Add fuzz targets for OSS-Fuzz integration (RLE + FormulaParser) (#1020)

* Add new module "poi-fuzz" for providing fuzz-targets for oss-fuzz
* Add RLE decompression fuzz target for OSS-Fuzz integration
* Add FormulaParser fuzz target and dictionary for OSS-Fuzz
* Moving existing fuzz-targets will be done in a separate step

Author: vishalcoc44

poi-fuzz/build.gradle

@@ -0,0 +1,35 @@
+/* ====================================================================
+   Licensed to the Apache Software Foundation (ASF) under one or more
+   contributor license agreements.  See the NOTICE file distributed with
+   this work for additional information regarding copyright ownership.
+   The ASF licenses this file to You under the Apache License, Version 2.0
+   (the "License"); you may not use this file except in compliance with
+   the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+==================================================================== */
+
+// Fuzz targets for OSS-Fuzz integration.
+// Jazzer is provided at runtime by the OSS-Fuzz build environment; we only
+// need the API jar at compile time.
+
+dependencies {
+    implementation project(':poi')
+
+    compileOnly 'com.code-intelligence:jazzer-api:0.22.0'
+}
+
+// Fuzz targets are not standard JUnit tests; disable the test task.
+test.enabled = false
+
+javadoc.enabled = false
+sourcesJar.enabled = false
+
+generateMetadataFileForPOIPublication.enabled = false
+publishPOIPublicationToMavenLocal.enabled = false

poi-fuzz/src/main/java/org/apache/poi/fuzz/FormulaParserFuzzer.dict

@@ -0,0 +1,63 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Excel Formula Dictionary for FormulaParserFuzzer
+"SUM"
+"AVERAGE"
+"COUNT"
+"IF"
+"VLOOKUP"
+"Table1"
+"["
+"]"
+"[["
+"]]"
+"#"
+"#All"
+"#Headers"
+"#Data"
+"#Totals"
+"#This Row"
+"'"
+"!"
+":"
+","
+"("
+")"
+"\""
+"+"
+"-"
+"*"
+"/"
+"^"
+"&"
+"="
+"<"
+">"
+"<="
+">="
+"<>"
+"$"
+"."
+" "
+"@"
+"A1"
+"B2"
+"C3"
+"Sheet1"
+"Sheet2"
+"NamedRange"
+"Column1"
+"Column2"

poi-fuzz/src/main/java/org/apache/poi/fuzz/FormulaParserFuzzer.java

@@ -0,0 +1,63 @@
+/* ====================================================================
+   Licensed to the Apache Software Foundation (ASF) under one or more
+   contributor license agreements.  See the NOTICE file distributed with
+   this work for additional information regarding copyright ownership.
+   The ASF licenses this file to You under the Apache License, Version 2.0
+   (the "License"); you may not use this file except in compliance with
+   the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+==================================================================== */
+
+package org.apache.poi.fuzz;
+
+import com.code_intelligence.jazzer.api.FuzzedDataProvider;
+import org.apache.poi.hssf.usermodel.HSSFEvaluationWorkbook;
+import org.apache.poi.hssf.usermodel.HSSFWorkbook;
+import org.apache.poi.ss.formula.FormulaParser;
+import org.apache.poi.ss.formula.FormulaType;
+import org.apache.poi.ss.formula.FormulaParseException;
+import org.apache.poi.util.RecordFormatException;
+
+import java.nio.BufferUnderflowException;
+import java.util.NoSuchElementException;
+
+/**
+ * Fuzz target for the Apache POI Formula Parser.
+ * Used by Google's OSS-Fuzz for continuous security testing.
+ */
+public class FormulaParserFuzzer {
+    private static HSSFWorkbook workbook;
+    private static HSSFEvaluationWorkbook evalWorkbook;
+
+    public static void fuzzerInitialize() {
+        workbook = new HSSFWorkbook();
+        evalWorkbook = HSSFEvaluationWorkbook.create(workbook);
+    }
+
+    public static void fuzzerTestOneInput(FuzzedDataProvider data) {
+        try {
+            FormulaType formulaType = data.pickValue(FormulaType.values());
+            int sheetIndex = data.consumeInt(-1, 10);
+            String formula = data.consumeRemainingAsString();
+
+            if (formula == null || formula.isEmpty()) {
+                return;
+            }
+
+            FormulaParser.parse(formula, evalWorkbook, formulaType, sheetIndex);
+
+        } catch (FormulaParseException | IllegalArgumentException | IllegalStateException |
+                 IndexOutOfBoundsException | ArithmeticException | NegativeArraySizeException |
+                 RecordFormatException | BufferUnderflowException |
+                 UnsupportedOperationException | NoSuchElementException e) {
+            // Expected exceptions on malformed formula syntax
+        }
+    }
+}

poi-fuzz/src/main/java/org/apache/poi/fuzz/POIRleFuzzer.java

@@ -0,0 +1,45 @@
+/* ====================================================================
+   Licensed to the Apache Software Foundation (ASF) under one or more
+   contributor license agreements.  See the NOTICE file distributed with
+   this work for additional information regarding copyright ownership.
+   The ASF licenses this file to You under the Apache License, Version 2.0
+   (the "License"); you may not use this file except in compliance with
+   the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+==================================================================== */
+
+package org.apache.poi.fuzz;
+
+import org.apache.poi.util.RLEDecompressingInputStream;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+
+/**
+ * Fuzz target for RLEDecompressingInputStream.
+ * Used by Google's OSS-Fuzz for continuous security testing.
+ */
+public class POIRleFuzzer {
+    public static void fuzzerInitialize() {
+    }
+
+    public static void fuzzerTestOneInput(byte[] input) {
+        try (RLEDecompressingInputStream rleStream =
+                     new RLEDecompressingInputStream(new ByteArrayInputStream(input))) {
+
+            byte[] buffer = new byte[1024];
+            while (rleStream.read(buffer) != -1) {
+                // Trigger decompression logic
+            }
+        } catch (IOException | IllegalArgumentException | IllegalStateException | IndexOutOfBoundsException e) {
+            // Expected exceptions on malformed input
+        }
+    }
+}

settings.gradle

@@ -1,4 +1,5 @@
 rootProject.name = 'poi'
 
 include 'poi', 'poi-ooxml-full', 'poi-ooxml-lite-agent', 'poi-scratchpad',
-        'poi-ooxml', 'poi-excelant', 'poi-examples', 'poi-integration' , 'poi-ooxml-lite'
+        'poi-ooxml', 'poi-excelant', 'poi-examples', 'poi-integration', 'poi-ooxml-lite',
+        'poi-fuzz'