Author: centic Date: Mon Aug 7 15:15:38 2023 New Revision: 1911515 URL: http://svn.apache.org/viewvc?rev=1911515&view=rev Log: Bug 66425: Avoid a ClassCastException found via oss-fuzz
We try to avoid throwing ClassCastException, but it was possible to trigger one here with a specially crafted input-file Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61242 Also enhance output of some test-failures and allow an empty exception message Added: poi/trunk/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIHSSFFuzzer-5285517825277952.xls (with props) Modified: poi/trunk/poi-integration/src/test/java/org/apache/poi/stress/TestAllFiles.java poi/trunk/poi/src/main/java/org/apache/poi/hssf/usermodel/HSSFShapeGroup.java poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/TestBiffDrawingToXml.java poi/trunk/poi/src/test/java/org/apache/poi/hssf/model/TestDrawingAggregate.java poi/trunk/test-data/spreadsheet/stress.xls Modified: poi/trunk/poi-integration/src/test/java/org/apache/poi/stress/TestAllFiles.java URL: http://svn.apache.org/viewvc/poi/trunk/poi-integration/src/test/java/org/apache/poi/stress/TestAllFiles.java?rev=1911515&r1=1911514&r2=1911515&view=diff ============================================================================== --- poi/trunk/poi-integration/src/test/java/org/apache/poi/stress/TestAllFiles.java (original) +++ poi/trunk/poi-integration/src/test/java/org/apache/poi/stress/TestAllFiles.java Mon Aug 7 15:15:38 2023 @@ -42,6 +42,7 @@ import org.junit.jupiter.api.parallel.Ex import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.Arguments; import org.junit.jupiter.params.provider.MethodSource; +import org.junit.platform.commons.util.StringUtils; import org.opentest4j.AssertionFailedError; /** @@ -251,12 +252,12 @@ public class TestAllFiles { } else if (exClass != null) { Exception e = assertThrows((Class<? extends Exception>)exClass, exec, errPrefix + " expected " + exClass); String actMsg = pathReplace(e.getMessage()); - if (NullPointerException.class.isAssignableFrom(exClass)) { - if (actMsg != null) { - assertTrue(actMsg.contains(exMessage), errPrefix + "Message: "+actMsg+" - didn't contain: "+exMessage); - } - } else { - assertNotNull(actMsg, errPrefix); + + // verify that message is either null for both or set for both + assertTrue(actMsg != null || StringUtils.isBlank(exMessage), + errPrefix + " for " + exClass + " expected message '" + exMessage + "' but had '" + actMsg + "'"); + + if (actMsg != null) { assertTrue(actMsg.contains(exMessage), errPrefix + "Message: " + actMsg + " - didn't contain: " + exMessage); } Modified: poi/trunk/poi/src/main/java/org/apache/poi/hssf/usermodel/HSSFShapeGroup.java URL: http://svn.apache.org/viewvc/poi/trunk/poi/src/main/java/org/apache/poi/hssf/usermodel/HSSFShapeGroup.java?rev=1911515&r1=1911514&r2=1911515&view=diff ============================================================================== --- poi/trunk/poi/src/main/java/org/apache/poi/hssf/usermodel/HSSFShapeGroup.java (original) +++ poi/trunk/poi/src/main/java/org/apache/poi/hssf/usermodel/HSSFShapeGroup.java Mon Aug 7 15:15:38 2023 @@ -54,7 +54,11 @@ public class HSSFShapeGroup extends HSSF // read internal and external coordinates from spgrContainer EscherContainerRecord spContainer = spgrContainer.getChildContainers().get(0); - _spgrRecord = (EscherSpgrRecord) spContainer.getChild(0); + final EscherRecord child = spContainer.getChild(0); + if (!(child instanceof EscherSpgrRecord)) { + throw new IllegalArgumentException("Had unexpected type of child at index 0: " + child.getClass()); + } + _spgrRecord = (EscherSpgrRecord) child; for (EscherRecord ch : spContainer) { switch (EscherRecordTypes.forTypeID(ch.getRecordId())) { case CLIENT_ANCHOR: Modified: poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java URL: http://svn.apache.org/viewvc/poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java?rev=1911515&r1=1911514&r2=1911515&view=diff ============================================================================== --- poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java (original) +++ poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java Mon Aug 7 15:15:38 2023 @@ -102,9 +102,9 @@ public abstract class BaseTestIteratingX Executable ex = () -> runOneFile(file); if (t == null) { - assertDoesNotThrow(ex); + assertDoesNotThrow(ex, "Failing file: " + file); } else { - assertThrows(t, ex); + assertThrows(t, ex, "Failing file: " + file); } } Modified: poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/TestBiffDrawingToXml.java URL: http://svn.apache.org/viewvc/poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/TestBiffDrawingToXml.java?rev=1911515&r1=1911514&r2=1911515&view=diff ============================================================================== --- poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/TestBiffDrawingToXml.java (original) +++ poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/TestBiffDrawingToXml.java Mon Aug 7 15:15:38 2023 @@ -54,6 +54,7 @@ class TestBiffDrawingToXml extends BaseT excludes.put("43493.xls", RecordInputStream.LeftoverDataException.class); excludes.put("44958_1.xls", RecordInputStream.LeftoverDataException.class); excludes.put("protected_66115.xls", EncryptedDocumentException.class); + excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-5285517825277952.xls", IllegalArgumentException.class); return excludes; } Modified: poi/trunk/poi/src/test/java/org/apache/poi/hssf/model/TestDrawingAggregate.java URL: http://svn.apache.org/viewvc/poi/trunk/poi/src/test/java/org/apache/poi/hssf/model/TestDrawingAggregate.java?rev=1911515&r1=1911514&r2=1911515&view=diff ============================================================================== --- poi/trunk/poi/src/test/java/org/apache/poi/hssf/model/TestDrawingAggregate.java (original) +++ poi/trunk/poi/src/test/java/org/apache/poi/hssf/model/TestDrawingAggregate.java Mon Aug 7 15:15:38 2023 @@ -136,7 +136,9 @@ class TestDrawingAggregate { File[] files = testData.listFiles((dir, name) -> name.endsWith(".xls")); assertNotNull(files, "Need to find files in test-data path, had path: " + testData); - return Stream.of(files).map(Arguments::of); + return Stream.of(files). + filter(file -> !file.getName().equals("clusterfuzz-testcase-minimized-POIHSSFFuzzer-5285517825277952.xls")). + map(Arguments::of); } /** Added: poi/trunk/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIHSSFFuzzer-5285517825277952.xls URL: http://svn.apache.org/viewvc/poi/trunk/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIHSSFFuzzer-5285517825277952.xls?rev=1911515&view=auto ============================================================================== Binary file - no diff available. Propchange: poi/trunk/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIHSSFFuzzer-5285517825277952.xls ------------------------------------------------------------------------------ svn:mime-type = application/vnd.ms-excel Modified: poi/trunk/test-data/spreadsheet/stress.xls URL: http://svn.apache.org/viewvc/poi/trunk/test-data/spreadsheet/stress.xls?rev=1911515&r1=1911514&r2=1911515&view=diff ============================================================================== Binary files - no diff available. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
