commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Paul Hebble (JIRA)" <j...@apache.org>
Subject [jira] [Created] (COMPRESS-444) Version to extract incorrect in Local File Header
Date Mon, 19 Feb 2018 21:58:00 GMT
Paul Hebble created COMPRESS-444:
------------------------------------

             Summary: Version to extract incorrect in Local File Header
                 Key: COMPRESS-444
                 URL: https://issues.apache.org/jira/browse/COMPRESS-444
             Project: Commons Compress
          Issue Type: Bug
          Components: Archivers
            Reporter: Paul Hebble


A friend is generating ZIP files with Maven Assembly Plugin, which uses Plexus Archiver,
which uses Commons Compress. One of his files tripped a validation check in SharpZipLib, see https://github.com/KSP-CKAN/CKAN/issues/2285.

Here's a link to the ZIP:

https://github.com/rleroy/CivilianPopulation/releases/download/2.0.12/ksp-civilian-population-mod-2.0.12.zip

The LFH in question starts:

 

{{{{00000400 74 69 6c 69 74 79 2f 50 4b 03 04 *0a 00* 08 08 *08* |tility/PK.......|}}}}

{{{{                                          ^^ ^^       ^^}}}}

Note the *highlighted* bytes. The *0a 00* means that the version to extract is PKZip 1.0.
The *08* means that the compression method is DEFLATED. These values are not compatible; by
Commons Compress's own code logic, DEFLATED should require version 2.0, which would appear
in the LFH as *14 00*. Notably, the CFH for this same file _does_ have version 2.0:

{{00e0e5f0 73 2f 55 74 69 6c 69 74 79 2f 50 4b 01 02 14 03 |s/Utility/PK....|}}
{{00e0e600 14 00 08 08 08 00 ab b8 30 4c 43 fa a3 ea 50 00 |........0LC...P.|}}

{{         ^^ ^^}}

I have not yet been able to identify the cause of this issue.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message