Author: centic Date: Sat Oct 7 22:12:35 2023 New Revision: 1912795 URL: http://svn.apache.org/viewvc?rev=1912795&view=rev Log: Bug 66425: Avoid Exceptions found via oss-fuzz
We try to avoid throwing NullPointerExceptions or endless allocations, but it was possible to trigger one here with a specially crafted input-file Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62745 Added: poi/trunk/test-data/diagram/clusterfuzz-testcase-minimized-POIVisioFuzzer-5981064948219904.vsdx Modified: poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xdgf/usermodel/section/geometry/LineTo.java poi/trunk/test-data/spreadsheet/stress.xls Modified: poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xdgf/usermodel/section/geometry/LineTo.java URL: http://svn.apache.org/viewvc/poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xdgf/usermodel/section/geometry/LineTo.java?rev=1912795&r1=1912794&r2=1912795&view=diff ============================================================================== --- poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xdgf/usermodel/section/geometry/LineTo.java (original) +++ poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xdgf/usermodel/section/geometry/LineTo.java Sat Oct 7 22:12:35 2023 @@ -43,9 +43,9 @@ public class LineTo implements GeometryR for (CellType cell : row.getCellArray()) { String cellName = cell.getN(); - if (cellName.equals("X")) { + if ("X".equals(cellName)) { x = XDGFCell.parseDoubleValue(cell); - } else if (cellName.equals("Y")) { + } else if ("Y".equals(cellName)) { y = XDGFCell.parseDoubleValue(cell); } else { throw new POIXMLException("Invalid cell '" + cellName Added: poi/trunk/test-data/diagram/clusterfuzz-testcase-minimized-POIVisioFuzzer-5981064948219904.vsdx URL: http://svn.apache.org/viewvc/poi/trunk/test-data/diagram/clusterfuzz-testcase-minimized-POIVisioFuzzer-5981064948219904.vsdx?rev=1912795&view=auto ============================================================================== Binary files poi/trunk/test-data/diagram/clusterfuzz-testcase-minimized-POIVisioFuzzer-5981064948219904.vsdx (added) and poi/trunk/test-data/diagram/clusterfuzz-testcase-minimized-POIVisioFuzzer-5981064948219904.vsdx Sat Oct 7 22:12:35 2023 differ Modified: poi/trunk/test-data/spreadsheet/stress.xls URL: http://svn.apache.org/viewvc/poi/trunk/test-data/spreadsheet/stress.xls?rev=1912795&r1=1912794&r2=1912795&view=diff ============================================================================== Binary files - no diff available. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
