You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@commons.apache.org by "Jeremy Gustie (JIRA)" <ji...@apache.org> on 2016/05/18 20:48:13 UTC

[jira] [Created] (COMPRESS-355) Parsing PAX headers fails with NegativeArraySizeException

Jeremy Gustie created COMPRESS-355:
--------------------------------------

             Summary: Parsing PAX headers fails with NegativeArraySizeException
                 Key: COMPRESS-355
                 URL: https://issues.apache.org/jira/browse/COMPRESS-355
             Project: Commons Compress
          Issue Type: Bug
          Components: Archivers
    Affects Versions: 1.11
            Reporter: Jeremy Gustie


The {{TarArchiveInputStream.parsePaxHeaders}} method fails with a {{NegativeArraySizeException}} when there is an empty line at the end of the headers.

The inner loop starts reading the length, but it gets a newline (10) and ends up subtracting '0' (48) from it; the result is a negative length that blows up an attempt to allocate the {{rest}} array.

I would say that a check to see if {{ch}} is less the '0' and break the loop if it is.

I used {{npm pack aws-sdk@2.2.16}} to generate a tarball with this issue.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)