commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeremy Gustie (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (COMPRESS-355) Parsing PAX headers fails with NegativeArraySizeException
Date Thu, 19 May 2016 16:39:12 GMT

    [ https://issues.apache.org/jira/browse/COMPRESS-355?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15291466#comment-15291466
] 

Jeremy Gustie commented on COMPRESS-355:
----------------------------------------

I can confirm the fix [here|https://github.com/apache/commons-compress/compare/master...blackducksoftware:bug/COMPRESS-355-negative-array-size]
works (alas, no tests).

> Parsing PAX headers fails with NegativeArraySizeException
> ---------------------------------------------------------
>
>                 Key: COMPRESS-355
>                 URL: https://issues.apache.org/jira/browse/COMPRESS-355
>             Project: Commons Compress
>          Issue Type: Bug
>          Components: Archivers
>    Affects Versions: 1.11
>            Reporter: Jeremy Gustie
>
> The {{TarArchiveInputStream.parsePaxHeaders}} method fails with a {{NegativeArraySizeException}}
when there is an empty line at the end of the headers.
> The inner loop starts reading the length, but it gets a newline (10) and ends up subtracting
'0' (48) from it; the result is a negative length that blows up an attempt to allocate the
{{rest}} array.
> I would say that a check to see if {{ch}} is less the '0' and break the loop if it is.
> I used {{npm pack aws-sdk@2.2.16}} to generate a tarball with this issue.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message