You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Stefan Bodewig (JIRA)" <ji...@apache.org> on 2016/07/01 19:40:10 UTC
[jira] [Resolved] (COMPRESS-363) Overflow in BitInputStream
[ https://issues.apache.org/jira/browse/COMPRESS-363?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Bodewig resolved COMPRESS-363.
-------------------------------------
Resolution: Fixed
Fix Version/s: 1.13
Many thanks, I've created a unit test from your example.
Should be fixed with git commit 52dd590.
> Overflow in BitInputStream
> --------------------------
>
> Key: COMPRESS-363
> URL: https://issues.apache.org/jira/browse/COMPRESS-363
> Project: Commons Compress
> Issue Type: Bug
> Components: Compressors
> Affects Versions: 1.12
> Reporter: fredwang_00
> Fix For: 1.13
>
>
> in Class BitInputStream.java(\src\main\java\org\apache\commons\compress\utils),
> funcion:
> public long readBits(final int count) throws IOException {
> if (count < 0 || count > MAXIMUM_CACHE_SIZE) {
> throw new IllegalArgumentException("count must not be negative or greater than " + MAXIMUM_CACHE_SIZE);
> }
> while (bitsCachedSize < count) {
> final long nextByte = in.read();
> if (nextByte < 0) {
> return nextByte;
> }
> if (byteOrder == ByteOrder.LITTLE_ENDIAN) {
> bitsCached |= (nextByte << bitsCachedSize);
> } else {
> bitsCached <<= 8;
> bitsCached |= nextByte;
> }
> bitsCachedSize += 8;
> }
> final long bitsOut;
> if (byteOrder == ByteOrder.LITTLE_ENDIAN) {
> bitsOut = (bitsCached & MASKS[count]);
> bitsCached >>>= count;
> } else {
> bitsOut = (bitsCached >> (bitsCachedSize - count)) & MASKS[count];
> }
> bitsCachedSize -= count;
> return bitsOut;
> }
> I think here "bitsCached |= (nextByte << bitsCachedSize);" will overflow in some cases. for example, below is a test case:
> public static void test() {
> ByteArrayInputStream in = new ByteArrayInputStream(new byte[]{87, 45, 66, 15,
> 90, 29, 88, 61, 33, 74});
> BitInputStream bin = new BitInputStream(in, ByteOrder.LITTLE_ENDIAN);
> try {
> long ret = bin.readBits(5);
> ret = bin.readBits(63);
> ret = bin.readBits(12);
> } catch (Exception e) {
> e.printStackTrace();
> }
> }
> overflow occur in "bin.readBits(63);" , so ,result in wrong result from "bin.readBits(12);"
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)