Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
1.21
-
None
-
None
Description
I can't upload my apk due to security policy of my company, but I do find where the problem lies.
In org.apache.commons.compress.archivers.zip.ZipArchiveInputStream#readDataDescriptor we check whether following bytes are signaures to determine whethere size is 8 bytes or 4 bytes. Because what following is apk signing block so it will always thought "size" takes 8 bytes.
So (4 + 4 = 8) extra bytes were read. Which leading to org.apache.commons.compress.archivers.zip.ZipArchiveInputStream#isApkSigningBlock also return false.