(commons-text) branch master updated: Add test for OSS-Fuzz issue 42527553

Sun, 22 Sep 2024 06:50:56 -0700 

This is an automated email from the ASF dual-hosted git repository.

ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-text.git


The following commit(s) were added to refs/heads/master by this push:
     new 15420363 Add test for OSS-Fuzz issue 42527553
15420363 is described below

commit 15420363ca0296b0df99b76cc0d7fa05e1fa17f3
Author: Gary Gregory <garydgreg...@gmail.com>
AuthorDate: Sun Sep 22 09:50:28 2024 -0400

    Add test for OSS-Fuzz issue 42527553
    
    - apache-commons-text:StringSubstitutorInterpolatorFuzzer: Security
    exception in java.base/java.util.Arrays.copyOf
    - https://issues.oss-fuzz.com/issues/42527553
---
 .../commons/text/StringSubstitutorOssFuzzTest.java | 35 ++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git 
a/src/test/java/org/apache/commons/text/StringSubstitutorOssFuzzTest.java 
b/src/test/java/org/apache/commons/text/StringSubstitutorOssFuzzTest.java
new file mode 100644
index 00000000..19f52573
--- /dev/null
+++ b/src/test/java/org/apache/commons/text/StringSubstitutorOssFuzzTest.java
@@ -0,0 +1,35 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.text;
+
+import org.junit.jupiter.api.Test;
+
+public class StringSubstitutorOssFuzzTest {
+
+    /**
+     * Tests OSS-Fuzz issue 42527553
+     *
+     * apache-commons-text:StringSubstitutorInterpolatorFuzzer: Security 
exception in java.base/java.util.Arrays.copyOf
+     *
+     * https://issues.oss-fuzz.com/issues/42527553
+     */
+    @Test
+    public void test42527553() {
+        
StringSubstitutor.createInterpolator().replace("${date:swswswswsws\177sw\001\000swswswswswwswsswswswsws\177sw\001\000swswswsswswswswswswswswswswsws}");
+    }
+}

Reply via email to