commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stefan Bodewig (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (COMPRESS-386) Consider adding sanity check to maxCodeSize in ZCompressorInputStream
Date Fri, 14 Apr 2017 15:42:41 GMT

     [ https://issues.apache.org/jira/browse/COMPRESS-386?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Stefan Bodewig updated COMPRESS-386:
------------------------------------
    Fix Version/s:     (was: 1.14)

> Consider adding sanity check to maxCodeSize in ZCompressorInputStream
> ---------------------------------------------------------------------
>
>                 Key: COMPRESS-386
>                 URL: https://issues.apache.org/jira/browse/COMPRESS-386
>             Project: Commons Compress
>          Issue Type: Improvement
>            Reporter: Tim Allison
>            Priority: Minor
>
> On TIKA-1631, several users pointed out that a bad value for the 4th byte of an apparently
Z compressed file can lead to an OOM.
> If possible, it would be great to parameterize ZCompressorInputStream to set a threshold.
 Or, if this should be kept out of COMPRESS, is there some way that we could load a threshold-checking
subclass of ZCompressorInputStream via the CompressorStreamFactory?



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message