You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by bo...@apache.org on 2021/05/16 15:40:30 UTC
[commons-compress] branch master updated: COMPRESS-542 guard
against integer overflow
This is an automated email from the ASF dual-hosted git repository.
bodewig pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-compress.git
The following commit(s) were added to refs/heads/master by this push:
new 60d551a COMPRESS-542 guard against integer overflow
60d551a is described below
commit 60d551a748236d7f4651a4ae88d5a351f7c5754b
Author: Stefan Bodewig <st...@innoq.com>
AuthorDate: Sun May 16 17:39:44 2021 +0200
COMPRESS-542 guard against integer overflow
---
.../java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java b/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java
index 2d7bb77..521aed8 100644
--- a/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java
+++ b/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java
@@ -943,6 +943,8 @@ public class SevenZFile implements Closeable {
stats.numberOfUnpackSubStreams = stats.numberOfFolders;
}
+ assertFitsIntoNonNegativeInt(stats.numberOfUnpackSubStreams);
+
if (nid == NID.kSize) {
for (final int numUnpackSubStreams : numUnpackSubStreamsPerFolder) {
if (numUnpackSubStreams == 0) {