From e666d3756eaea55a138e7b2b319bc70ad28bf74d Mon Sep 17 00:00:00 2001
From: Dominik Stadler <centic@apache.org>
Date: Mon, 11 Sep 2023 18:25:06 +0000
Subject: [PATCH] Bug 66425: Avoid a NullPointerException found via oss-fuzz

We try to avoid throwing NullPointerException, but it was possible
to trigger one here with a specially crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62208

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912251 13f79535-47bb-0310-9956-ffa450edef68
---
 .../ReadOnlySharedStringsTable.java           |   6 ++++--
 ...mized-XLSX2CSVFuzzer-6504225896792064.xlsx | Bin 0 -> 10245 bytes
 test-data/spreadsheet/stress.xls              | Bin 51712 -> 52224 bytes
 3 files changed, 4 insertions(+), 2 deletions(-)
 create mode 100644 test-data/spreadsheet/clusterfuzz-testcase-minimized-XLSX2CSVFuzzer-6504225896792064.xlsx

diff --git a/poi-ooxml/src/main/java/org/apache/poi/xssf/eventusermodel/ReadOnlySharedStringsTable.java b/poi-ooxml/src/main/java/org/apache/poi/xssf/eventusermodel/ReadOnlySharedStringsTable.java
index 07d00bd99aa..590251960a3 100644
--- a/poi-ooxml/src/main/java/org/apache/poi/xssf/eventusermodel/ReadOnlySharedStringsTable.java
+++ b/poi-ooxml/src/main/java/org/apache/poi/xssf/eventusermodel/ReadOnlySharedStringsTable.java
@@ -259,7 +259,7 @@ public void startElement(String uri, String localName, String name,
         } else if ("rPh".equals(localName)) {
             inRPh = true;
             //append space...this assumes that rPh always comes after regular <t>
-            if (includePhoneticRuns && characters.length() > 0) {
+            if (includePhoneticRuns && characters != null && characters.length() > 0) {
                 characters.append(" ");
             }
         }
@@ -287,7 +287,9 @@ public void endElement(String uri, String localName, String name) throws SAXExce
     public void characters(char[] ch, int start, int length) throws SAXException {
         if (tIsOpen) {
             if (inRPh && includePhoneticRuns) {
-                characters.append(ch, start, length);
+                if (characters != null) {
+                    characters.append(ch, start, length);
+                }
             } else if (! inRPh){
                 if (characters != null) {
                     characters.append(ch, start, length);
diff --git a/test-data/spreadsheet/clusterfuzz-testcase-minimized-XLSX2CSVFuzzer-6504225896792064.xlsx b/test-data/spreadsheet/clusterfuzz-testcase-minimized-XLSX2CSVFuzzer-6504225896792064.xlsx
new file mode 100644
index 0000000000000000000000000000000000000000..9426600d727a44b965acfa69d6e145c32621630c
GIT binary patch
literal 10245
zcmeHtWmKEn)^6}(MGD1&I~1otfl|CdLeUl}#kELqhvH6g4N%;nKyfMV?vP?difeKE
z(w;NU?(W{_8~5Iy=bn}1O)|zipN!1)Oj&bIML8s70st!D9smHK2H4zx!U{nE06w4q
z01p5#1T6_`D|;g=dmU95h>@K(yR)SQRpvAT(+2<|{Qm#0|11p*#DW#tIdT2ZKwqej
z9@1Nd`r(?-p*)kzM+Uac#B>!JXi?OBsxgTk!B7lR9YaZxRN~!lx-j0^bk|BUL_(;l
zd_rbI8~-j&!K`6mcDrA~br3(SjYSXY58VaKx;uLEdCa=B_!Y9P7l(~5LLw^sWOdht
z)h|_Q6@x+Pdc94NtmVieB;lpC_Iy6!X2p+ZEG{Jxd|pOAk_>vENkiHESU8&W)3A-S
z>!UhL%(wec^!@O78fDw&@~yzPTOs0diVCHyM}4H_p_=}8=0P?l05q)(94dl%KsmPt
zYrRvmuXr(7ey>LIgFi*fl1+(6+dzJW8KvBAd3Q#-_Olo#qL<b~B?{o2+!!@+n8#iz
z{fA99pW`00DPJVf@Ymk5Pi4e|Nbe8SH<}@AFQjnNSigyBC220}68rpK?0H1LSG2)-
z!8IAqBPqZM5NTeS@mZ-()z!M~40sa}_$=~<q_jwgFPi^sdj|;sxVu9FDE`Uzs?<1X
zPvC@-hnp5AU<g6S*2uz+gZ;;qDzopuHuoQ6YhlsDa5KZ|+6OgCtX^$df$nAGG{}P*
zs8uOi==Lb9!n5c^&rbc2d}Iw^qo?17pJ^@Zt(&P*0`)l*+UuFb%6atNrp=v8(qH0y
z(5EpmBj_fL0P4M(U$D?|&W=sdpT5ek2n{8zkG-bV=OuqZfO)uMn-j&U)Td`U8bgwA
z^d)xfX~1U+MK<BdR`YvkZfJ!fm%<knHN0SJXO49b{RD+D(X<Cb{f=uA#+U`eu>554
zei>iFW9T?u?-h*!QX0eD>lfeess(Il<bp>)OUJ^CA$FqM+urQyrUmCsL&9J4{FcFn
z=X$N3II24EZTl<N7tn8*5aDrV0&WSUfO`ne799VeyOXu;TYYQmw?87yKdF!WgZl7$
z|NmZ%F~jCRN#on(JL+K*ZDkZI*c2vKrga8jQ2IL3!54qZX#FfkqF%I@J%h-X?%Lzo
zNZ!qI-hKxWs(GqfBt7%JPdP=JFs5^XCJ|v@s;TO+)XIEaQ6C8#uNtp*1-om>+!MOY
z5PFn=+5PP7G2Jp|8wyM41pD`70}|3r2bU@AK4EYT_x0pE{aogVI3GwcAC-dd`=PtH
z4fR%X?lx;C@8iqVd#s6u3~`@?Y>iN{CTh}k_c8=`P?fc>@(1)L=vI)m8_IFQ9_#gN
zyqgpXOcbv#HlKRq<Dy9z5Xc_jiGdY<5`D9hd<uMl&ar2}-0d_M2%XnI#QZx3X=F21
z>A+cG1NW9VaB9FA^ecD5l*N98vPRlNw0@`L2}{lVWL5EZ8z|IDbCtpT;cDFx7J;8W
zo22Gv+`GS8(Xeo6XdJz^rOteWJ|&Z-B1q90`)(*a(lveTY;b&#jef|Et(Kcq*%k5m
ztJ#yuipQr1dIR26-j2*{O=Uz%t4H`Od(ye6;VEr1A#T835!)&h_Sfi3tc2wPX;Op<
z$){MDSCscv2)F~$V)zM77h}{Fzht?;>YE$2&;X&p7VwrGZrWHUJXB+u_O7!cDI{g{
z1d<<m0%vlYt+O#;bZO&EWb)0LG#{42kH|hb8Fx3%#FlG_1~66QYo2*9hppDeXeRRI
z5btb$soWIK$lm1>Vs=kbez-{AKFibNu^B~?PWSOS(Rb~4=gFn`^L1{R84-ta{`JyG
zGcf;-uF_5c&TH{XOx{zZ<eT8M*B{C$M`9GTpGQR7mfD7~#3~@mtrt&w-D*{Ez%~6>
zYu?PIuk}F%0943+WQ{-f!rs)#(um{dmFtHs?`XWRhVc=6#+h-VvbVNmtR_Qq2$?BQ
zDFKspSOrp;CB>_&WQvZ-c#zGlyhCWO*GoWX*yXff9YJicPiN2yEJ3;?JO#;C5ckWC
zp^{Ba21?R+x!*0W&^nyV`37Z3(9o^fz>2g>U4uGAD8~g%-JAk$<j5$ZF}e)~oaN^h
zprHM^sjGeM&J-3pJh6`=@hP>t{<8EbaUtLJi2M76sksKgwLu?!Ug4>BAyOjD2dPaJ
zP8!p<@t!J%(Nej&ac78#Nr1;-eL-i$ja{-^2<gGz3}7fBs!-Y#ulSHr0=j*W1`J8W
zz>}8_CpM5c9)n@-&E$1s-_#_=f;<sdmA<8(_Tu%J!=}%n{onyXE0c-l_O#Y3N83x(
zmI?0C>1_wMDrg#l?jjnv<dIbJ$*pur%;=+cJ1g9~R#i$R4d;kAC-g~LsS0_cvPR{S
z*gYas2?u18#vX2itz?m%{P71TLyk2t`vX+N!$ErYJJ}))r$bZ%ZqgSCBXb!yp0ZB^
z<pp4D{?-8ZtmHN#rl0`fdfrg<_mhR{p$8u9mw*w`0K)L7WJW_DkD#yY5z;>Tg8*y%
z*NNp4&96zv8Y91>fK_2voUM^~n671MUUyp;D&My*Vpal&BPeg}uQx^y+bP-DOqSUr
ze809OEP9@Po2JZqmgaeUbV#)3tkH3I+0OX+`r73QF1IQ5XedYe_32J;Xqm{(O+z>R
zfu;9zsq;u_$xN-)d*lcA?0Eug=ox8knhD!+RZLLsdpn|UreTmTl{_&vs=aR$?(|CZ
zkO}Ec`n;1Nxu1TnDf%}uy;Z=OfC)LfEH*^qm_^-LAk^1(UH@eVxvsl<S3{^lcU6-H
zq8bmTZ1?GWq=5b&50DiYnaGs=?L0OTe|Jx5YsTUIrH`D5(guYTxx5^hJDZj<@?of>
z8M0?m!X{R!qeZ0?k%Iv1xN9J=9t65KAnQkozn*v~n8pl@ivoTPBE<H5Q1ns0r}g!@
z)aw^42lk@G&zrcSDl7&q5iTD>J&`1uSRAe>Ql7IbGYPU~xje9YBe{2A#^0f&96&xI
z@JRnzq{=;|u+usg-+dc?iSI(^2;Hpn9trr}^La!*Lc9=3P2`}oB=lW5rU`|caMNq2
z&P1jBE<V%+!j<Y8Y%LWH*_|||)*{GVYg>b_$)Sk1y3T_0!sNV@!?fG>_Fmy@k+)Ua
z1nT)s^)4Sh$~U94;=o6K+<c05(pIwLjB+!Nx;%&{wg(WRRs(bC{JKBY3e}40R-&Sp
zie$0?{RF%z8rIEdyya!k@abQ-%?@EDj7>RjjK@7C;rpJ{I)xNGNkIu)c6bUU$F}7*
z?nfWE;4%1AiVlsNy^M=x%D)jDFxSlIu`41Ol`pWXU1RaZNl^1`{gOQ5Pqm@l(gzmE
zd^-i<YYhvln%_l*)^$2B(`eI42s0GC|FqCAQb@vRRIbmCMCB;!o;~c6r(V)hlGEFa
zP*W*T&{Nv%qrKk5f2jPh6_aDL@o7}VBX$PH&`~AW+s9L+6h}5=rwou{|86FPGP(J4
zy@xIHk!60^S1K{Hh8JxqCGuSS=;ja=z1`;Qk1A;R)RXt)GqACF;sOAnj~Q9-G?4~e
zl`v*NUf9f2{8YrZkC|H{O5gSxio2`XJL*ZohMIG8VuuOvd?D_B(iRN&Ics$SSvGib
z@vRu;rA9a)ak(XyxnI6Q8MF@(`<HeEjAeqxZHrWR`wcPqU7-EC3m9L$t#T^J)`rSL
zWG*n3bBMd{c+|doB2J@h8|)%bTG^sV3+liqh*(w?{i7o<JrKfu3&?TVAmo_ixT=tJ
zi(5?F{5u%5l2=}{z2F7;2ml@9DhdOI`bsfg{(Gu;ar~ZkJe?eRQV>fJ>jT!)ARs>9
z#N&?zXO1}jxLdi&*+wl(3SH?}X~rW=BVYxtMJQ?XeiI+s?dDK70}s>Ml-~G=;pwo{
zqgl0G*GgfSTWH8euvCiLa0Ox_VYSc8<kK?dwkI{3TIKP)Z{8ZVc@rf(4rpzpmR%Y{
z+kE!%PHCCv%0}EeU&0emMc7({3dU+f&Ag1Z6pmz%bc7&>$B=(&&6d#^&n=0m)~wdh
zf#jteKh?8fo7K4XP%!v5nAAVi+ZoF1Xs*{i<!F&p&|1l;LJ+_(E7m2@<vz*c>HIb8
zYH5SK_G>y9J(#oAgx)*j1ehrNZnXwDI9BrcZ$nmfgywTvc=|93e-ZzYKG>NW8QI%$
z{Cwm75x2skT7Tr~0Y7tfA#gXZs0s|-EP3gjA1-8AGcS0mL+LA*v)h<LN@VSh@wb|1
zFt5VN8nO<eF2mkwPF7jm4Xv%>{kP}Ni(iD_fr{PpP><BxaTwGePrsV<{>n}w`7mio
z1v}u$qa67Xu{>ol1do@zQh5S-<q6D^s`C@8s4iOZPGij5%OLeGIpXXpOB?X+LdG{*
zy00Gu_S3_#(US`+HOO%A@f@(<^F)Flhu?g126^doy(y=k3vaV~CGjM_&#NkBGh~`c
zaKilA0U3GP$Z0^O(XqbGdKqC6);$Kd&gwzzWa0NqW`Q4E-IdB~M1m0<_Si$+a1TMr
z`njA<?4lOINne<GW(5Zx#&rU@<IZElFw>u9UBGKZf6WE{4;0JuU&a1EDApkBc)tp+
z@^pBHMeq;C+L`Lv8X2nC+nQOK*!@syu{unF>^X6B*@V+a_sKWBsEE8JVRm>0%GQPX
zfoKrD2a#VNSEUx#9S;aB>k27=f|00~aXFDW0~6^YYzErHOm;m&J$V{Z=8&Np_~>j6
z+g`VKDf`cc0?KY5G!UM{Ky-{>*Fhielyx|D6SEG>(T~?b2k#fXF85?PBju$A%Qs4D
z&BBoPiF=nOd!}{#AM~mM-VUyUAi{CU*IWd$5fNnNrbo)|W1NTm;m$M<!OL7WJh4!D
z;?eTeTD@%j8gV2KkM<08`!+08>6Mzn2@u4TiMZBM;o1RKyWU8AO-+o>$VjuS>Nk#I
zQUqNVB)^|Sv)pS#B?At7^8(qbV{l^FpoJVus*Rd?zu1g&sQUJ);#lzZiuY<dtymq`
z^>*N!4a0G$Wx=8ZZjj&80?+5>Em4__<TP`}u<pviOZ~S^Ht`;>Dl3K?zPsU~0`Dbg
z-@AhDLQWfzf*74=@qo4{P6FEBzO$Kd2pT>X)#}84YnCu>IrPSsW$>geb!~^)eR)_i
z&$jyu2{N`IjKq=rdpWiBVtd3=-0+v02ei9H`<=A<-~`QMvO&$MIVR43vufT@YR+ma
z>sPWVR12i88z#j(VkA)rfpRlCFExfruDhtZW1ux&1;sS_AOh7+5?B0elh;0Bl-Zps
zGROo{8u5-eLFZR2q@KtNkv2OcLzk`jshd<AOwR>7P5|=njr2c0SybBgli(OUXrnMm
zfyT$is>s@dUM}ZOnSz86W|7cB(AjK4xT6k(B~V;A2Dzu7xb3{y4MbMz=XIPZo-Fp&
z=K$uT-rKEs0qhtg)dr@{=6sgU{ZMWHyl|_mPLz~mH*Flygu3d?S0cKBR;nC|YEohm
z>be}GQR0eXlKQfd#q*G_o1&;~iUcc7ISj9&*XypXB*R2y<P27joEwFn>LCrgFXk^{
zH&S{C6<%Hy$y0%T8Rzq9$ytlg&nqVxq>A$2c2B6c;XY4dw<IJTTp@z)EYH1}H)qQX
zw&LGL#@1=nsocwK+J9VRmX<3zUrb?FvES0|rj$<PuU}biUbg-uwUUS;NK+;P)exb;
znr(0?oFJvJidChgOD?MOs_wLi@Bp(0a-@iEeO2(_%{sJy`T4jG&i&7dnn5SvL!hK(
z$fcINL?%SH%n}<b6fx~o%2RV-wM-q8Ks7XnEsbI7D;{#k5%-Mg)O!JhyTokL^GXvU
zsSEFX<pblVLIf8yr6pMdy6GVm+%G{Wm=g*dI5>6tx&n-A0<-1gWvT<#eFaz#BJEMv
z%SjaMj<~?&kd{f|G{SJ;1Sq}L#q0z1ND1W83TldtQZzK5OMz1jfeE-{>bQ0l$W<q3
z+7$eRc3EJY2O-j<N^pE`I4G~IB|2{5qrw>e4(SMWh^UH$ck0?|k|Ybb070RRLpEjR
zSghQmmc<-UyN??*I4ks`xQ|pd_=?aCLuE;!;dMpsw~y3^ABSY5Cb9jJ0!fhpu<aT?
z7r(XWW#ISy;1kQkQhjnG6mKCqV|7)b%Crf~31p3j>&cT90tk3QV>?$*zw}TON8Q$&
zlLKv%@y=eZhP%JerdrxtwQ4|~VAZ`NdmO3D>DsPAo<}r9Y|?4%5Q>dB=*dFcbC}t=
z7ZN8i-|0xZSUkvTR>lSuyjsp)@iMlXsJ64N=XG-8l6FsTo+D$N5;AEPM6-N2uP{5Y
zH^%l7peb5q!o929`NlEgt;zO&vi4KFn%Y{aR}@r&jB+pfo|fNu0d@t6T$Qa3ZH66=
zoWCA_pJ5^Fuqg>WRk@$qT{lT7H9uhbo%<aiP6vn<!21NuwtG6apvrGVQJ&YV2EEHz
zQjP5E9j4U!ENKv+nISe&<^0Gvky-mtCw$adf2T&qK-CEaOI~_V$di-0Hxl<vnwbS6
z3Mh9tkaVIaD<BJtI?i1+6GzjK<hY2&562?v?r#$o&=>F#44$meA_D-}|8)QME*3^V
z{r)GF`N9cK+-4&8z(}_j)hIa6&D{1LA`>nbFIiTDVWQm3z4m4vC>$O*i!C*yXOOX-
z>IQx^$wsr!^2X~|>x`W%hS);Pl%IT~O`L>=2qsELN8+xJ_3pO3E8pRhngR2phglA~
zx7I>wmMkVz$_Th+5i(Yvem!^@q<GfX2l<AIVm~fuO+Pm3M1%FFm!X5|tz<K79+UO)
zL7^$Ru5J|>f?QfUwi;e@MGS8?>q;hzxe3$+v?<f0k6@;Dbbhk}D@$L@dc|78XIHT<
zr_SL)mBg%ai)$I$W0ya<<jxzCPh&QlzrQl*wXCs$cxYx|^_EdW4GUk%WoFzv^-zx@
z-}ZwTU0tXSmRDE9vF*^&^eY5?>f(^BV{Gi(v6Ha+G<h{W)lk*yX>H284b)2t^2|zP
zQZ^y9F<gR#Af6Al=0*c5uOm2i!FvTpoO4Z`PT*d%LH$aONLhjQSPt?+angBjHPLnz
z3I}qhjNB~Q<77=`$Y8?ET~Z==caeo^sA$X@LkFdzR+|2fSjTUf6<sJ|?n8hiNlLx6
z;*jy&Ty3a|q)T=n5m{q}B0t$=-{_KF)1!-kXZh0aPY1V7WYU4`%(BhPXEt-Q75n;b
z^OKZ+%Ys*lQXTp5nrSoEzfD_zmRrIS7Om$val028cfEp+M0}7?Lf#byt6Ad2<lea7
zZxx-OGY-a__xfC!+SN=e@5bD^*l^tKlu)GcwDF}8<RMtA$CbQdQ~*mdwO?C_a%%bg
z{tL>7dLxC!3r0D`or2f2a|e3IxAR*xDc??+{4l7*=S$nOl=F-TsxFjNHH4xWm3%7_
zz;VpybHL2gi69FTXd!n<_lkz9kresdz5aDC{hpiV9+ZR&IeK#=U*60Cf`gjwuM+_&
zlcfMKC6j4~C%H%ky-6tNT=BrvGfW$^rf;G~FzZZ$I((rXQR0ml%N+NqfOK6mENU%-
z4-&?8EJHMeMs@d99C2nZEFDLOKT1vPFF*UdduCX1n1k-9pWYO^Rn+KC(7BwiyVAR%
zfYxJ#K6SvKkC6`oqN<&mi*R%*khek*0>o~|STt_7;su{?b8o(08n2UIzjI7>R5+M@
zGB_xrHCmV_evG|KqM>PLoK|2_X}(JTPTa@At<PTT;~K$H!gl9#b$?L3<hMcl`jDZ>
zti}fq=(^P9qnrb!B06L^q+7<2#3<0->HD_168R>*vwSb}X=3^w-Pz;rAkGgANW>3(
z#oFj~VFtA-BpnmeAey?e!OJXato$QD0Q-cCM73;7b$8;~@}qz<wvSyNyUo+MsGn8=
zU8%e87djuJSh$5bhjmU6k>EYShda7ni%3Ib&}(Kk^qEt-fz$zG<lyW~U@-e|kf8{O
zo1d;UIUd=99KF{oL~@R{dE>}m^!w6hPk$m*zwcs*)%X2^nDJ$}pWx45;09AvOw*kO
z_(25`U}<!Yoz<OUG;H_rtqB5KKX)S#s83nn-}G<K?)awcLr_F#1}v(9=pJD&bNWi?
z`1xJ<ax=t%%4LuG%3VWEock)Q2BK~0KJKjr8gfW&`JLMqFPQ4_30vuDB!ouY2Ysq5
zN_Z;`69%Q$ViCs~OiD?I4+MN;e?&%s&ojFIba*uctsuKW;MAe2OSl~=aTa|5G=Mzy
zlwypU`K8R`Coi>Y4APdl26lkPdjyWxt@SHO^%NUh{;JVWBRs4Rv2YBG^SEfa9;lx=
zgSvA;;o5=rH!D|Nr4JyU0Vdq9t-yD+D)twLf!hwAk+MUX90Lm)uS?k8H?7T)Exwl0
zhChF<&3n(VRHNEU968?RSP#fAK7TPQ=021xp;RNrd^*yzf(NW9pVmGuUhORw*Rjm;
zx!Qr%&|WLxLJWZKm*T$26)ZGwkU8G<8ypk;-7(5nB7|KZ?(Qw%<!wB8gT&C<K+)D3
zV#i@%ZEN%+)u+n*Z(juNA^~C1zx1p{Y`%O)E2fJBI7rdcg@nv#obrZ)pgoQ<4LMHB
z_lj%596m9hs0km<s8=keSTBSD6>4188@<QOsA(mIDW6ceP%9@%ZkTb|l|^P@$M_ie
z``z0W%`$U$!8?jR5^wcokyT_s*;S98h)uxLBvVlid#ocd^vQ&LETl+$ZD6KI7Semp
zDhI%E_X@M)l;>=RVB7ac1Vw;ag$(PIG>~wC5~xo=SzL$rZVyQn>uxJQD7g*^KW-Qs
zvJZoqU@nBDx)qHNsjJ1kLIGo?q%VEDxG~@<OzCrd1ylrLDAXYuV-RwvFo(zr1>SV)
z-8neleKHAh3vf*$88@~%YnB!Jvhx+gutJZ!<1>Az6@%FY6)+{dItChR1aYfL%y3?c
zX`yeH3&7;g%|bsZ)7cs_IdPaerG9pLhh`)C@YWC2KoEEm#3=e@RpgHHkpFKZ5LCE9
zJrqt%UU(G3{gs${5Xk>EFW>#x!T-z!jS+jX0-vSW2VGIpEEbIW;1&XDkwXO@Wh!f(
zT0mtCmgk~Of;2s!#z^LDR=CYVyN=V+MBX!Q8P}X>V4`bd`6nvaMu~kax7Sk%I@wyj
z)-(h$#CCN9{AZ9t$Zl5T*_17)qL2mzXmqK~GmY8l=SZtj86Tm&EKIBpI8Wr`ei>H@
zq1?TCh}f%<rXw?h=ZD{Syw0kK6?`0j%l|2?dZj&KvRO~J#44pr=xva7K{^zSXCO5@
zoQhJms;(+ugM5_++;u2jJ<pGya;{y`)h2oWVYNJiqSanPi#S2CD1MzyJ%m}}tkobT
zcxRHzUclcJY|DUa;849hGTkgDd+8)^t&W7t(i@O5n_#eC>zHtv$q%tH-$6vheW-x<
zDnfY4u8K4GR@|M7VUGlL0l{SU5ZvvqlikF7Rl^$@VLgcxa&b#_xz<KjnxfXoj~p1B
z&No@Xhc4@x?dxfg|D3|{NV`YdvJJJ*_gllrZg>B|gN;p#=;P_K&WyZOoB0z)IJ5py
zph7@ogV#*{e#q%}`u)wwlcL<80scIx@hgBk+$w&V+xT7Z&u#Bt1x?}Yvwz<N{~hP|
z=I0+sh44A9-&&!+3;*7&`$L!y<8OO+zXSYQ;v@M(8vbb$_g}yMmrCmYhVr8V`^OT;
z|67!wWy9Z5ey@uCfsz8RlfgCdmm1mc2)`e!{y^}7|G6Is|2k&<F8X^m{)cD~yc7D*
zZTM9YKXdcnQT`n2|G)qMjNylXzXbl@#sBP(e-*!@{zd$s?paX|1<o`80PDvCPSzH>
HAK(55x$f##

literal 0
HcmV?d00001

diff --git a/test-data/spreadsheet/stress.xls b/test-data/spreadsheet/stress.xls
index d1b01472d316f509f037976e9cec613599012f6d..b797f92f285ca83ecb5ab49a1efe63f57919f11b 100644
GIT binary patch
delta 2787
zcmZ9NYfKbZ6vyw~2T+8L6m@IOO|hv~T+v+w790>%Ku|zX5Ks_yVYO6b6?{Og6|uHj
zwZ$GynwUoWjv|^eE7TWA8zhZu+pnhaL(}w=@k5iErfn=ebN9e9vy(lU^Sl3Z{`WDn
z+kMvB{js&z72m|@Gm|mzH#xc1*^LPPo0yoG{5I>kcE<WJ=0#_*E{<gdolXATds_l+
z9mm*AHhd9!;!fEw*ckgrON`%?%{Rcx{1hl!qZDSOyV6oq(=)R&JXxu(jI^bltsR|9
z8S}Td2ijL86}Rp8wzf1U`MUP{liW#x?Mdzwd0$mon39>);oq~*-`3>UwimZp?b+-z
z&fuq#qu?sDYjvf9D?hL~(Tv66r2a@@?0fBa*;anow{f;UO?C(eI9@*|L~;wWu&1$+
z+{&!XH!Zg@8}luUjN6%=<#x@P>KDbLSl_(JIJ)z`m~hT4&+9r1d!RL!ca_hLvCL%m
z5k#{ETp!5e3e#Cg`|;uv>)~g(k@~QMEyCe&#xc`Z6V5D{C1S=cQK+<H7Unj*TR5e%
zvsYL$b_lDYNEI@44&gR9SO?XFaE=bwRO`@G>kzKq!Csw`>8%%Frne5k;1}LxTm|Ng
z^~iV;_3^k2!4ziI9Z||ccrm8seObfjKNXR!;`-Lkh~#z@_h~o2`rM){rVY@`9n1+k
zFD3IOaPE?mr@$!2rSJsfGMIbW$z4!@(G7bp&*Q0Z8sl=fba|dg#U8^rmuOtgOL*Dj
zX2sxC94rlfmFj00(_wC3ME#sW9V^utP|>IN-i6TvC#I=q7}WYfIanr)O7$a*S@8EX
zb-Y2XKN}9V0^C>h-lZ5-Xt@%Z3GU#udE?uN>TLK_s_$UTfrr!72?q5GQoRxq`t{x^
z7;~YxKhitVpq?ewd2poP!&kwLekWfIzhhhj30IvwA964jKnun~ICs^<*TMsgMPR??
z<i+5|xDM(uuGdan>$C6@NFQ+WQt)CdgVO^ZeEr8Tmcz3Fk6J-TyFec8MtMka_)uBo
zVkeJDf0`X^6KNNQwGhyRQc3JJV&{=n5nDuTTodYMV#x-dWRuTg=~GSG#Z>=tP$)IT
zoRZbTdSqLOEg^OwDEL-57j*JE7!5j=dKzCw<NpSe)osLFVTRc-zR@nzJlt{~4WxBb
zeZzI3G!jcCb`qJF*m7b+*M;gMmKJ81={{*DpLFTdMA~$!R|bXBOe}+#ip)>ULu|*O
zP`4AyH27qie6pm^4$@{({RsAao!AOukCC+yQ;9i-g!%@tY=cj>$tOqp>?Cat)dz-z
z(n@S4vGd4w5z7rTZG7kxi`qso&tQ~iGFl~#0;F9<O)uOO%5Gw-iQPxGhu9iof87*n
zJF$F&Prk{gK>Bo$wt(t4+!D%OVui#GBHKr7EwQg}33WfQB7;wn$w&X=cCZ7aEvEVj
z?Ab|d9Wm!^p>z>jPpta3P~Rk0V(=+3`IJhZgQP8``fJ$pEn;QFenEDK*al+JcZB*j
zv2ue?xyh$O`Wz;01=Tm)5lT0)jl@nOJ3?#|u_5&7Ayye?nCUN2rOBsC`Wz)~71b-l
zLV1VSW@0L`W5lY7?HCs7yTob?J~bwvTIus1X=|x|1bZGQwuRVZWG9GiCFU3r>ifj%
z3_f)xpL*$YlC<?y9~cqJDPr4*okw<>SOc-~kzMKs#2O7gjV2$j^!bpq-btUkLg^*u
zoAg0;hFDXWY2$aZIP{M0hF+U{;JZv~y#D)=hu`k(``^Yw#aJTLjK#$SkDLwO`|Tlz
Z`L<cmJ@zN}!M=M(Est(%|J;kR{trvaAO-*c

delta 2930
zcmZ9Ne@xV69LJyMjuRBmuZVh1`Wm(*kHbVokMj-%0r?>a2+9ekf?$`HNU5cjN|0q{
zNj<hTSF=`g4)i3yh&B<mT4FWV)?fLDYxPIv{FBX%E$#Dtc+>ej+<3O<^?iL`pXc}<
z(D8}0<Ak$2+r5?HYbs++U+1lKraXM~=+XFh3tfEpVa@If2|JQzohh}|NvwEZ%eMAC
z+jq6?KFp@FEvH21<YTUn6Bz5ZQr)#7>z}giPElXk<qEMUIkWCmKE;h;HZzg2$#nnS
z1&sAs$yJT~Q0uxGc99*R3!GlRro{IS=3oyd#rIC;WUY_w6IcRk&4^!jF&8V?KlA_I
z1U7-i(&E=?I*%od?U`eW?K#*_)?d~8tF0qn+;xiCrz2h`%a?&pxqeO~-1L4;W-#Y1
z>QjQ<qL<5MojM)nb03)TKDW=49N&}8W7e!QUpkEWoUwnYW8dy!Uh!j(muHHR9v}CK
z^j;s&5*4&A5c_C-R(wV4Lh(y)8qXH@d(#4oaCf4-dnr}yRwA9=!?NkxklZ=hY<eZg
zYf0pI*kX}?)^0@3rUjOuF;QtuR2mcM2OMwMr}eNL(I*=}Q)4L_$x0(xX(THR`)PaF
zGLe4HK1b+WTELHnTWPqJhFfXa56Z)GMYn96rA7b^LunXFgPzx8?}a|u)L8ye%s$2w
zv9v%Ci4-M~q9jt3#59=*iFVmIMvXi)Qk6!k(nwVr(`93Y_&w(5E5)qyKAta%Xe|)!
zw5}4L(po5nX)O{X=l#4`WcB&^YSG%~<0Yb-)>1J@Ynk<TU$29gixZZQuMyX2tq}Ju
zKd%%|_xt%;5$X2_t8lz|@_5y>8=_ybd2~Gc8IONbGUSnJ;AV`u;&#7jtOI)nY_#8u
z)`HDfn)9`$S2pY5dKK5JxtY>k4>uFD4qh~k4PZXW>P62*b3qs^YmCv(eot9ilm5KW
z)7~gXF8X+bNFVSSjks?iS`7o<U<52%X=Q7zMY6RC?jqbjG+-K=!4`wv8!)3=z?LY@
zC0a8_Hk;t)C~l7C+Q01{)(m$kX0=^1jjdqIz)oH=qb*>5rRmq2xw6>`H&=0UH8&vL
zZEypaHRrNvJO{QMto*VWje-T0W>9N}Wb=8rA;k@8Zk}|v!_C92+cbX%*b1;wVlRNL
z9Aj3-H=j9zF9PN(gYvaO1#-|%xCMwlykZ({V5`6~2hHd%utKF-s5OgZvmI`c;udLc
zv2<U8TZ~z;LDP5{Y&F;&n!g*YL}`|2P5ZyKhwXt|s<@?^TPEGTaLX`j^HtM$1*{zG
z=v6cND%cvOxkhVN$mTw{6^dJ-xs}r054RGtrVN?JYhY`^mJgZH*TJfkW|h{gmd!Wd
zRx56`=GI8}0NfhP8lw3J!PbG@qxpxxYL#ZK)~u7w4!CuSTc^3}rTZq_^_bOm%``f}
zHh`VHW=6Zf>Xl}_)(p$$TX4gQ8`j*7(mf1!BWBIHZW?ccHGq|0H>2->H7d<Utr?Nc
zBXA>%8`0cN(tQ{1Cd|4`^N)gU1{)>z9@rMJj2k<H$H1DDIZfJ}W;y45xXt5pZkWag
zU|YxM5IYXmGRCZoZv*_o_qk5DpECLM-7#a@@kyfQW~vC^oSgK>cRk5J{P`Ofa}%bE
Vj+-OAS?nF|avZ#3jSf$6{s-1b_H6(F