diff options
author | Dominik Stadler <centic@apache.org> | 2023-08-09 10:09:16 +0000 |
---|---|---|
committer | Dominik Stadler <centic@apache.org> | 2023-08-09 10:09:16 +0000 |
commit | ccec6c4bf8484fef87584723781dc4b7370ec459 (patch) | |
tree | 9261c8c0b450e96dff4f2388e6aa44b59bd7be97 /poi-scratchpad | |
parent | b757cf607eedfbe02763a8209f83897a85892790 (diff) | |
download | poi-ccec6c4bf8484fef87584723781dc4b7370ec459.tar.gz poi-ccec6c4bf8484fef87584723781dc4b7370ec459.zip |
Bug 66425: Avoid a ClassCastException found via oss-fuzz
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61306
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911573 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'poi-scratchpad')
-rw-r--r-- | poi-scratchpad/src/main/java/org/apache/poi/hslf/record/CurrentUserAtom.java | 8 | ||||
-rw-r--r-- | poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/BaseTestPPTIterating.java | 1 |
2 files changed, 7 insertions, 2 deletions
diff --git a/poi-scratchpad/src/main/java/org/apache/poi/hslf/record/CurrentUserAtom.java b/poi-scratchpad/src/main/java/org/apache/poi/hslf/record/CurrentUserAtom.java index 70e422b838..3bdcee13b9 100644 --- a/poi-scratchpad/src/main/java/org/apache/poi/hslf/record/CurrentUserAtom.java +++ b/poi-scratchpad/src/main/java/org/apache/poi/hslf/record/CurrentUserAtom.java @@ -35,6 +35,7 @@ import org.apache.poi.hslf.exceptions.CorruptPowerPointFileException; import org.apache.poi.hslf.exceptions.OldPowerPointFormatException; import org.apache.poi.poifs.filesystem.DirectoryNode; import org.apache.poi.poifs.filesystem.DocumentEntry; +import org.apache.poi.poifs.filesystem.Entry; import org.apache.poi.poifs.filesystem.POIFSFileSystem; import org.apache.poi.util.IOUtils; import org.apache.poi.util.LittleEndian; @@ -120,8 +121,11 @@ public class CurrentUserAtom { */ public CurrentUserAtom(DirectoryNode dir) throws IOException { // Decide how big it is - DocumentEntry docProps = - (DocumentEntry)dir.getEntry("Current User"); + final Entry entry = dir.getEntry("Current User"); + if (!(entry instanceof DocumentEntry)) { + throw new IllegalArgumentException("Had unexpected type of entry for name: Current User: " + entry.getClass()); + } + DocumentEntry docProps = (DocumentEntry) entry; // If it's clearly junk, bail out if(docProps.getSize() > 131072) { diff --git a/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/BaseTestPPTIterating.java b/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/BaseTestPPTIterating.java index 4dac9d21bd..0af50391db 100644 --- a/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/BaseTestPPTIterating.java +++ b/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/BaseTestPPTIterating.java @@ -60,6 +60,7 @@ public abstract class BaseTestPPTIterating { static final Map<String,Class<? extends Throwable>> EXCLUDED = new HashMap<>(); static { EXCLUDED.put("clusterfuzz-testcase-minimized-POIHSLFFuzzer-6416153805979648.ppt", Exception.class); + EXCLUDED.put("clusterfuzz-testcase-minimized-POIHSLFFuzzer-6710128412590080.ppt", RuntimeException.class); } public static Stream<Arguments> files() { |