Fix resource loading in HtmlSanitizerFuzzerTest

Replace org.apache.commons.codec.Resources.getInputStream() with
standard Java class loader resource loading. The commons-codec
Resources class uses the thread context class loader which may not
have test resources on its classpath in certain environments like
GitHub Actions with Maven Surefire.

Using getClass().getClassLoader().getResourceAsStream() is more
reliable because it uses the same class loader that loaded the test
class, guaranteeing the resource will be found.

Author: jospint

owasp-java-html-sanitizer/src/test/java/org/owasp/html/HtmlSanitizerFuzzerTest.java

@@ -29,6 +29,7 @@
 package org.owasp.html;
 
 import java.io.BufferedReader;
+import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.nio.charset.StandardCharsets;
 import java.util.List;
@@ -37,8 +38,6 @@
 import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
 
-import org.apache.commons.codec.Resources;
-
 /**
  * Throws malformed inputs at the HTML sanitizer to try and crash it.
  * This test is stochastic -- not guaranteed to pass or fail consistently.
@@ -62,9 +61,17 @@ public void text(String textChunk) { /* do nothing */ }
       };
 
   public final void testFuzzHtmlParser() throws Exception {
-    String html = new BufferedReader(new InputStreamReader(
-        Resources.getInputStream("benchmark-data/Yahoo!.html"),
-        StandardCharsets.UTF_8)).lines().collect(Collectors.joining()); 
+    String html;
+    try (InputStream resourceStream = getClass().getClassLoader()
+        .getResourceAsStream("benchmark-data/Yahoo!.html")) {
+      if (resourceStream == null) {
+        throw new IllegalArgumentException(
+            "Unable to resolve required resource: benchmark-data/Yahoo!.html");
+      }
+      html = new BufferedReader(new InputStreamReader(
+          resourceStream,
+          StandardCharsets.UTF_8)).lines().collect(Collectors.joining());
+    }
     int length = html.length();
 
     char[] fuzzyHtml0 = new char[length];