You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Paul Hebble (JIRA)" <ji...@apache.org> on 2018/02/20 05:11:00 UTC
[jira] [Comment Edited] (COMPRESS-444) Version to extract incorrect
in Local File Header
[ https://issues.apache.org/jira/browse/COMPRESS-444?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16369723#comment-16369723 ]
Paul Hebble edited comment on COMPRESS-444 at 2/20/18 5:10 AM:
---------------------------------------------------------------
Thanks! That would explain why I couldn't find the problem from auditing the current code.
Could I trouble you to elaborate slightly, which version exactly has the fix? I would like to check the dependencies of the packages involved to verify that an older version was used to generate the problem ZIPs.
EDIT: Nevermind, I see there's a field for this, which says 1.16. That should work for my purposes. Thanks again!
was (Author: hebarusan):
Thanks! That would explain why I couldn't find the problem from auditing the current code.
Could I trouble you to elaborate slightly, which version exactly has the fix? I would like to check the dependencies of the packages involved to verify that an older version was used to generate the problem ZIPs.
> Version to extract incorrect in Local File Header
> -------------------------------------------------
>
> Key: COMPRESS-444
> URL: https://issues.apache.org/jira/browse/COMPRESS-444
> Project: Commons Compress
> Issue Type: Bug
> Components: Archivers
> Reporter: Paul Hebble
> Priority: Minor
> Fix For: 1.16
>
>
> A friend is generating ZIP files with Maven Assembly Plugin, which uses Plexus Archiver, which uses Commons Compress. One of his files tripped a validation check in SharpZipLib, see [https://github.com/KSP-CKAN/CKAN/issues/2285].
> Here's a link to the ZIP:
> [https://github.com/rleroy/CivilianPopulation/releases/download/2.0.12/ksp-civilian-population-mod-2.0.12.zip]
> The LFH in question starts:
> {{00000400 74 69 6c 69 74 79 2f 50 4b 03 04 *0a 00* 08 08 *08* |tility/PK.......|}}
> Note the *highlighted* bytes. The *0a 00* means that the version to extract is PKZip 1.0. The *08* means that the compression method is DEFLATED. These values are not compatible; by Commons Compress's own code logic, DEFLATED should require version 2.0, which would appear in the LFH as *14 00*. Notably, the CFH for this same file _does_ have version 2.0:
> {{00e0e5f0 73 2f 55 74 69 6c 69 74 79 2f 50 4b 01 02 14 03 |s/Utility/PK....|}}
> {{00e0e600 *14* *00* 08 08 08 00 ab b8 30 4c 43 fa a3 ea 50 00 |........0LC...P.|}}
> {{ ^^ ^^}}
> I have not yet been able to identify the cause of this issue.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)