You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Jeremy Gustie (JIRA)" <ji...@apache.org> on 2016/05/18 20:48:13 UTC
[jira] [Created] (COMPRESS-355) Parsing PAX headers fails with
NegativeArraySizeException
Jeremy Gustie created COMPRESS-355:
--------------------------------------
Summary: Parsing PAX headers fails with NegativeArraySizeException
Key: COMPRESS-355
URL: https://issues.apache.org/jira/browse/COMPRESS-355
Project: Commons Compress
Issue Type: Bug
Components: Archivers
Affects Versions: 1.11
Reporter: Jeremy Gustie
The {{TarArchiveInputStream.parsePaxHeaders}} method fails with a {{NegativeArraySizeException}} when there is an empty line at the end of the headers.
The inner loop starts reading the length, but it gets a newline (10) and ends up subtracting '0' (48) from it; the result is a negative length that blows up an attempt to allocate the {{rest}} array.
I would say that a check to see if {{ch}} is less the '0' and break the loop if it is.
I used {{npm pack aws-sdk@2.2.16}} to generate a tarball with this issue.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)