apache · vishalcoc44 · Mar 5, 2026 · Mar 8, 2026 · Mar 8, 2026 · Mar 12, 2026
diff --git a/poi-fuzz/src/main/java/org/apache/poi/fuzz/FormulaParserFuzzer.java b/poi-fuzz/src/main/java/org/apache/poi/fuzz/FormulaParserFuzzer.java
@@ -30,18 +30,13 @@ Licensed to the Apache Software Foundation (ASF) under one or more
 
 /**
  * Fuzz target for the Apache POI Formula Parser.
- * Used by Google's OSS-Fuzz for continuous security testing.
  */
 public class FormulaParserFuzzer {
-    private static HSSFWorkbook workbook;
-    private static HSSFEvaluationWorkbook evalWorkbook;
-
-    public static void fuzzerInitialize() {
-        workbook = new HSSFWorkbook();
-        evalWorkbook = HSSFEvaluationWorkbook.create(workbook);
-    }
 
     public static void fuzzerTestOneInput(FuzzedDataProvider data) {
+        HSSFWorkbook workbook = new HSSFWorkbook();
+        HSSFEvaluationWorkbook evalWorkbook = HSSFEvaluationWorkbook.create(workbook);
+
         try {
             FormulaType formulaType = data.pickValue(FormulaType.values());
             int sheetIndex = data.consumeInt(-1, 10);

diff --git a/...va/org/apache/poi/fuzz/POIHMEFFuzzer.java → ...ava/org/apache/poi/fuzz/FuzzerRunner.java b/...va/org/apache/poi/fuzz/POIHMEFFuzzer.java → ...ava/org/apache/poi/fuzz/FuzzerRunner.java
@@ -17,32 +17,25 @@ Licensed to the Apache Software Foundation (ASF) under one or more
 
 package org.apache.poi.fuzz;
 
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
+import org.apache.poi.fuzz.POIFileHandlerFuzzer;
+import java.io.File;
+import java.nio.file.Files;
 
-import org.apache.poi.fuzz.POIFuzzer;
-import org.apache.poi.hmef.HMEFMessage;
-import org.apache.poi.util.RecordFormatException;
-
-public class POIHMEFFuzzer {
-	public static void fuzzerInitialize() {
-		POIFuzzer.adjustLimits();
-	}
-
-	public static void fuzzerTestOneInput(byte[] input) {
-		try {
-			HMEFMessage msg = new HMEFMessage(new ByteArrayInputStream(input));
-			//noinspection ResultOfMethodCallIgnored
-			msg.getAttachments();
-			msg.getBody();
-			//noinspection ResultOfMethodCallIgnored
-			msg.getMessageAttributes();
-			msg.getSubject();
-			//noinspection ResultOfMethodCallIgnored
-			msg.getMessageMAPIAttributes();
-		} catch (IOException | IllegalArgumentException | IllegalStateException | RecordFormatException |
-				ArrayIndexOutOfBoundsException e) {
-			// expected here
-		}
-	}
+public class FuzzerRunner {
+    public static void main(String[] args) throws Exception {
+        if (args.length == 0) {
+            System.err.println("Usage: FuzzerRunner <file-to-fuzz>");
+            System.exit(1);
+        }
+        File f = new File(args[0]);
+        if (!f.exists()) {
+            System.err.println("File not found: " + args[0]);
+            System.exit(1);
+        }
+        byte[] input = Files.readAllBytes(f.toPath());
+        System.out.println("Running fuzzer for file: " + args[0] + " (" + input.length + " bytes)");
+        POIFileHandlerFuzzer.fuzzerInitialize();
+        POIFileHandlerFuzzer.fuzzerTestOneInput(input);
+        System.out.println("Success!");
+    }
 }
diff --git a/poi-fuzz/src/main/java/org/apache/poi/fuzz/POIFileHandlerFuzzer.java b/poi-fuzz/src/main/java/org/apache/poi/fuzz/POIFileHandlerFuzzer.java
@@ -27,6 +27,7 @@ Licensed to the Apache Software Foundation (ASF) under one or more
 import org.apache.commons.lang3.exception.ExceptionUtils;
 import org.apache.poi.hslf.exceptions.HSLFException;
 import org.apache.poi.hsmf.exceptions.ChunkNotFoundException;
+import org.apache.poi.poifs.filesystem.FileMagic;
 import org.apache.poi.hssf.record.RecordInputStream;
 import org.apache.poi.ooxml.POIXMLException;
 import org.apache.poi.openxml4j.exceptions.OpenXML4JException;
@@ -68,34 +69,60 @@ Licensed to the Apache Software Foundation (ASF) under one or more
  * are currently uncovered.
  */
 public class POIFileHandlerFuzzer {
-	private static final FileHandler[] HANDLERS = new FileHandler[] {
+	private static final FileHandler[] OLE2_HANDLERS = new FileHandler[] {
 		new HDGFFileHandler(),
-		new HEMFFileHandler(),
-		new HMEFFileHandler(),
-		new HPBFFileHandler(),
 		new HPSFFileHandler(),
 		new HSLFFileHandler(),
 		new HSMFFileHandler(),
 		new HSSFFileHandler(),
-		new HWMFFileHandler(),
 		new HWPFFileHandler(),
-		new OPCFileHandler(),
+		new HPBFFileHandler(),
 		new OWPFFileHandler(),
 		new POIFSFileHandler(),
+		new HMEFFileHandler(),
+	};
+
+	private static final FileHandler[] OOXML_HANDLERS = new FileHandler[] {
+		new OPCFileHandler(),
 		new XDGFFileHandler(),
 		new XSLFFileHandler(),
 		new XSSFBFileHandler(),
 		new XSSFFileHandler(),
 		new XWPFFileHandler(),
 	};
 
+	private static final FileHandler[] EMF_HANDLERS = new FileHandler[] {
+		new HEMFFileHandler(),
+	};
+
+	private static final FileHandler[] WMF_HANDLERS = new FileHandler[] {
+		new HWMFFileHandler(),
+	};
+
 	public static void fuzzerInitialize() {
 		POIFuzzer.adjustLimits();
 	}
 
 	public static void fuzzerTestOneInput(byte[] input) throws Exception {
 		ByteArrayInputStream stream = new ByteArrayInputStream(input);
-		for (FileHandler handler : HANDLERS) {
+		FileMagic fm = FileMagic.valueOf(stream);
+		stream.reset();
+
+		FileHandler[] handlers;
+		if (fm == FileMagic.OLE2 || fm == FileMagic.UNKNOWN ||
+			fm == FileMagic.BIFF2 || fm == FileMagic.BIFF3 || fm == FileMagic.BIFF4) {
+			handlers = OLE2_HANDLERS;
+		} else if (fm == FileMagic.OOXML) {
+			handlers = OOXML_HANDLERS;
+		} else if (fm == FileMagic.EMF) {
+			handlers = EMF_HANDLERS;
+		} else if (fm == FileMagic.WMF) {
+			handlers = WMF_HANDLERS;
+		} else {
+			return;
+		}
+
+		for (FileHandler handler : handlers) {
 			stream.mark(input.length);
 
 			try {

diff --git a/poi-fuzz/src/main/java/org/apache/poi/fuzz/POIFuzzer.java b/poi-fuzz/src/main/java/org/apache/poi/fuzz/POIFuzzer.java
@@ -64,33 +64,11 @@ public static void fuzzerTestOneInput(byte[] input) {
 
 		fuzzAny(input);
 
-		POIHDGFFuzzer.fuzzerTestOneInput(input);
-
-		POIHMEFFuzzer.fuzzerTestOneInput(input);
-
-		POIHPBFFuzzer.fuzzerTestOneInput(input);
-
-		POIHPSFFuzzer.fuzzerTestOneInput(input);
-
-		POIHSLFFuzzer.fuzzerTestOneInput(input);
-
-		POIHSMFFuzzer.fuzzerTestOneInput(input);
-
-		POIHSSFFuzzer.fuzzerTestOneInput(input);
-
-		POIHWPFFuzzer.fuzzerTestOneInput(input);
-
-		POIOldExcelFuzzer.fuzzerTestOneInput(input);
-
-		POIVisioFuzzer.fuzzerTestOneInput(input);
-
-		XLSX2CSVFuzzer.fuzzerTestOneInput(input);
-
-		POIXSLFFuzzer.fuzzerTestOneInput(input);
-
-		POIXSSFFuzzer.fuzzerTestOneInput(input);
-
-		POIXWPFFuzzer.fuzzerTestOneInput(input);
+		try {
+			POIFileHandlerFuzzer.fuzzerTestOneInput(input);
+		} catch (Exception e) {
+			// expected here
+		}
 	}
 
 	public static void fuzzAny(byte[] input) {

diff --git a/poi-fuzz/src/main/java/org/apache/poi/fuzz/POIHDGFFuzzer.java b/poi-fuzz/src/main/java/org/apache/poi/fuzz/POIHDGFFuzzer.java
diff --git a/poi-fuzz/src/main/java/org/apache/poi/fuzz/POIHPBFFuzzer.java b/poi-fuzz/src/main/java/org/apache/poi/fuzz/POIHPBFFuzzer.java
diff --git a/poi-fuzz/src/main/java/org/apache/poi/fuzz/POIHPSFFuzzer.java b/poi-fuzz/src/main/java/org/apache/poi/fuzz/POIHPSFFuzzer.java