[jira] [Commented] (TIKA-3336) New zip bombs detected

Hudson (Jira) Tue, 23 Mar 2021 15:32:05 -0700


    [ 
https://issues.apache.org/jira/browse/TIKA-3336?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17307451#comment-17307451
 ]


Hudson commented on TIKA-3336:
------------------------------

SUCCESS: Integrated in Jenkins build Tika » tika-branch1x-jdk8 #110 (See 
[https://ci-builds.apache.org/job/Tika/job/tika-branch1x-jdk8/110/])
TIKA-3336 -- new zip bombs detect in 1.26-SNAPSHOT compared with 1.25 -- bug, 
don't advance twice per call to chars/whitespace (tallison: 
[https://github.com/apache/tika/commit/2b8c9a3eba7007998cca6df6db973c2c4547d55e])
* (edit) 
tika-core/src/main/java/org/apache/tika/parser/RecursiveParserWrapper.java


> New zip bombs detected
> ----------------------
>
>                 Key: TIKA-3336
>                 URL: https://issues.apache.org/jira/browse/TIKA-3336
>             Project: Tika
>          Issue Type: Task
>            Reporter: Tim Allison
>            Priority: Major
>
> in 1.25 vs 1.26-SNAPSHOT... example: 
> https://corpora.tika.apache.org/base/docs/bug_trackers/MOZILLA/1534195-1623599/MOZILLA-1534483-2.zip
> This may be a new feature of the changes to secure parsing in the 
> RecursiveParserWrapper, or (more likely) could be a bug.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (TIKA-3336) New zip bombs detected

Reply via email to