From fc17f113d8a14341bc753231877d0d9b3c312118 Mon Sep 17 00:00:00 2001
From: Dominik Stadler <centic@apache.org>
Date: Sun, 14 Jul 2024 11:26:50 +0000
Subject: Bug 66425: Avoid exceptions found via poi-fuzz

Prevent a ClassCastException

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66089

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1919214 13f79535-47bb-0310-9956-ffa450edef68
---
 poi/src/main/java/org/apache/poi/hssf/record/RecordInputStream.java | 3 +++
 poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java | 1 +
 2 files changed, 4 insertions(+)

(limited to 'poi')

diff --git a/poi/src/main/java/org/apache/poi/hssf/record/RecordInputStream.java b/poi/src/main/java/org/apache/poi/hssf/record/RecordInputStream.java
index caeac85d66..06420f394b 100644
--- a/poi/src/main/java/org/apache/poi/hssf/record/RecordInputStream.java
+++ b/poi/src/main/java/org/apache/poi/hssf/record/RecordInputStream.java
@@ -516,6 +516,9 @@ public final class RecordInputStream implements LittleEndianInput {
      */
     @Internal
     public void mark(int readlimit) {
+        if (!(_dataInput instanceof InputStream)) {
+            throw new IllegalStateException("Cannot use mark for dataInput of type " + _dataInput.getClass() + ", need an InputStream");
+        }
         ((InputStream)_dataInput).mark(readlimit);
         _markedDataOffset = _currentDataOffset;
     }
diff --git a/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java b/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java
index b239be7923..5ac8864f17 100644
--- a/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java
+++ b/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java
@@ -90,6 +90,7 @@ public abstract class BaseTestIteratingXLS {
         excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-6322470200934400.xls", RuntimeException.class);
         excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-4819588401201152.xls", RuntimeException.class);
         excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-6537773940867072.xls", RuntimeException.class);
+        excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-4651309315719168.xls", RuntimeException.class);
         return excludes;
     }
 
-- 
cgit v1.2.3