[Bug 61294] New: IOUtils.skipFully can run into infinite loop

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 61294] New: IOUtils.skipFully can run into infinite loop

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=61294

            Bug ID: 61294
           Summary: IOUtils.skipFully can run into infinite loop
           Product: POI
           Version: 3.16-dev
          Hardware: PC
            Status: NEW
          Severity: normal
          Priority: P2
         Component: POI Overall
          Assignee: [hidden email]
          Reporter: [hidden email]
  Target Milestone: ---

Luis Filipe Nassif, over on TIKA-2428, reported that the EMFParser can hit an
infinite loop on corrupt files.  IOUtils.skipfully can run into an infinite
loop.

We need to change readSoFar to a long to avoid overflow; we need to account for
FileInputStream alleging that it skipped more bytes than were available; and we
need to account for an InputStream returning 0, which can happen for a) because
it wanted to but there are still bytes available() or b) it hit the end of the
InputStream.  In the last case, where bytes are available and the full length
has not been skipped, we need to fallback to read() to make sure read doesn't
hit a -1.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 61294] IOUtils.skipFully can run into infinite loop

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=61294

Dominik Stadler <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 OS|                            |All

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Loading...