svn commit: r1545928 - in /commons/proper/compress/trunk/src: changes/changes.xml main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java

Tue, 26 Nov 2013 21:36:43 -0800 

Author: bodewig
Date: Wed Nov 27 05:35:26 2013
New Revision: 1545928

URL: http://svn.apache.org/r1545928
Log:
COMPRESS-244 might overflow a 32bit int in SevenZFile#readUint64 - based on 
patch by Nico Kruber

Modified:
    commons/proper/compress/trunk/src/changes/changes.xml
    
commons/proper/compress/trunk/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java

Modified: commons/proper/compress/trunk/src/changes/changes.xml
URL: 
http://svn.apache.org/viewvc/commons/proper/compress/trunk/src/changes/changes.xml?rev=1545928&r1=1545927&r2=1545928&view=diff
==============================================================================
--- commons/proper/compress/trunk/src/changes/changes.xml (original)
+++ commons/proper/compress/trunk/src/changes/changes.xml Wed Nov 27 05:35:26 
2013
@@ -48,6 +48,10 @@ The <action> type attribute can be add,u
         SevenZOutputFile#closeArchiveEntry throws an exception when
         using LZMA2 compression on Java8.
       </action> 
+      <action issue="COMPRESS-244" type="fix" date="2013-11-27"
+              due-to="Nico Kruber">
+        7z reading of big 64bit values could be wrong.
+      </action> 
     </release>
     <release version="1.6" date="2013-10-26"
              description="Release 1.6">

Modified: 
commons/proper/compress/trunk/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java
URL: 
http://svn.apache.org/viewvc/commons/proper/compress/trunk/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java?rev=1545928&r1=1545927&r2=1545928&view=diff
==============================================================================
--- 
commons/proper/compress/trunk/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java
 (original)
+++ 
commons/proper/compress/trunk/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java
 Wed Nov 27 05:35:26 2013
@@ -895,7 +895,7 @@ public class SevenZFile {
     }
     
     private static long readUint64(final DataInput in) throws IOException {
-        int firstByte = in.readUnsignedByte();
+        long firstByte = in.readUnsignedByte();
         int mask = 0x80;
         long value = 0;
         for (int i = 0; i < 8; i++) {

Reply via email to