientEmailChunk = (StringChunk) chunk; + } else if (chunk.getChunkId() == RECIPIENT_SMTP_ADDRESS.id) { + recipientSMTPChunk = (StringChunk) chunk; + } else if (chunk.getChunkId() == DELIVERY_TYPE.id) { + deliveryTypeChunk = (StringChunk) chunk; + } else if (chunk instanceof PropertiesChunk) { + recipientProperties = (PropertiesChunk) chunk; + } + } catch (ClassCastException e) { + throw new IllegalArgumentException("ChunkId and type of chunk did not match, had id " + + chunk.getChunkId() + " and type of chunk: " + chunk.getClass(), e); } // And add to the main list diff --git a/test-data/hsmf/clusterfuzz-testcase-minimized-POIHSMFFuzzer-5336473854148608.msg b/test-data/hsmf/clusterfuzz-testcase-minimized-POIHSMFFuzzer-5336473854148608.msg Binary files differnew file mode 100644 index 0000000000..6c30756e4f --- /dev/null +++ b/test-data/hsmf/clusterfuzz-testcase-minimized-POIHSMFFuzzer-5336473854148608.msg diff --git a/test-data/spreadsheet/stress.xls b/test-data/spreadsheet/stress.xls Binary files differindex 6b2669be74..00b8ca4dea 100644 --- a/test-data/spreadsheet/stress.xls +++ b/test-data/spreadsheet/stress.xls |