[Bug 69956] New: RLEDecompressingInputStream triggers IllegalStateException: Not enough bytes on malformed input

bugzilla Wed, 18 Feb 2026 23:19:44 -0800

https://bz.apache.org/bugzilla/show_bug.cgi?id=69956


            Bug ID: 69956
           Summary: RLEDecompressingInputStream triggers
                    IllegalStateException: Not enough bytes on malformed
                    input
           Product: POI
           Version: unspecified
          Hardware: PC
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: POI Overall
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: ---

Created attachment 40153
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=40153&action=edit
Java reproducer for IllegalStateException in RLEDecompressingInputStream. This
standalone class reproduces the 'Not enough bytes' crash when processing
malformed RLE data.

I identified a runtime exception in RLEDecompressingInputStream while fuzzing
the library with Jazzer/OSS-Fuzz. 

Stack Trace:
java.lang.IllegalStateException: Not enough bytes
    at
org.apache.poi.util.RLEDecompressingInputStream.readChunk(RLEDecompressingInputStream.java)
    at
org.apache.poi.util.RLEDecompressingInputStream.read(RLEDecompressingInputStream.java)

Steps to Reproduce:
I have attached a Java reproducer that triggers this state. This was discovered
as part of a new fuzzer integration for OSS-Fuzz.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[Bug 69956] New: RLEDecompressingInputStream triggers IllegalStateException: Not enough bytes on malformed input

Reply via email to