You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by gg...@apache.org on 2022/09/30 13:21:08 UTC

[commons-compress] 03/03: [COMPRESS-626] OutOfMemoryError on malformed pack200 attributes

This is an automated email from the ASF dual-hosted git repository.

ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-compress.git

commit 90a4d8b3e6bc261af0196ea356f974111001fd15
Author: Gary Gregory <ga...@gmail.com>
AuthorDate: Fri Sep 30 09:21:00 2022 -0400

    [COMPRESS-626] OutOfMemoryError on malformed pack200 attributes
---
 src/changes/changes.xml                              |  3 +++
 .../compress/harmony/pack200/NewAttributeBands.java  | 14 +++++++++-----
 .../harmony/unpack200/NewAttributeBands.java         | 20 ++++++++++++++------
 .../harmony/unpack200/tests/Compress626Test.java     | 19 +++++++++----------
 4 files changed, 35 insertions(+), 21 deletions(-)

diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 946d33e3..2ad3ad6b 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -112,6 +112,9 @@ The <action> type attribute can be add,update,fix,remove.
       <action issue="COMPRESS-625" type="fix" dev="ggregory" due-to="MrBump, Gary Gregory">
         Update Wikipedia link in TarUtils.java:627.
       </action>
+      <action issue="COMPRESS-626" type="fix" dev="ggregory" due-to="Andrii Hudz, Gary Gregory">
+        OutOfMemoryError on malformed pack200 attributes.
+      </action>
       <!-- ADD -->
       <action issue="COMPRESS-602" type="add" dev="ggregory" due-to="Postelnicu George, Gary Gregory">
         Migrate zip package to use NIO #236.
diff --git a/src/main/java/org/apache/commons/compress/harmony/pack200/NewAttributeBands.java b/src/main/java/org/apache/commons/compress/harmony/pack200/NewAttributeBands.java
index 4bcf696a..b091b78b 100644
--- a/src/main/java/org/apache/commons/compress/harmony/pack200/NewAttributeBands.java
+++ b/src/main/java/org/apache/commons/compress/harmony/pack200/NewAttributeBands.java
@@ -168,11 +168,11 @@ public class NewAttributeBands extends BandSet {
 
     private AttributeLayoutElement readNextAttributeElement(final StringReader reader) throws IOException {
         reader.mark(1);
-        final int nextChar = reader.read();
-        if (nextChar == -1) {
+        final int next = reader.read();
+        if (next == -1) {
             return null;
         }
-        if (nextChar == '[') {
+        if (next == '[') {
             return new Callable(readBody(getStreamUpToMatchingBracket(reader)));
         }
         reader.reset();
@@ -272,7 +272,7 @@ public class NewAttributeBands extends BandSet {
         reader.mark(2);
         reader.read(); // '('
         char next = (char) reader.read();
-        if (next == ')') {
+        if (next == ')' || next == -1) {
             reader.reset();
             return null;
         }
@@ -860,7 +860,11 @@ public class NewAttributeBands extends BandSet {
         final StringBuilder sb = new StringBuilder();
         int foundBracket = -1;
         while (foundBracket != 0) {
-            final char c = (char) reader.read();
+            int read = reader.read();
+            if (read == -1) {
+            	break;
+            }
+			final char c = (char) read;
             if (c == ']') {
                 foundBracket++;
             }
diff --git a/src/main/java/org/apache/commons/compress/harmony/unpack200/NewAttributeBands.java b/src/main/java/org/apache/commons/compress/harmony/unpack200/NewAttributeBands.java
index 6690b6db..f27a07ba 100644
--- a/src/main/java/org/apache/commons/compress/harmony/unpack200/NewAttributeBands.java
+++ b/src/main/java/org/apache/commons/compress/harmony/unpack200/NewAttributeBands.java
@@ -192,11 +192,11 @@ public class NewAttributeBands extends BandSet {
 
     private AttributeLayoutElement readNextAttributeElement(final StringReader stream) throws IOException {
         stream.mark(1);
-        final int nextChar = stream.read();
-        if (nextChar == -1) {
+        final int next = stream.read();
+        if (next == -1) {
             return null;
         }
-        if (nextChar == '[') {
+        if (next == '[') {
             return new Callable(readBody(getStreamUpToMatchingBracket(stream)));
         }
         stream.reset();
@@ -293,7 +293,7 @@ public class NewAttributeBands extends BandSet {
         stream.mark(2);
         stream.read(); // '('
         char next = (char) stream.read();
-        if (next == ')') {
+        if (next == ')'|| next == -1) {
             stream.reset();
             return null;
         }
@@ -865,7 +865,11 @@ public class NewAttributeBands extends BandSet {
         final StringBuilder sb = new StringBuilder();
         int foundBracket = -1;
         while (foundBracket != 0) {
-            final char c = (char) stream.read();
+            int read = stream.read();
+            if (read == -1) {
+            	break;
+            }
+			final char c = (char) read;
             if (c == ']') {
                 foundBracket++;
             }
@@ -913,7 +917,11 @@ public class NewAttributeBands extends BandSet {
         final StringBuilder sb = new StringBuilder();
         int foundBracket = -1;
         while (foundBracket != 0) {
-            final char c = (char) stream.read();
+            int read = stream.read();
+            if (read == -1) {
+            	break;
+            }
+			final char c = (char) read;
             if (c == ']') {
                 foundBracket++;
             }
diff --git a/src/test/java/org/apache/commons/compress/harmony/unpack200/tests/Compress626Test.java b/src/test/java/org/apache/commons/compress/harmony/unpack200/tests/Compress626Test.java
index 690cb6ef..ef048189 100644
--- a/src/test/java/org/apache/commons/compress/harmony/unpack200/tests/Compress626Test.java
+++ b/src/test/java/org/apache/commons/compress/harmony/unpack200/tests/Compress626Test.java
@@ -17,6 +17,8 @@
 
 package org.apache.commons.compress.harmony.unpack200.tests;
 
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+
 import java.io.IOException;
 import java.io.InputStream;
 import java.nio.file.Files;
@@ -28,21 +30,18 @@ import org.apache.commons.compress.harmony.pack200.CPUTF8;
 import org.apache.commons.compress.harmony.pack200.NewAttributeBands;
 import org.apache.commons.compress.java.util.jar.Pack200;
 import org.apache.commons.io.output.NullOutputStream;
-import org.junit.Ignore;
-import org.junit.jupiter.api.Disabled;
 import org.junit.jupiter.api.Test;
 
-@Disabled @Ignore
 public class Compress626Test {
 
 	@Test
-    public void test() throws Exception {
-		CPUTF8 name = new CPUTF8("");
-		CPUTF8 layout = new CPUTF8("[");
-        new NewAttributeBands(1, null, null,
-                new AttributeDefinitionBands.AttributeDefinition(35, AttributeDefinitionBands.CONTEXT_CLASS, name, layout)
-        );
-    }
+	public void test() throws Exception {
+		final CPUTF8 name = new CPUTF8("");
+		final CPUTF8 layout = new CPUTF8("[");
+		assertDoesNotThrow(
+				() -> new NewAttributeBands(1, null, null, new AttributeDefinitionBands.AttributeDefinition(35,
+						AttributeDefinitionBands.CONTEXT_CLASS, name, layout)));
+	}
 
 	@Test
 	public void testJar() throws IOException {