diff --git a/pom.xml b/pom.xml
index 723d952d..e00501b6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -129,6 +129,16 @@
org.eclipse.sisu
sisu-maven-plugin
+
+ org.apache.rat
+ apache-rat-plugin
+
+
+
+ **/*.clazz
+
+
+
diff --git a/src/main/java/org/apache/maven/shared/dependency/analyzer/asm/DependencyClassFileVisitor.java b/src/main/java/org/apache/maven/shared/dependency/analyzer/asm/DependencyClassFileVisitor.java
index 8c1cd3da..e456415e 100644
--- a/src/main/java/org/apache/maven/shared/dependency/analyzer/asm/DependencyClassFileVisitor.java
+++ b/src/main/java/org/apache/maven/shared/dependency/analyzer/asm/DependencyClassFileVisitor.java
@@ -71,7 +71,7 @@ public void visitClass(String className, InputStream in) {
reader.accept(classVisitor, 0);
} catch (IOException exception) {
exception.printStackTrace();
- } catch (IndexOutOfBoundsException e) {
+ } catch (IndexOutOfBoundsException | IllegalArgumentException e) {
// some bug inside ASM causes an IOB exception. Log it and move on?
// this happens when the class isn't valid.
logger.warn("Unable to process: " + className);
diff --git a/src/test/java/org/apache/maven/shared/dependency/analyzer/asm/ResultCollectorTest.java b/src/test/java/org/apache/maven/shared/dependency/analyzer/asm/ResultCollectorTest.java
index 7cb376e5..33b5fd56 100644
--- a/src/test/java/org/apache/maven/shared/dependency/analyzer/asm/ResultCollectorTest.java
+++ b/src/test/java/org/apache/maven/shared/dependency/analyzer/asm/ResultCollectorTest.java
@@ -33,6 +33,9 @@
import static org.assertj.core.api.Assertions.assertThat;
public class ResultCollectorTest {
+
+ private static String ROOT = "src/test/resources/org/apache/maven/shared/dependency/analyzer";
+
Set getDependencies(Class inspectClass) throws IOException {
String className = inspectClass.getName();
String path = '/' + className.replace('.', '/') + ".class";
@@ -45,12 +48,64 @@ Set getDependencies(Class inspectClass) throws IOException {
@Test
public void testJava11Invoke() throws IOException {
- String className = "issue362.Bcel362";
- Path path = Paths.get(
- "src/test/resources/org/apache/maven/shared/dependency/analyzer/commons-bcel-issue362/Bcel362.class");
+ Path path = Paths.get(ROOT + "/commons-bcel-issue362/Bcel362.class");
DependencyClassFileVisitor visitor = new DependencyClassFileVisitor();
try (InputStream is = Files.newInputStream(path)) {
- visitor.visitClass(className, is);
+ visitor.visitClass("issue362.Bcel362", is);
+ }
+ }
+
+ @Test
+ public void testOssFuzz51980() throws IOException {
+ // Add a non-"class" suffix so that surefire does not try to read the file and fail the build
+ visitClass(ROOT + "/ossfuzz/issue51980/Test.class.clazz");
+ }
+
+ @Test
+ public void testOssFuzz51989() throws IOException {
+ visitClass(ROOT + "/ossfuzz/issue51989/Test.class.clazz");
+ }
+
+ @Test
+ public void testOssFuzz52168() throws IOException {
+ visitClass(ROOT + "/ossfuzz/issue52168/Test.class.clazz");
+ }
+
+ @Test
+ public void testOssFuzz53543() throws IOException {
+ visitClass(ROOT + "/ossfuzz/issue53543/Test.class.clazz");
+ }
+
+ @Test
+ public void testOssFuzz53544a() throws IOException {
+ visitClass(ROOT + "/ossfuzz/issue53544a/Test.class.clazz");
+ }
+
+ @Test
+ public void testOssFuzz53620() throws IOException {
+ visitClass(ROOT + "/ossfuzz/issue53620/Test.class.clazz");
+ }
+
+ @Test
+ public void testOssFuzz53676() throws IOException {
+ visitClass(ROOT + "/ossfuzz/issue53676/Test.class.clazz");
+ }
+
+ @Test
+ public void testOssFuzz54199() throws IOException {
+ visitClass(ROOT + "/ossfuzz/issue54119/Test.class.clazz");
+ }
+
+ @Test
+ public void testOssFuzz54254() throws IOException {
+ visitClass(ROOT + "/ossfuzz/issue54254/Test.class.clazz");
+ }
+
+ private void visitClass(String location) throws IOException {
+ Path path = Paths.get(location);
+ DependencyClassFileVisitor visitor = new DependencyClassFileVisitor();
+ try (InputStream is = Files.newInputStream(path)) {
+ visitor.visitClass("Test", is);
}
}
diff --git a/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue51980/Test.class.clazz b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue51980/Test.class.clazz
new file mode 100644
index 00000000..314e0945
Binary files /dev/null and b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue51980/Test.class.clazz differ
diff --git a/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue51989/Test.class.clazz b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue51989/Test.class.clazz
new file mode 100644
index 00000000..cce2039d
Binary files /dev/null and b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue51989/Test.class.clazz differ
diff --git a/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue52168/Test.class.clazz b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue52168/Test.class.clazz
new file mode 100644
index 00000000..e92207bc
Binary files /dev/null and b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue52168/Test.class.clazz differ
diff --git a/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue53543/Test.class.clazz b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue53543/Test.class.clazz
new file mode 100644
index 00000000..808e3379
Binary files /dev/null and b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue53543/Test.class.clazz differ
diff --git a/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue53544a/Test.class.clazz b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue53544a/Test.class.clazz
new file mode 100644
index 00000000..5fbdd67f
Binary files /dev/null and b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue53544a/Test.class.clazz differ
diff --git a/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue53620/Test.class.clazz b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue53620/Test.class.clazz
new file mode 100644
index 00000000..e263fcd4
Binary files /dev/null and b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue53620/Test.class.clazz differ
diff --git a/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue53676/Test.class.clazz b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue53676/Test.class.clazz
new file mode 100644
index 00000000..c0ca8577
Binary files /dev/null and b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue53676/Test.class.clazz differ
diff --git a/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue54119/Test.class.clazz b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue54119/Test.class.clazz
new file mode 100644
index 00000000..4b405c31
Binary files /dev/null and b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue54119/Test.class.clazz differ
diff --git a/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue54254/Test.class.clazz b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue54254/Test.class.clazz
new file mode 100644
index 00000000..275741ee
Binary files /dev/null and b/src/test/resources/org/apache/maven/shared/dependency/analyzer/ossfuzz/issue54254/Test.class.clazz differ