Nico Kruber created COMPRESS-244:
------------------------------------
Summary: 7z reading of UINT64 data type is wrong for big values
Key: COMPRESS-244
URL: https://issues.apache.org/jira/browse/COMPRESS-244
Project: Commons Compress
Issue Type: Bug
Components: Archivers
Affects Versions: 1.6
Reporter: Nico Kruber
h2. Brief description
large values with a first byte indicating at least 4 additional bytes shift an
integer by at least 32bits thus leading to an overflow and an incorrect value -
the value needs to be casted to long before the bitshift!
h2. Patch
let me see whether I can attach the patch as a file, otherwise this is it,
inline:
{noformat}
diff -U 3 -H -d -r -N -x .git -x .svn --
commons-compress-1.6-src.orig/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java
commons-compress-1.6-src/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java
---
commons-compress-1.6-src.orig/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java
2013-11-25 12:32:22.051085223 +0100
+++
commons-compress-1.6-src/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java
2013-10-23 05:59:56.000000000 +0200
@@ -900,7 +900,7 @@
long value = 0;
for (int i = 0; i < 8; i++) {
if ((firstByte & mask) == 0) {
- return value | ((firstByte & (mask - 1)) << (8 * i));
+ return value | (((long) (firstByte & (mask - 1))) << (8 * i));
}
long nextByte = in.readUnsignedByte();
value |= (nextByte << (8 * i));
{noformat}
h2. Details from the 7z documentation
{quote}
{noformat}
UINT64 means real UINT64 encoded with the following scheme:
Size of encoding sequence depends from first byte:
First_Byte Extra_Bytes Value
(binary)
0xxxxxxx : ( xxxxxxx )
10xxxxxx BYTE y[1] : ( xxxxxx << (8 * 1)) + y
110xxxxx BYTE y[2] : ( xxxxx << (8 * 2)) + y
...
1111110x BYTE y[6] : ( x << (8 * 6)) + y
11111110 BYTE y[7] : y
11111111 BYTE y[8] : y
{noformat}
{quote}
--
This message was sent by Atlassian JIRA
(v6.1#6144)
