COMPRESS-411 Math.abs is dangerous
Project: http://git-wip-us.apache.org/repos/asf/commons-compress/repo Commit: http://git-wip-us.apache.org/repos/asf/commons-compress/commit/2c8892a2 Tree: http://git-wip-us.apache.org/repos/asf/commons-compress/tree/2c8892a2 Diff: http://git-wip-us.apache.org/repos/asf/commons-compress/diff/2c8892a2 Branch: refs/heads/master Commit: 2c8892a206c9374b0cde6fce72299b0fe630f3a0 Parents: 6b2bd2d Author: Stefan Bodewig <bode...@apache.org> Authored: Sat Jun 17 21:46:25 2017 +0200 Committer: Stefan Bodewig <bode...@apache.org> Committed: Sat Jun 17 21:46:25 2017 +0200 ---------------------------------------------------------------------- .../java/org/apache/commons/compress/archivers/tar/TarUtils.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/commons-compress/blob/2c8892a2/src/main/java/org/apache/commons/compress/archivers/tar/TarUtils.java ---------------------------------------------------------------------- diff --git a/src/main/java/org/apache/commons/compress/archivers/tar/TarUtils.java b/src/main/java/org/apache/commons/compress/archivers/tar/TarUtils.java index c0dac4c..4e99a20 100644 --- a/src/main/java/org/apache/commons/compress/archivers/tar/TarUtils.java +++ b/src/main/java/org/apache/commons/compress/archivers/tar/TarUtils.java @@ -496,8 +496,8 @@ public class TarUtils { final boolean negative) { final int bits = (length - 1) * 8; final long max = 1l << bits; - long val = Math.abs(value); - if (val >= max) { + long val = Math.abs(value); // Long.MIN_VALUE stays Long.MIN_VALUE + if (val < 0 || val >= max) { throw new IllegalArgumentException("Value " + value + " is too large for " + length + " byte field."); }
