Author: centic Date: Mon Sep 11 18:25:18 2023 New Revision: 1912253 URL: http://svn.apache.org/viewvc?rev=1912253&view=rev Log: Bug 66425: Avoid a NullPointerException found via oss-fuzz
We try to avoid throwing NullPointerException, but it was possible to trigger one here with a specially crafted input-file Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62225 Added: poi/trunk/test-data/document/clusterfuzz-testcase-minimized-POIXWPFFuzzer-5564805011079168.docx Modified: poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xwpf/model/XWPFCommentsDecorator.java Modified: poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xwpf/model/XWPFCommentsDecorator.java URL: http://svn.apache.org/viewvc/poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xwpf/model/XWPFCommentsDecorator.java?rev=1912253&r1=1912252&r2=1912253&view=diff ============================================================================== --- poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xwpf/model/XWPFCommentsDecorator.java (original) +++ poi/trunk/poi-ooxml/src/main/java/org/apache/poi/xwpf/model/XWPFCommentsDecorator.java Mon Sep 11 18:25:18 2023 @@ -16,6 +16,8 @@ ==================================================================== */ package org.apache.poi.xwpf.model; +import java.math.BigInteger; + import org.apache.poi.xwpf.usermodel.XWPFComment; import org.apache.poi.xwpf.usermodel.XWPFParagraph; import org.openxmlformats.schemas.wordprocessingml.x2006.main.CTMarkupRange; @@ -38,7 +40,9 @@ public class XWPFCommentsDecorator exten commentText = new StringBuilder(64); for (CTMarkupRange anchor : paragraph.getCTP().getCommentRangeStartArray()) { - if ((comment = paragraph.getDocument().getCommentByID(anchor.getId().toString())) != null) { + BigInteger id = anchor.getId(); + if (id != null && + (comment = paragraph.getDocument().getCommentByID(id.toString())) != null) { commentText.append("\tComment by ") .append(comment.getAuthor()) .append(": ") Added: poi/trunk/test-data/document/clusterfuzz-testcase-minimized-POIXWPFFuzzer-5564805011079168.docx URL: http://svn.apache.org/viewvc/poi/trunk/test-data/document/clusterfuzz-testcase-minimized-POIXWPFFuzzer-5564805011079168.docx?rev=1912253&view=auto ============================================================================== Binary files poi/trunk/test-data/document/clusterfuzz-testcase-minimized-POIXWPFFuzzer-5564805011079168.docx (added) and poi/trunk/test-data/document/clusterfuzz-testcase-minimized-POIXWPFFuzzer-5564805011079168.docx Mon Sep 11 18:25:18 2023 differ --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@poi.apache.org For additional commands, e-mail: commits-h...@poi.apache.org
