You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by bo...@apache.org on 2019/08/18 10:12:51 UTC
[commons-compress] 01/02: COMPRESS-482 ensure there is enough data
available for a DD
This is an automated email from the ASF dual-hosted git repository.
bodewig pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-compress.git
commit d3ed06a07b880fca2ef2610ba1f3d33f7f566caa
Author: Stefan Bodewig <bo...@apache.org>
AuthorDate: Sun Aug 18 12:02:58 2019 +0200
COMPRESS-482 ensure there is enough data available for a DD
---
.../apache/commons/compress/archivers/zip/ZipArchiveInputStream.java | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java b/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java
index 818c1bf..229e915 100644
--- a/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java
+++ b/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java
@@ -932,7 +932,8 @@ public class ZipArchiveInputStream extends ArchiveInputStream implements InputSt
for (int i = 0; !done && i < offset + lastRead - 4; i++) {
if (buf.array()[i] == LFH[0] && buf.array()[i + 1] == LFH[1]) {
int expectDDPos = i;
- if ((buf.array()[i + 2] == LFH[2] && buf.array()[i + 3] == LFH[3])
+ if (i >= expectedDDLen &&
+ (buf.array()[i + 2] == LFH[2] && buf.array()[i + 3] == LFH[3])
|| (buf.array()[i] == CFH[2] && buf.array()[i + 3] == CFH[3])) {
// found a LFH or CFH:
expectDDPos = i - expectedDDLen;