diff options
author | Dominik Stadler <centic@apache.org> | 2023-08-23 08:26:27 +0000 |
---|---|---|
committer | Dominik Stadler <centic@apache.org> | 2023-08-23 08:26:27 +0000 |
commit | fd29772be6b3410629eff5bc376b489852d7ee6d (patch) | |
tree | fba77827d72b7e5289e4d9b032c607d977b12648 /poi-scratchpad | |
parent | 1b88529d072a9d4462c445a9953b898cb37c6913 (diff) | |
download | poi-fd29772be6b3410629eff5bc376b489852d7ee6d.tar.gz poi-fd29772be6b3410629eff5bc376b489852d7ee6d.zip |
Bug 66425: Avoid a ClassCastException found via oss-fuzz
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61578
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911860 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'poi-scratchpad')
-rw-r--r-- | poi-scratchpad/src/main/java/org/apache/poi/hslf/usermodel/HSLFSlideShowImpl.java | 6 | ||||
-rw-r--r-- | poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/TestPPTXMLDump.java | 4 |
2 files changed, 8 insertions, 2 deletions
diff --git a/poi-scratchpad/src/main/java/org/apache/poi/hslf/usermodel/HSLFSlideShowImpl.java b/poi-scratchpad/src/main/java/org/apache/poi/hslf/usermodel/HSLFSlideShowImpl.java index 170f42bfcb..7fa5162a14 100644 --- a/poi-scratchpad/src/main/java/org/apache/poi/hslf/usermodel/HSLFSlideShowImpl.java +++ b/poi-scratchpad/src/main/java/org/apache/poi/hslf/usermodel/HSLFSlideShowImpl.java @@ -404,7 +404,11 @@ public final class HSLFSlideShowImpl extends POIDocument implements Closeable { return; } - DocumentEntry entry = (DocumentEntry) getDirectory().getEntry("Pictures"); + final Entry en = getDirectory().getEntry("Pictures"); + if (!(en instanceof DocumentEntry)) { + throw new IllegalArgumentException("Had unexpected type of entry for name: Pictures: " + en.getClass()); + } + DocumentEntry entry = (DocumentEntry) en; EscherContainerRecord blipStore = getBlipStore(); byte[] pictstream; try (DocumentInputStream is = getDirectory().createDocumentInputStream(entry)) { diff --git a/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/TestPPTXMLDump.java b/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/TestPPTXMLDump.java index 7b85af8ad9..efdf770b26 100644 --- a/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/TestPPTXMLDump.java +++ b/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/TestPPTXMLDump.java @@ -21,6 +21,7 @@ import org.apache.poi.hslf.HSLFTestDataSamples; import org.junit.jupiter.api.Test; import java.io.File; +import java.io.IOException; import java.util.Collections; import java.util.HashSet; import java.util.Set; @@ -31,6 +32,7 @@ public class TestPPTXMLDump extends BaseTestPPTIterating { static final Set<String> LOCAL_EXCLUDED = new HashSet<>(); static { LOCAL_EXCLUDED.add("clusterfuzz-testcase-minimized-POIHSLFFuzzer-5306877435838464.ppt"); + LOCAL_EXCLUDED.add("clusterfuzz-testcase-minimized-POIHSLFFuzzer-6032591399288832.ppt"); } @Test @@ -49,7 +51,7 @@ public class TestPPTXMLDump extends BaseTestPPTIterating { void runOneFile(File pFile) throws Exception { try { PPTXMLDump.main(new String[]{pFile.getAbsolutePath()}); - } catch (IndexOutOfBoundsException e) { + } catch (IndexOutOfBoundsException | IOException e) { if (!LOCAL_EXCLUDED.contains(pFile.getName())) { throw e; } |