Uploaded image for project: 'Commons Compress'
  1. Commons Compress
  2. COMPRESS-585

ZipFile fails to read a zipfile with a comment or extra data longer than 8024 bytes

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 1.21
    • None
    • Archivers
    • None

    Description

      See the attached patch for a unit test demonstrating the issue with a long comment.

      The cause is that ZipFile.readCentralDirectoryEntry() calls IOUtils.readRange() and assumes if it returns less than the length it asked for that the EOF is reached, however this is not how that method works: it returns max COPY_BUF_SIZE bytes (8024), even if EOF has not been reached.

      Besides comments and extra data (in the central directory or local file header) longer than 8024 bytes the only other place readRange() is called is reading filenames, but that seems like a remote edge case and an EOF exception is fine.

      The IOUtils.readRange() JavaDoc does not specify how it communicates EOF. With a blocking channel this would be when it returns a zero length array. It could throw an exception when Channel.read() returns 0 bytes, because that only happens on non-blocking channels.

      Attachments

        1. COMPRESS-585-test.patch
          3 kB
          Matthijs Laan

        Activity

          People

            Unassigned Unassigned
            matthijsln Matthijs Laan
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: