You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@poi.apache.org by bu...@apache.org on 2017/07/13 15:19:43 UTC

[Bug 61294] New: IOUtils.skipFully can run into infinite loop

https://bz.apache.org/bugzilla/show_bug.cgi?id=61294

            Bug ID: 61294
           Summary: IOUtils.skipFully can run into infinite loop
           Product: POI
           Version: 3.16-dev
          Hardware: PC
            Status: NEW
          Severity: normal
          Priority: P2
         Component: POI Overall
          Assignee: dev@poi.apache.org
          Reporter: tallison@mitre.org
  Target Milestone: ---

Luis Filipe Nassif, over on TIKA-2428, reported that the EMFParser can hit an
infinite loop on corrupt files.  IOUtils.skipfully can run into an infinite
loop.

We need to change readSoFar to a long to avoid overflow; we need to account for
FileInputStream alleging that it skipped more bytes than were available; and we
need to account for an InputStream returning 0, which can happen for a) because
it wanted to but there are still bytes available() or b) it hit the end of the
InputStream.  In the last case, where bytes are available and the full length
has not been skipped, we need to fallback to read() to make sure read doesn't
hit a -1.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@poi.apache.org
For additional commands, e-mail: dev-help@poi.apache.org

[Bug 61294] IOUtils.skipFully can run into infinite loop

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=61294

Dominik Stadler <do...@gmx.at> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #3 from Dominik Stadler <do...@gmx.at> ---
I added this test via r1806162, so this bug seems to be fixed already for some
time.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@poi.apache.org
For additional commands, e-mail: dev-help@poi.apache.org

[Bug 61294] IOUtils.skipFully can run into infinite loop

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=61294

--- Comment #4 from Tim Allison <ta...@mitre.org> ---
Y, sorry.  I forgot to close/resolve this issue...

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@poi.apache.org
For additional commands, e-mail: dev-help@poi.apache.org

[Bug 61294] IOUtils.skipFully can run into infinite loop

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=61294

Dominik Stadler <do...@gmx.at> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 OS|                            |All

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@poi.apache.org
For additional commands, e-mail: dev-help@poi.apache.org

[Bug 61294] IOUtils.skipFully can run into infinite loop

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=61294

--- Comment #1 from bjrke <ap...@bjrke.de> ---
to find the issue, simply execute
IOUtils.skipFully(new ByteArrayInputStream(new byte[0]), 1);

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@poi.apache.org
For additional commands, e-mail: dev-help@poi.apache.org

[Bug 61294] IOUtils.skipFully can run into infinite loop

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=61294

--- Comment #2 from bjrke <ap...@bjrke.de> ---
this is fixed by
https://github.com/apache/poi/commit/c7db66a30dfb6cbbd5812ff3ae4c90ed2d9b9a27

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@poi.apache.org
For additional commands, e-mail: dev-help@poi.apache.org