[
https://issues.apache.org/jira/browse/COMPRESS-598?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Gary D. Gregory resolved COMPRESS-598.
--------------------------------------
Fix Version/s: 1.29.0
Assignee: Gary D. Gregory
Resolution: Fixed
In git master, we now throw a subclass of IOException (ZipException).
> NullPointerException in ZipArchiveInputStream.getCompressedCount()
> ------------------------------------------------------------------
>
> Key: COMPRESS-598
> URL: https://issues.apache.org/jira/browse/COMPRESS-598
> Project: Commons Compress
> Issue Type: Bug
> Components: Archivers
> Affects Versions: 1.21
> Reporter: Dominik Stadler
> Assignee: Gary D. Gregory
> Priority: Major
> Labels: NullPointerException, fuzzer, npe
> Fix For: 1.29.0
>
> Attachments: Crash_f2efd9eaeb86cda597d07b5e3c3d81363633c2da.java,
> crash-f2efd9eaeb86cda597d07b5e3c3d81363633c2da
>
>
> While fuzzing Apache POI, I discovered a case which can trigger a
> NullPointerException in ZipArchiveInputStream.getCompressedCount().
> The attached test-application and file are a fairly minimal reproducing
> testcase.
> Put the java file into src/test/java and the file into /src/test/resources
> Running it then produces the following:
> {noformat}
> Exception in thread "main" java.lang.NullPointerException
> at
> org.apache.commons.compress.archivers.zip.ZipArchiveInputStream.getCompressedCount(ZipArchiveInputStream.java:559)
> at
> Crash_f2efd9eaeb86cda597d07b5e3c3d81363633c2da.main(Crash_f2efd9eaeb86cda597d07b5e3c3d81363633c2da.java:26)
> {noformat}
>
> Happens with 1.21 as well as latest.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
