Author: centic Date: Thu Sep 21 15:06:28 2023 New Revision: 1912464 URL: http://svn.apache.org/viewvc?rev=1912464&view=rev Log: Bug 66425: Avoid exceptions found via poi-fuzz
We try to avoid throwing NullPointerException, ClassCastExceptions and StackOverflowException, but it was possible to trigger them Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62548 and https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62564 Added: poi/trunk/test-data/slideshow/clusterfuzz-testcase-minimized-POIFuzzer-6411649193738240.ppt (with props) poi/trunk/test-data/slideshow/clusterfuzz-testcase-minimized-POIXSLFFuzzer-5471515212382208.pptx (with props) Modified: poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xslf/usermodel/XSLFDiagram.java poi/trunk/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/BaseTestPPTIterating.java poi/trunk/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/TestPPTXMLDump.java poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/KeyData.java poi/trunk/test-data/spreadsheet/stress.xls Modified: poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xslf/usermodel/XSLFDiagram.java URL: http://svn.apache.org/viewvc/poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xslf/usermodel/XSLFDiagram.java?rev=1912464&r1=1912463&r2=1912464&view=diff ============================================================================== --- poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xslf/usermodel/XSLFDiagram.java (original) +++ poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xslf/usermodel/XSLFDiagram.java Thu Sep 21 15:06:28 2023 @@ -214,8 +214,12 @@ public class XSLFDiagram extends XSLFGra CTGroupShapeProperties groupShapePropsCt = groupShapeCt.addNewGrpSpPr(); CTGroupShapeNonVisual groupShapeNonVisualCt = groupShapeCt.addNewNvGrpSpPr(); - groupShapeNonVisualCt.setCNvPr(msGroupShapeCt.getNvGrpSpPr().getCNvPr()); - groupShapeNonVisualCt.setCNvGrpSpPr(msGroupShapeCt.getNvGrpSpPr().getCNvGrpSpPr()); + final com.microsoft.schemas.office.drawing.x2008.diagram.CTGroupShapeNonVisual nvGrpSpPr = + msGroupShapeCt.getNvGrpSpPr(); + if (nvGrpSpPr != null) { + groupShapeNonVisualCt.setCNvPr(nvGrpSpPr.getCNvPr()); + groupShapeNonVisualCt.setCNvGrpSpPr(nvGrpSpPr.getCNvGrpSpPr()); + } groupShapeNonVisualCt.setNvPr(CTApplicationNonVisualDrawingProps.Factory.newInstance()); for (CTShape msShapeCt : msGroupShapeCt.getSpList()) { Modified: poi/trunk/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/BaseTestPPTIterating.java URL: http://svn.apache.org/viewvc/poi/trunk/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/BaseTestPPTIterating.java?rev=1912464&r1=1912463&r2=1912464&view=diff ============================================================================== --- poi/trunk/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/BaseTestPPTIterating.java (original) +++ poi/trunk/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/BaseTestPPTIterating.java Thu Sep 21 15:06:28 2023 @@ -67,6 +67,7 @@ public abstract class BaseTestPPTIterati EXCLUDED.put("clusterfuzz-testcase-minimized-POIFuzzer-5681320547975168.ppt", FileNotFoundException.class); EXCLUDED.put("clusterfuzz-testcase-minimized-POIHSLFFuzzer-5962760801091584.ppt", RuntimeException.class); EXCLUDED.put("clusterfuzz-testcase-minimized-POIHSLFFuzzer-5231088823566336.ppt", FileNotFoundException.class); + EXCLUDED.put("clusterfuzz-testcase-minimized-POIFuzzer-6411649193738240.ppt", FileNotFoundException.class); } public static Stream<Arguments> files() { Modified: poi/trunk/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/TestPPTXMLDump.java URL: http://svn.apache.org/viewvc/poi/trunk/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/TestPPTXMLDump.java?rev=1912464&r1=1912463&r2=1912464&view=diff ============================================================================== --- poi/trunk/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/TestPPTXMLDump.java (original) +++ poi/trunk/poi-scratchpad/src/test/java/org/apache/poi/hslf/dev/TestPPTXMLDump.java Thu Sep 21 15:06:28 2023 @@ -66,7 +66,8 @@ public class TestPPTXMLDump extends Base // work around two files which works here but not in other tests if (pFile.getName().equals("clusterfuzz-testcase-minimized-POIFuzzer-5429732352851968.ppt") || pFile.getName().equals("clusterfuzz-testcase-minimized-POIFuzzer-5681320547975168.ppt") || - pFile.getName().equals("clusterfuzz-testcase-minimized-POIHSLFFuzzer-5231088823566336.ppt")) { + pFile.getName().equals("clusterfuzz-testcase-minimized-POIHSLFFuzzer-5231088823566336.ppt") || + pFile.getName().equals("clusterfuzz-testcase-minimized-POIFuzzer-6411649193738240.ppt")) { throw new FileNotFoundException(); } } Modified: poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/KeyData.java URL: http://svn.apache.org/viewvc/poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/KeyData.java?rev=1912464&r1=1912463&r2=1912464&view=diff ============================================================================== --- poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/KeyData.java (original) +++ poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/KeyData.java Thu Sep 21 15:06:28 2023 @@ -60,7 +60,7 @@ public class KeyData { blockSize = getIntAttr(keyData, "blockSize"); keyBits = getIntAttr(keyData, "keyBits"); hashSize = getIntAttr(keyData, "hashSize"); - cipherAlgorithm = CipherAlgorithm.fromXmlId(keyData.getAttribute("cipherAlgorithm"), keyBits); + cipherAlgorithm = CipherAlgorithm.fromXmlId(keyData.getAttribute("cipherAlgorithm"), keyBits == null ? -1 : keyBits); cipherChaining = ChainingMode.fromXmlId(keyData.getAttribute("cipherChaining")); hashAlgorithm = HashAlgorithm.fromEcmaId(keyData.getAttribute("hashAlgorithm")); if (cipherAlgorithm == null || cipherChaining == null || hashAlgorithm == null) { Added: poi/trunk/test-data/slideshow/clusterfuzz-testcase-minimized-POIFuzzer-6411649193738240.ppt URL: http://svn.apache.org/viewvc/poi/trunk/test-data/slideshow/clusterfuzz-testcase-minimized-POIFuzzer-6411649193738240.ppt?rev=1912464&view=auto ============================================================================== Binary file - no diff available. Propchange: poi/trunk/test-data/slideshow/clusterfuzz-testcase-minimized-POIFuzzer-6411649193738240.ppt ------------------------------------------------------------------------------ svn:mime-type = application/vnd.ms-powerpoint Added: poi/trunk/test-data/slideshow/clusterfuzz-testcase-minimized-POIXSLFFuzzer-5471515212382208.pptx URL: http://svn.apache.org/viewvc/poi/trunk/test-data/slideshow/clusterfuzz-testcase-minimized-POIXSLFFuzzer-5471515212382208.pptx?rev=1912464&view=auto ============================================================================== Binary file - no diff available. Propchange: poi/trunk/test-data/slideshow/clusterfuzz-testcase-minimized-POIXSLFFuzzer-5471515212382208.pptx ------------------------------------------------------------------------------ --- svn:mime-type (added) +++ svn:mime-type Thu Sep 21 15:06:28 2023 @@ -0,0 +1 @@ +application/vnd.openxmlformats-officedocument.presentationml.presentation Modified: poi/trunk/test-data/spreadsheet/stress.xls URL: http://svn.apache.org/viewvc/poi/trunk/test-data/spreadsheet/stress.xls?rev=1912464&r1=1912463&r2=1912464&view=diff ============================================================================== Binary files - no diff available. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
