5 files changed, 8 insertions, 2 deletions

diff --git a/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/BaseTestPPTIterating.java b/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/BaseTestPPTIterating.java
index 4da9c9fea7..8b8845186d 100644
--- a/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/BaseTestPPTIterating.java
+++ b/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/BaseTestPPTIterating.java
@@ -68,6 +68,7 @@ public abstract class BaseTestPPTIterating {
         EXCLUDED.put("clusterfuzz-testcase-minimized-POIHSLFFuzzer-5962760801091584.ppt", RuntimeException.class);
         EXCLUDED.put("clusterfuzz-testcase-minimized-POIHSLFFuzzer-5231088823566336.ppt", FileNotFoundException.class);
         EXCLUDED.put("clusterfuzz-testcase-minimized-POIFuzzer-6411649193738240.ppt", FileNotFoundException.class);
+        EXCLUDED.put("clusterfuzz-testcase-minimized-POIHSLFFuzzer-4838893004128256.ppt", FileNotFoundException.class);
     }
 
     public static Stream<Arguments> files() {
diff --git a/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/TestPPTXMLDump.java b/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/TestPPTXMLDump.java
index 499e22cf33..d2dd0b34b9 100644
--- a/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/TestPPTXMLDump.java
+++ b/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/TestPPTXMLDump.java
@@ -67,7 +67,8 @@ public class TestPPTXMLDump extends BaseTestPPTIterating {
         if (pFile.getName().equals("clusterfuzz-testcase-minimized-POIFuzzer-5429732352851968.ppt") ||
                 pFile.getName().equals("clusterfuzz-testcase-minimized-POIFuzzer-5681320547975168.ppt") ||
                 pFile.getName().equals("clusterfuzz-testcase-minimized-POIHSLFFuzzer-5231088823566336.ppt") ||
-                pFile.getName().equals("clusterfuzz-testcase-minimized-POIFuzzer-6411649193738240.ppt")) {
+                pFile.getName().equals("clusterfuzz-testcase-minimized-POIFuzzer-6411649193738240.ppt") ||
+                pFile.getName().equals("clusterfuzz-testcase-minimized-POIHSLFFuzzer-4838893004128256.ppt")) {
             throw new FileNotFoundException();
         }
     }
diff --git a/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptionHeader.java b/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptionHeader.java
index 3d08cf7fbf..fc2828ed0d 100644
--- a/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptionHeader.java
+++ b/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptionHeader.java
@@ -79,10 +79,14 @@ public class AgileEncryptionHeader extends EncryptionHeader {
                     keyData.getHashAlgorithm() + " @ " + hashSize + " bytes");
         }
 
+        if (keyData.getSaltSize() == null) {
+            throw new EncryptedDocumentException("Invalid salt length: " + keyData.getSaltSize());
+        }
+
         int saltLength = keyData.getSaltSize();
         setKeySalt(keyData.getSaltValue());
         if (getKeySalt().length != saltLength) {
-            throw new EncryptedDocumentException("Invalid salt length");
+            throw new EncryptedDocumentException("Invalid salt length: " + getKeySalt().length + " and " + saltLength);
         }
 
         DataIntegrity di = ed.getDataIntegrity();
diff --git a/test-data/slideshow/clusterfuzz-testcase-minimized-POIHSLFFuzzer-4838893004128256.ppt b/test-data/slideshow/clusterfuzz-testcase-minimized-POIHSLFFuzzer-4838893004128256.ppt
new file mode 100644
index 0000000000..567a0f7f15
--- /dev/null
+++ b/test-data/slideshow/clusterfuzz-testcase-minimized-POIHSLFFuzzer-4838893004128256.ppt
diff --git a/test-data/spreadsheet/stress.xls b/test-data/spreadsheet/stress.xls
index aa7d2883c7..2352603880 100644
--- a/test-data/spreadsheet/stress.xls
+++ b/test-data/spreadsheet/stress.xls