[1/3] commons-compress git commit: CPIO crc overflow resolved for large files

[bodewig]

Repository: commons-compress
Updated Branches:
  refs/heads/master 785233a6f -> b893471b9


CPIO crc overflow resolved for large files

When unpacking a CPIO file containing a large file the crc check will
overflow and throw an IOException("CRC Error...").

Did not find a nice wa to test this since it requires a very lasrge
input file.


Project: http://git-wip-us.apache.org/repos/asf/commons-compress/repo
Commit: http://git-wip-us.apache.org/repos/asf/commons-compress/commit/0bc43314
Tree: http://git-wip-us.apache.org/repos/asf/commons-compress/tree/0bc43314
Diff: http://git-wip-us.apache.org/repos/asf/commons-compress/diff/0bc43314

Branch: refs/heads/master
Commit: 0bc43314c1216a88d0e281e7ed66244c47c57c56
Parents: 785233a
Author: dcollin 
Authored: Wed Mar 29 13:44:22 2017 +0200
Committer: Stefan Bodewig 
Committed: Wed Mar 29 14:20:57 2017 +0200

--
 .../commons/compress/archivers/cpio/CpioArchiveInputStream.java | 1 +
 1 file changed, 1 insertion(+)
--


http://git-wip-us.apache.org/repos/asf/commons-compress/blob/0bc43314/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveInputStream.java
--
diff --git 
a/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveInputStream.java
 
b/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveInputStream.java
index a7059bc..ac4b7bb 100644
--- 
a/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveInputStream.java
+++ 
b/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveInputStream.java
@@ -329,6 +329,7 @@ public class CpioArchiveInputStream extends 
ArchiveInputStream implements
 if (this.entry.getFormat() == FORMAT_NEW_CRC) {
 for (int pos = 0; pos < tmpread; pos++) {
 this.crc += b[pos] & 0xFF;
+this.crc &= 0xL;
 }
 }
 this.entryBytesRead += tmpread;

[3/3] commons-compress git commit: ensure CPIO only uses the least-significant 32bit of CRC

[bodewig]

ensure CPIO only uses the least-significant 32bit of CRC

https://people.freebsd.org/~kientzle/libarchive/man/cpio.5.txt

> The CRC format is identical to the new ASCII format described in the previous 
> section except that the magic field is set to ``070702'' and the check field 
> is set to the sum of all bytes in the file data. This sum is computed 
> treating all bytes as unsigned values and using unsigned arithmetic. Only the 
> least-significant 32 bits of the sum are stored.


Project: http://git-wip-us.apache.org/repos/asf/commons-compress/repo
Commit: http://git-wip-us.apache.org/repos/asf/commons-compress/commit/b893471b
Tree: http://git-wip-us.apache.org/repos/asf/commons-compress/tree/b893471b
Diff: http://git-wip-us.apache.org/repos/asf/commons-compress/diff/b893471b

Branch: refs/heads/master
Commit: b893471b95285cc2364e3b2b8f6220ac6dc362a4
Parents: 44d376b
Author: Stefan Bodewig 
Authored: Wed Mar 29 14:32:40 2017 +0200
Committer: Stefan Bodewig 
Committed: Wed Mar 29 14:32:40 2017 +0200

--
 .../apache/commons/compress/archivers/cpio/CpioArchiveEntry.java | 4 ++--
 .../commons/compress/archivers/cpio/CpioArchiveOutputStream.java | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/commons-compress/blob/b893471b/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveEntry.java
--
diff --git 
a/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveEntry.java
 
b/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveEntry.java
index f625dcf..e5675f0 100644
--- 
a/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveEntry.java
+++ 
b/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveEntry.java
@@ -376,7 +376,7 @@ public class CpioArchiveEntry implements CpioConstants, 
ArchiveEntry {
  */
 public long getChksum() {
 checkNewFormat();
-return this.chksum;
+return this.chksum & 0xL;
 }
 
 /**
@@ -679,7 +679,7 @@ public class CpioArchiveEntry implements CpioConstants, 
ArchiveEntry {
  */
 public void setChksum(final long chksum) {
 checkNewFormat();
-this.chksum = chksum;
+this.chksum = chksum & 0xL;
 }
 
 /**

http://git-wip-us.apache.org/repos/asf/commons-compress/blob/b893471b/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveOutputStream.java
--
diff --git 
a/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveOutputStream.java
 
b/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveOutputStream.java
index 02a53b8..88ec07e 100644
--- 
a/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveOutputStream.java
+++ 
b/src/main/java/org/apache/commons/compress/archivers/cpio/CpioArchiveOutputStream.java
@@ -434,6 +434,7 @@ public class CpioArchiveOutputStream extends 
ArchiveOutputStream implements
 if (this.entry.getFormat() == FORMAT_NEW_CRC) {
 for (int pos = 0; pos < len; pos++) {
 this.crc += b[pos] & 0xFF;
+this.crc &= 0xL;
 }
 }
 count(len);

[2/3] commons-compress git commit: record Daniel's fix, closes #17

[bodewig]

record Daniel's fix, closes #17


Project: http://git-wip-us.apache.org/repos/asf/commons-compress/repo
Commit: http://git-wip-us.apache.org/repos/asf/commons-compress/commit/44d376b7
Tree: http://git-wip-us.apache.org/repos/asf/commons-compress/tree/44d376b7
Diff: http://git-wip-us.apache.org/repos/asf/commons-compress/diff/44d376b7

Branch: refs/heads/master
Commit: 44d376b737199d42f0d3f195f1c2f82d33b77033
Parents: 0bc4331
Author: Stefan Bodewig 
Authored: Wed Mar 29 14:29:19 2017 +0200
Committer: Stefan Bodewig 
Committed: Wed Mar 29 14:29:19 2017 +0200

--
 src/changes/changes.xml | 4 
 1 file changed, 4 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/commons-compress/blob/44d376b7/src/changes/changes.xml
--
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index e845227..44d57f0 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -68,6 +68,10 @@ The  type attribute can be add,update,fix,remove.
 BZip2CompressorInputstream now uses BitInputStream internally.
 Pull Request #13.
   
+  
+Fixed an integer overflow in CPIO's CRC calculation.
+Pull Request #17.
+