aboutsummaryrefslogtreecommitdiffstats
path: root/poi-ooxml
diff options
context:
space:
mode:
authorDominik Stadler <centic@apache.org>2023-08-07 20:01:19 +0000
committerDominik Stadler <centic@apache.org>2023-08-07 20:01:19 +0000
commit163ff25594bb2751ea2ea5e3df4f82fdf9219304 (patch)
treee060a2367bc285df2d7138ed1db10ed8e942b558 /poi-ooxml
parentf3997b49efaef3987f87e212ec41635b4339bbf9 (diff)
downloadpoi-163ff25594bb2751ea2ea5e3df4f82fdf9219304.tar.gz
poi-163ff25594bb2751ea2ea5e3df4f82fdf9219304.zip
Bug 66425: Avoid a ClassCastException found via oss-fuzz
We try to avoid throwing NullPointerException, but it was possible to trigger one here with a specially crafted input-file Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61266 git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911523 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'poi-ooxml')
-rw-r--r--poi-ooxml/src/main/java/org/apache/poi/xssf/eventusermodel/ReadOnlySharedStringsTable.java12
-rw-r--r--poi-ooxml/src/test/java/org/apache/poi/xssf/eventusermodel/TestReadOnlySharedStringsTable.java85
2 files changed, 61 insertions, 36 deletions
diff --git a/poi-ooxml/src/main/java/org/apache/poi/xssf/eventusermodel/ReadOnlySharedStringsTable.java b/poi-ooxml/src/main/java/org/apache/poi/xssf/eventusermodel/ReadOnlySharedStringsTable.java
index 6336836821..07d00bd99a 100644
--- a/poi-ooxml/src/main/java/org/apache/poi/xssf/eventusermodel/ReadOnlySharedStringsTable.java
+++ b/poi-ooxml/src/main/java/org/apache/poi/xssf/eventusermodel/ReadOnlySharedStringsTable.java
@@ -251,7 +251,9 @@ public class ReadOnlySharedStringsTable extends DefaultHandler implements Shared
this.strings = new ArrayList<>(this.uniqueCount);
characters = new StringBuilder(64);
} else if ("si".equals(localName)) {
- characters.setLength(0);
+ if (characters != null) {
+ characters.setLength(0);
+ }
} else if ("t".equals(localName)) {
tIsOpen = true;
} else if ("rPh".equals(localName)) {
@@ -269,7 +271,9 @@ public class ReadOnlySharedStringsTable extends DefaultHandler implements Shared
}
if ("si".equals(localName)) {
- strings.add(characters.toString());
+ if (strings != null && characters != null) {
+ strings.add(characters.toString());
+ }
} else if ("t".equals(localName)) {
tIsOpen = false;
} else if ("rPh".equals(localName)) {
@@ -285,7 +289,9 @@ public class ReadOnlySharedStringsTable extends DefaultHandler implements Shared
if (inRPh && includePhoneticRuns) {
characters.append(ch, start, length);
} else if (! inRPh){
- characters.append(ch, start, length);
+ if (characters != null) {
+ characters.append(ch, start, length);
+ }
}
}
}
diff --git a/poi-ooxml/src/test/java/org/apache/poi/xssf/eventusermodel/TestReadOnlySharedStringsTable.java b/poi-ooxml/src/test/java/org/apache/poi/xssf/eventusermodel/TestReadOnlySharedStringsTable.java
index 7df35d713c..be486270ed 100644
--- a/poi-ooxml/src/test/java/org/apache/poi/xssf/eventusermodel/TestReadOnlySharedStringsTable.java
+++ b/poi-ooxml/src/test/java/org/apache/poi/xssf/eventusermodel/TestReadOnlySharedStringsTable.java
@@ -20,6 +20,7 @@
package org.apache.poi.xssf.eventusermodel;
import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
import java.io.IOException;
import java.io.InputStream;
@@ -39,7 +40,7 @@ import org.xml.sax.SAXException;
* Tests for {@link org.apache.poi.xssf.eventusermodel.XSSFReader}
*/
public final class TestReadOnlySharedStringsTable {
- private static POIDataSamples _ssTests = POIDataSamples.getSpreadSheetInstance();
+ private static final POIDataSamples _ssTests = POIDataSamples.getSpreadSheetInstance();
@Test
void testParse() throws Exception {
@@ -47,24 +48,25 @@ public final class TestReadOnlySharedStringsTable {
List<PackagePart> parts = pkg.getPartsByName(Pattern.compile("/xl/sharedStrings.xml"));
assertEquals(1, parts.size());
- SharedStringsTable stbl = new SharedStringsTable(parts.get(0));
- ReadOnlySharedStringsTable rtbl = new ReadOnlySharedStringsTable(parts.get(0));
- ReadOnlySharedStringsTable rtbl2;
- try (InputStream stream = parts.get(0).getInputStream()){
- rtbl2 = new ReadOnlySharedStringsTable(stream);
- }
-
- assertEquals(stbl.getCount(), rtbl.getCount());
- assertEquals(stbl.getUniqueCount(), rtbl.getUniqueCount());
- assertEquals(stbl.getUniqueCount(), rtbl2.getUniqueCount());
-
- assertEquals(stbl.getCount(), stbl.getUniqueCount());
- assertEquals(rtbl.getCount(), rtbl.getUniqueCount());
- assertEquals(rtbl.getCount(), rtbl2.getUniqueCount());
- for (int i = 0; i < stbl.getUniqueCount(); i++) {
- RichTextString i1 = stbl.getItemAt(i);
- assertEquals(i1.getString(), rtbl.getItemAt(i).getString());
- assertEquals(i1.getString(), rtbl2.getItemAt(i).getString());
+ try (SharedStringsTable stbl = new SharedStringsTable(parts.get(0))) {
+ ReadOnlySharedStringsTable rtbl = new ReadOnlySharedStringsTable(parts.get(0));
+ ReadOnlySharedStringsTable rtbl2;
+ try (InputStream stream = parts.get(0).getInputStream()) {
+ rtbl2 = new ReadOnlySharedStringsTable(stream);
+ }
+
+ assertEquals(stbl.getCount(), rtbl.getCount());
+ assertEquals(stbl.getUniqueCount(), rtbl.getUniqueCount());
+ assertEquals(stbl.getUniqueCount(), rtbl2.getUniqueCount());
+
+ assertEquals(stbl.getCount(), stbl.getUniqueCount());
+ assertEquals(rtbl.getCount(), rtbl.getUniqueCount());
+ assertEquals(rtbl.getCount(), rtbl2.getUniqueCount());
+ for (int i = 0; i < stbl.getUniqueCount(); i++) {
+ RichTextString i1 = stbl.getItemAt(i);
+ assertEquals(i1.getString(), rtbl.getItemAt(i).getString());
+ assertEquals(i1.getString(), rtbl2.getItemAt(i).getString());
+ }
}
}
}
@@ -75,20 +77,21 @@ public final class TestReadOnlySharedStringsTable {
List<PackagePart> parts = pkg.getPartsByName(Pattern.compile("/xl/sharedStrings.xml"));
assertEquals(1, parts.size());
- SharedStringsTable stbl = new SharedStringsTable(parts.get(0));
- ReadOnlySharedStringsTable rtbl = new ReadOnlySharedStringsTable(parts.get(0));
- ReadOnlySharedStringsTable rtbl2;
- try (InputStream stream = parts.get(0).getInputStream()) {
- rtbl2 = new ReadOnlySharedStringsTable(stream);
- }
-
- assertEquals(stbl.getCount(), rtbl.getCount());
- assertEquals(stbl.getUniqueCount(), rtbl.getUniqueCount());
- assertEquals(stbl.getUniqueCount(), rtbl2.getUniqueCount());
- for (int i = 0; i < stbl.getUniqueCount(); i++) {
- RichTextString i1 = stbl.getItemAt(i);
- assertEquals(i1.getString(), rtbl.getItemAt(i).getString());
- assertEquals(i1.getString(), rtbl2.getItemAt(i).getString());
+ try (SharedStringsTable stbl = new SharedStringsTable(parts.get(0))) {
+ ReadOnlySharedStringsTable rtbl = new ReadOnlySharedStringsTable(parts.get(0));
+ ReadOnlySharedStringsTable rtbl2;
+ try (InputStream stream = parts.get(0).getInputStream()) {
+ rtbl2 = new ReadOnlySharedStringsTable(stream);
+ }
+
+ assertEquals(stbl.getCount(), rtbl.getCount());
+ assertEquals(stbl.getUniqueCount(), rtbl.getUniqueCount());
+ assertEquals(stbl.getUniqueCount(), rtbl2.getUniqueCount());
+ for (int i = 0; i < stbl.getUniqueCount(); i++) {
+ RichTextString i1 = stbl.getItemAt(i);
+ assertEquals(i1.getString(), rtbl.getItemAt(i).getString());
+ assertEquals(i1.getString(), rtbl2.getItemAt(i).getString());
+ }
}
}
}
@@ -130,6 +133,22 @@ public final class TestReadOnlySharedStringsTable {
}
}
+ @Test
+ void testNullPointerException() throws Exception {
+ try (OPCPackage pkg = OPCPackage.open(_ssTests.openResourceAsStream("clusterfuzz-testcase-minimized-XLSX2CSVFuzzer-5025401116950528.xlsx"))) {
+ assertEmptySST(pkg);
+ }
+
+ try (OPCPackage pkg = OPCPackage.open(_ssTests.openResourceAsStream("clusterfuzz-testcase-minimized-XLSX2CSVFuzzer-5025401116950528.xlsx"))) {
+ List<PackagePart> parts = pkg.getPartsByName(Pattern.compile("/xl/sharedStrings.xml"));
+ assertEquals(1, parts.size());
+
+ //noinspection resource
+ assertThrows(IOException.class,
+ () -> new SharedStringsTable(parts.get(0)));
+ }
+ }
+
private void assertEmptySST(OPCPackage pkg) throws IOException, SAXException {
ReadOnlySharedStringsTable sst = new ReadOnlySharedStringsTable(pkg);
assertEquals(0, sst.getCount());