commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Paul Hebble (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (COMPRESS-444) Version to extract incorrect in Local File Header
Date Mon, 19 Feb 2018 22:01:00 GMT

     [ https://issues.apache.org/jira/browse/COMPRESS-444?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Paul Hebble updated COMPRESS-444:
---------------------------------
    Description: 
A friend is generating ZIP files with Maven Assembly Plugin, which uses Plexus Archiver,
which uses Commons Compress. One of his files tripped a validation check in SharpZipLib, see [https://github.com/KSP-CKAN/CKAN/issues/2285].

Here's a link to the ZIP:

[https://github.com/rleroy/CivilianPopulation/releases/download/2.0.12/ksp-civilian-population-mod-2.0.12.zip]

The LFH in question starts:

{{00000400 74 69 6c 69 74 79 2f 50 4b 03 04 *0a 00* 08 08 *08* |tility/PK.......|}}

Note the *highlighted* bytes. The *0a 00* means that the version to extract is PKZip 1.0.
The *08* means that the compression method is DEFLATED. These values are not compatible; by
Commons Compress's own code logic, DEFLATED should require version 2.0, which would appear
in the LFH as *14 00*. Notably, the CFH for this same file _does_ have version 2.0:

{{00e0e5f0 73 2f 55 74 69 6c 69 74 79 2f 50 4b 01 02 14 03 |s/Utility/PK....|}}
 {{00e0e600 14 00 08 08 08 00 ab b8 30 4c 43 fa a3 ea 50 00 |........0LC...P.|}}

{{         ^^ ^^}}

I have not yet been able to identify the cause of this issue.

  was:
A friend is generating ZIP files with Maven Assembly Plugin, which uses Plexus Archiver,
which uses Commons Compress. One of his files tripped a validation check in SharpZipLib, see [https://github.com/KSP-CKAN/CKAN/issues/2285].

Here's a link to the ZIP:

[https://github.com/rleroy/CivilianPopulation/releases/download/2.0.12/ksp-civilian-population-mod-2.0.12.zip]

The LFH in question starts:

{{00000400 74 69 6c 69 74 79 2f 50 4b 03 04 *0a 00* 08 08 *08* |tility/PK.......|}}
{{                                          ^^ ^^       ^^}}

Note the *highlighted* bytes. The *0a 00* means that the version to extract is PKZip 1.0.
The *08* means that the compression method is DEFLATED. These values are not compatible; by
Commons Compress's own code logic, DEFLATED should require version 2.0, which would appear
in the LFH as *14 00*. Notably, the CFH for this same file _does_ have version 2.0:

{{00e0e5f0 73 2f 55 74 69 6c 69 74 79 2f 50 4b 01 02 14 03 |s/Utility/PK....|}}
 {{00e0e600 14 00 08 08 08 00 ab b8 30 4c 43 fa a3 ea 50 00 |........0LC...P.|}}

{{         ^^ ^^}}

I have not yet been able to identify the cause of this issue.


> Version to extract incorrect in Local File Header
> -------------------------------------------------
>
>                 Key: COMPRESS-444
>                 URL: https://issues.apache.org/jira/browse/COMPRESS-444
>             Project: Commons Compress
>          Issue Type: Bug
>          Components: Archivers
>            Reporter: Paul Hebble
>            Priority: Minor
>
> A friend is generating ZIP files with Maven Assembly Plugin, which uses Plexus Archiver,
which uses Commons Compress. One of his files tripped a validation check in SharpZipLib, see [https://github.com/KSP-CKAN/CKAN/issues/2285].
> Here's a link to the ZIP:
> [https://github.com/rleroy/CivilianPopulation/releases/download/2.0.12/ksp-civilian-population-mod-2.0.12.zip]
> The LFH in question starts:
> {{00000400 74 69 6c 69 74 79 2f 50 4b 03 04 *0a 00* 08 08 *08* |tility/PK.......|}}
> Note the *highlighted* bytes. The *0a 00* means that the version to extract is PKZip
1.0. The *08* means that the compression method is DEFLATED. These values are not compatible;
by Commons Compress's own code logic, DEFLATED should require version 2.0, which would appear
in the LFH as *14 00*. Notably, the CFH for this same file _does_ have version 2.0:
> {{00e0e5f0 73 2f 55 74 69 6c 69 74 79 2f 50 4b 01 02 14 03 |s/Utility/PK....|}}
>  {{00e0e600 14 00 08 08 08 00 ab b8 30 4c 43 fa a3 ea 50 00 |........0LC...P.|}}
> {{         ^^ ^^}}
> I have not yet been able to identify the cause of this issue.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message