Author: centic Date: Thu Sep 7 12:20:28 2023 New Revision: 1912162 URL: http://svn.apache.org/viewvc?rev=1912162&view=rev Log: Bug 66425: Avoid a ClassCastException found via oss-fuzz
We try to avoid throwing ClassCastException, but it was possible to trigger one here with a specially crafted input-file Also add SXSSFWorkbook.write() to integrationtests Fixes https://oss-fuzz.com/testcase-detail/5185049589579776 Added: poi/trunk/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIXSSFFuzzer-5185049589579776.xlsx (with props) Modified: poi/trunk/poi-integration/src/test/java/org/apache/poi/stress/XSSFFileHandler.java poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xssf/usermodel/XSSFTable.java poi/trunk/poi-ooxml/src/test/java/org/apache/poi/xssf/streaming/TestSXSSFWorkbook.java poi/trunk/test-data/spreadsheet/stress.xls Modified: poi/trunk/poi-integration/src/test/java/org/apache/poi/stress/XSSFFileHandler.java URL: http://svn.apache.org/viewvc/poi/trunk/poi-integration/src/test/java/org/apache/poi/stress/XSSFFileHandler.java?rev=1912162&r1=1912161&r2=1912162&view=diff ============================================================================== --- poi/trunk/poi-integration/src/test/java/org/apache/poi/stress/XSSFFileHandler.java (original) +++ poi/trunk/poi-integration/src/test/java/org/apache/poi/stress/XSSFFileHandler.java Thu Sep 7 12:20:28 2023 @@ -28,6 +28,7 @@ import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; +import java.io.OutputStream; import java.io.PrintStream; import java.util.HashSet; import java.util.Iterator; @@ -54,6 +55,7 @@ import org.apache.poi.ss.usermodel.Sheet import org.apache.poi.util.IOUtils; import org.apache.poi.xssf.eventusermodel.XSSFReader; import org.apache.poi.xssf.extractor.XSSFExportToXml; +import org.apache.poi.xssf.streaming.SXSSFWorkbook; import org.apache.poi.xssf.usermodel.XSSFMap; import org.apache.poi.xssf.usermodel.XSSFSheet; import org.apache.poi.xssf.usermodel.XSSFWorkbook; @@ -115,6 +117,13 @@ public class XSSFFileHandler extends Spr // and finally ensure that exporting to XML works exportToXML(wb); + // also try to read and write the sheet via SXSSF + try (SXSSFWorkbook swb = new SXSSFWorkbook(wb)) { + try (OutputStream out = NullOutputStream.INSTANCE) { + swb.write(out); + } + } + // this allows to trigger a heap-dump at this point to see which memory is still allocated //HeapDump.dumpHeap("/tmp/poi.hprof", false); Modified: poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xssf/usermodel/XSSFTable.java URL: http://svn.apache.org/viewvc/poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xssf/usermodel/XSSFTable.java?rev=1912162&r1=1912161&r2=1912162&view=diff ============================================================================== --- poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xssf/usermodel/XSSFTable.java (original) +++ poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xssf/usermodel/XSSFTable.java Thu Sep 7 12:20:28 2023 @@ -803,7 +803,12 @@ public class XSSFTable extends POIXMLDoc * manually add cells with values of "Column1", "Column2" etc first. */ public void updateHeaders() { - XSSFSheet sheet = (XSSFSheet)getParent(); + final POIXMLDocumentPart parent = getParent(); + if (!(parent instanceof XSSFSheet)) { + throw new IllegalArgumentException("Had unexpected type of parent: " + (parent == null ? "<null>" : parent.getClass())); + } + + XSSFSheet sheet = (XSSFSheet) parent; CellReference ref = getStartCellReference(); if (ref == null) return; Modified: poi/trunk/poi-ooxml/src/test/java/org/apache/poi/xssf/streaming/TestSXSSFWorkbook.java URL: http://svn.apache.org/viewvc/poi/trunk/poi-ooxml/src/test/java/org/apache/poi/xssf/streaming/TestSXSSFWorkbook.java?rev=1912162&r1=1912161&r2=1912162&view=diff ============================================================================== --- poi/trunk/poi-ooxml/src/test/java/org/apache/poi/xssf/streaming/TestSXSSFWorkbook.java (original) +++ poi/trunk/poi-ooxml/src/test/java/org/apache/poi/xssf/streaming/TestSXSSFWorkbook.java Thu Sep 7 12:20:28 2023 @@ -33,6 +33,7 @@ import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; +import java.io.OutputStream; import java.time.LocalDate; import java.util.Arrays; @@ -725,4 +726,13 @@ public final class TestSXSSFWorkbook ext } } + @Test + void writeBrokenFile() throws IOException { + try (final Workbook wb = _testDataProvider.openSampleWorkbook("clusterfuzz-testcase-minimized-POIXSSFFuzzer-5185049589579776.xlsx")) { + try (OutputStream out = NullOutputStream.INSTANCE) { + assertThrows(IllegalArgumentException.class, + () -> wb.write(out)); + } + } + } } Added: poi/trunk/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIXSSFFuzzer-5185049589579776.xlsx URL: http://svn.apache.org/viewvc/poi/trunk/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIXSSFFuzzer-5185049589579776.xlsx?rev=1912162&view=auto ============================================================================== Binary file - no diff available. Propchange: poi/trunk/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIXSSFFuzzer-5185049589579776.xlsx ------------------------------------------------------------------------------ --- svn:mime-type (added) +++ svn:mime-type Thu Sep 7 12:20:28 2023 @@ -0,0 +1 @@ +application/vnd.openxmlformats-officedocument.spreadsheetml.sheet Modified: poi/trunk/test-data/spreadsheet/stress.xls URL: http://svn.apache.org/viewvc/poi/trunk/test-data/spreadsheet/stress.xls?rev=1912162&r1=1912161&r2=1912162&view=diff ============================================================================== Binary files - no diff available. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
