[COMPRESS-605] Failed to parse Non-zip64 signed apk with data descriptor - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 1.21
Fix Version/s: None
Component/s: Archivers
Labels:
None

Description

I can't upload my apk due to security policy of my company, but I do find where the problem lies.

In org.apache.commons.compress.archivers.zip.ZipArchiveInputStream#readDataDescriptor we check whether following bytes are signaures to determine whethere size is 8 bytes or 4 bytes. Because what following is apk signing block so it will always thought "size" takes 8 bytes.

So (4 + 4 = 8) extra bytes were read. Which leading to org.apache.commons.compress.archivers.zip.ZipArchiveInputStream#isApkSigningBlock also return false.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: nick allen

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 20/Jan/22 11:15

Updated:: 21/Mar/22 06:58