Bug 66425: Avoid exceptions found via poi-fuzz

Processing formats uses regular expressions. Very complex formats
can recurse very deeply and thus can cause StackOVerflows depending
on the used stack-size.

In order to handle this a bit more gracefully, we now catch this
and report a better exception with details about the parsed 
format and potential mitigation.

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66137

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1919342 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 12 insertions, 0 deletions

diff --git a/poi/src/test/java/org/apache/poi/hssf/extractor/TestExcelExtractor.java b/poi/src/test/java/org/apache/poi/hssf/extractor/TestExcelExtractor.java
index 495ceb9837..8e27789f97 100644
--- a/poi/src/test/java/org/apache/poi/hssf/extractor/TestExcelExtractor.java
+++ b/poi/src/test/java/org/apache/poi/hssf/extractor/TestExcelExtractor.java
@@ -382,4 +382,16 @@ final class TestExcelExtractor {
             assertContains(txt, "Macro2");
         }
     }
+
+    @Test
+    void testStackOverflowInRegex() throws IOException {
+        try (ExcelExtractor extractor = createExtractor("clusterfuzz-testcase-minimized-POIHSSFFuzzer-4657005060816896.xls")) {
+            extractor.getText();
+        } catch (IllegalStateException e) {
+            // we either get a StackOverflow or a parsing error depending on the stack-size of the current JVM,
+            // so we expect both here
+            assertTrue(e.getMessage().contains("Provided formula is too complex") ||
+                    e.getMessage().contains("Did not have a ExtendedFormatRecord"));
+        }
+    }
 }