| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Processing formats uses regular expressions. Very complex formats
can recurse very deeply and thus can cause StackOVerflows depending
on the used stack-size.
In order to handle this a bit more gracefully, we now catch this
and report a better exception with details about the parsed
format and potential mitigation.
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66137
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1919342 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid a possible OutOfMemoryException with many child-records
This avoids having too many children in EscherRecords, the limit of
100_000 is arbitrarily chosen and can be adjusted if needed
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62924 and maybe others
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1919272 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid a possible StackOverflowException
This adds support of counting of the "nesting level" into the base
EscherRecord and thus makes this existing limitation much more effective
as it kicks in for more types of nested records.
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66374
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1919256 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
Using char[] instead of String improves performance of this
operation considerably, especially in JDK 11+ where StringBuilder
was switched to work on bytes instead of chars.
This is likely only relevant for very large documents, it was visible
in a synthetic test-file from fuzzing.
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1919239 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1919238 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Prevent too much memory usage
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67413
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1919237 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1918804 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1918175 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
| |
This avoids "breaking" a few documents which could be opened before.
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1918118 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
Use NullOutputStream.INSTANCE
Rework one test slightly
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1918116 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
- don't use foreign class in Logger initialization
- update log statements to use MessageFormat syntax
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1915930 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1915701 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
Prevent a few NullPointerException
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65450 and
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63907 and
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63727
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1915480 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Prevent NullPointerException
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64943
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1915004 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Prevent StackOverflow via endless nesting
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65303
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1914989 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1914785 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
Change an assertion which can be triggered via an
input-document.
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63309
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1914403 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1913795 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
Fix one expected exception-text which is different
on newer Java versions
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63143
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1913384 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1913004 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing ClassCastExceptions,
but it was possible to trigger one here with a specially
crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62795
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912796 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing NullPointerException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62626
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912792 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing NullPointerException, ClassCastExceptions
and StackOverflowException, but it was possible to trigger them
Also improve some exception messages
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62698
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62606
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62685
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912707 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912638 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing NullPointerException, ClassCastExceptions and StackOverflowException, but it was possible
to trigger them
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62548 and https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62564
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912464 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912438 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing NullPointerException, ClassCastExceptions and StackOverflowException, but it was possible
to trigger them
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62530 and https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62491
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912433 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
| |
Otherwise this still triggered StackOverflow on some version of JDK
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912403 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing NullPointerException, ClassCastExceptions and StackOverflowException, but it was possible
to trigger them
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61562
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62068
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912383 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912367 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
poi-fuzz
We try to avoid throwing NullPointerException and ClassCastExceptions, but it was possible
to trigger them
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62414
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62442
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62450
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912365 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing NullPointerException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62216
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912250 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing NullPointerException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62128
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912199 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
Without Isolation, one test did change static settings
and thus could cause flaky tests
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911891 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61578
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911860 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61400
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911618 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing NullPointerException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61372
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911603 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61330
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911586 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Handle some data that can be missing properly.
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61332
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911585 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
| |
We try to avoid causing StackOverflow, but it was possible
to trigger one here with a specially crafted input-file.
This puts a limit on the number of nested children in place
and logs a warning when the Stream is not fully parsed.
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61256
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911577 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61306
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911573 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61317
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911565 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
| |
We try to avoid causing StackOverflow, but it was possible
to trigger one here with a specially crafted input-file.
This puts a limit on the number of nested properties in place
and logs a warning when the StyleSheet is not fully parsed.
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61252
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911563 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We try to generally avoid overly large allocations in places
where arrays are allocated.
We add one more such check for pictures in HSLF.
We might need to increase the used value of 10MB if users report
larger files being used frequently.
Overriding this check via IOUtils is possible.
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911525 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
| |
Fix previous changes
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911522 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61259
Also fix handling of NullPointerException
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911517 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing AssertionError to be triggered by input data, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61251
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911514 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61243
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911507 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
| |
Add exception details and fix expected exceptions to make tests run again
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911503 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
We try to avoid throwing ClassCastException, but it was possible
to trigger one here with a specially crafted input-file
Also rework test a bit to use try-with-resources and proper formatting
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61221
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1911494 13f79535-47bb-0310-9956-ffa450edef68
|