diff options
author | Dominik Stadler <centic@apache.org> | 2023-08-08 08:48:13 +0000 |
---|---|---|
committer | Dominik Stadler <centic@apache.org> | 2023-08-08 08:48:13 +0000 |
commit | e706f37170789876a930461924fbe84c34c5dfa8 (patch) | |
tree | 555541a6059565508734a8fef3b45efd9aedb7e7 /poi | |
parent | 1b7613329e6258a85d548998f5dd36e58046a5b4 (diff) | |
download | poi-e706f37170789876a930461924fbe84c34c5dfa8.tar.gz poi-e706f37170789876a930461924fbe84c34c5dfa8.zip |
Bug 66425: Avoid a ClassCastException found via oss-fuzz
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61276
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911536 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'poi')
-rw-r--r-- | poi/src/main/java/org/apache/poi/hssf/record/TextObjectRecord.java | 3 | ||||
-rw-r--r-- | poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java | 2 |
2 files changed, 5 insertions, 0 deletions
diff --git a/poi/src/main/java/org/apache/poi/hssf/record/TextObjectRecord.java b/poi/src/main/java/org/apache/poi/hssf/record/TextObjectRecord.java index c399bd64f9..17bcce71e7 100644 --- a/poi/src/main/java/org/apache/poi/hssf/record/TextObjectRecord.java +++ b/poi/src/main/java/org/apache/poi/hssf/record/TextObjectRecord.java @@ -127,6 +127,9 @@ public final class TextObjectRecord extends ContinuableRecord { throw new RecordFormatException("Read " + ptgs.length + " tokens but expected exactly 1"); } + if (!(ptgs[0] instanceof OperandPtg)) { + throw new IllegalArgumentException("Had unexpected type of ptg at index 0: " + ptgs[0].getClass()); + } _linkRefPtg = (OperandPtg) ptgs[0]; _unknownPostFormulaByte = in.remaining() > 0 ? in.readByte() : null; } else { diff --git a/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java b/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java index 45de3c2155..26627b5a9b 100644 --- a/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java +++ b/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java @@ -86,6 +86,8 @@ public abstract class BaseTestIteratingXLS { excludes.put("61300.xls", RecordFormatException.class); // BIFF 5 excludes.put("64130.xls", OldExcelFormatException.class); + // fuzzed binaries + excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-6322470200934400.xls", RuntimeException.class); return excludes; } |