Author: centic
Date: Sat Dec 30 19:39:24 2023
New Revision: 1915003

URL: http://svn.apache.org/viewvc?rev=1915003&view=rev
Log:
Bug 66425: Avoid exceptions found via poi-fuzz

Prevent ClassCastException

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63736

Added:
    
poi/trunk/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIHSSFFuzzer-6537773940867072.xls
Modified:
    
poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptionInfoBuilder.java
    
poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java
    poi/trunk/test-data/spreadsheet/stress.xls

Modified: 
poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptionInfoBuilder.java
URL: 
http://svn.apache.org/viewvc/poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptionInfoBuilder.java?rev=1915003&r1=1915002&r2=1915003&view=diff
==============================================================================
--- 
poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptionInfoBuilder.java
 (original)
+++ 
poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptionInfoBuilder.java
 Sat Dec 30 19:39:24 2023
@@ -36,6 +36,10 @@ public class AgileEncryptionInfoBuilder
 
     @Override
     public void initialize(EncryptionInfo info, LittleEndianInput dis) throws 
IOException {
+        if (!(dis instanceof InputStream)) {
+            throw new IllegalArgumentException("Had unexpected type of input: 
" + (dis == null ? "<null>" : dis.getClass()));
+        }
+
         EncryptionDocument ed = parseDescriptor((InputStream)dis);
         info.setHeader(new AgileEncryptionHeader(ed));
         info.setVerifier(new AgileEncryptionVerifier(ed));

Modified: 
poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java
URL: 
http://svn.apache.org/viewvc/poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java?rev=1915003&r1=1915002&r2=1915003&view=diff
==============================================================================
--- 
poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java 
(original)
+++ 
poi/trunk/poi/src/test/java/org/apache/poi/hssf/dev/BaseTestIteratingXLS.java 
Sat Dec 30 19:39:24 2023
@@ -89,6 +89,7 @@ public abstract class BaseTestIteratingX
         // fuzzed binaries
         
excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-6322470200934400.xls",
 RuntimeException.class);
         
excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-4819588401201152.xls",
 RuntimeException.class);
+        
excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-6537773940867072.xls",
 RuntimeException.class);
         return excludes;
     }
 

Added: 
poi/trunk/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIHSSFFuzzer-6537773940867072.xls
URL: 
http://svn.apache.org/viewvc/poi/trunk/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIHSSFFuzzer-6537773940867072.xls?rev=1915003&view=auto
==============================================================================
Binary files 
poi/trunk/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIHSSFFuzzer-6537773940867072.xls
 (added) and 
poi/trunk/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIHSSFFuzzer-6537773940867072.xls
 Sat Dec 30 19:39:24 2023 differ

Modified: poi/trunk/test-data/spreadsheet/stress.xls
URL: 
http://svn.apache.org/viewvc/poi/trunk/test-data/spreadsheet/stress.xls?rev=1915003&r1=1915002&r2=1915003&view=diff
==============================================================================
Binary files - no diff available.



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to