You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Stefan Bodewig (JIRA)" <ji...@apache.org> on 2018/03/16 08:49:00 UTC

[jira] [Commented] (COMPRESS-432) Permanent Hang creating ZipFile(File)

    [ https://issues.apache.org/jira/browse/COMPRESS-432?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16401602#comment-16401602 ] 

Stefan Bodewig commented on COMPRESS-432:
-----------------------------------------

It was later realized this issue can be used to mount a denial of service attack against services using Commons Compress which then became CVE-2018-1324

 

> Permanent Hang creating ZipFile(File)
> -------------------------------------
>
>                 Key: COMPRESS-432
>                 URL: https://issues.apache.org/jira/browse/COMPRESS-432
>             Project: Commons Compress
>          Issue Type: Bug
>          Components: Archivers
>    Affects Versions: 1.14
>         Environment: Windows 10 x64, jre 1.8.0_151
>            Reporter: Luis Filipe Nassif
>            Priority: Major
>             Fix For: 1.16
>
>         Attachments: difflist_fsbwserver.f-secure.com_80_583109529_2.zip
>
>
> While using Tika-1.15 and 1.17 to detect file types, it hangs when creating an instance of ZipFile with the attached corrupted zip file. Taking a thread dump shows the app is looping at the following point:
> {code}
> java.lang.Thread.State: RUNNABLE
>         at org.apache.commons.compress.archivers.zip.X0017_StrongEncryptionHeader.parseCentralDirectoryFormat(X0017_StrongEncryptionHeader.java:313)
>         at org.apache.commons.compress.archivers.zip.X0017_StrongEncryptionHeader.parseFromCentralDirectoryData(X0017_StrongEncryptionHeader.java:380)
>         at org.apache.commons.compress.archivers.zip.ExtraFieldUtils.parse(ExtraFieldUtils.java:181)
>         at org.apache.commons.compress.archivers.zip.ZipArchiveEntry.setCentralDirectoryExtra(ZipArchiveEntry.java:598)
>         at org.apache.commons.compress.archivers.zip.ZipFile.readCentralDirectoryEntry(ZipFile.java:706)
>         at org.apache.commons.compress.archivers.zip.ZipFile.populateFromCentralDirectory(ZipFile.java:618)
>         at org.apache.commons.compress.archivers.zip.ZipFile.<init>(ZipFile.java:290)
>         at org.apache.commons.compress.archivers.zip.ZipFile.<init>(ZipFile.java:213)
>         at org.apache.commons.compress.archivers.zip.ZipFile.<init>(ZipFile.java:196)
>         at org.apache.commons.compress.archivers.zip.ZipFile.<init>(ZipFile.java:157)
>         at org.apache.tika.parser.pkg.ZipContainerDetector.detectZipFormat(ZipContainerDetector.java:132)
>         at org.apache.tika.parser.pkg.ZipContainerDetector.detect(ZipContainerDetector.java:88)
> {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)