https://issues.apache.org/bugzilla/show_bug.cgi?id=45463
Summary: ZipFile.positionAtCentralDirectory needs to bail out
sooner if it can't find the EOCD signature
Product: Ant
Version: 1.7.0
Platform: PC
OS/Version: Windows Vista
Status: NEW
Severity: normal
Priority: P2
Component: Core
AssignedTo: [email protected]
ReportedBy: [EMAIL PROTECTED]
If you have a very large corrupt zip (100+ meg) that doesn't have a
end-of-central-directory signature, ZipFile.positionAtCentralDirectory can
spend hours doing a reverse seek through the entire zip file looking for the
marker. It seems to me that it should give up and throw a ZipException after
65557 bytes. Here's why...
As per the zip file specification at
http://www.pkware.com/documents/casestudies/APPNOTE.TXT we can see that the zip
file comment won't be more than 65535 bytes; so MAX_EOCD_SIZE and our bail-out
point should be 0xFF + MIN_EOCD_SIZE.
I. End of central directory record:
end of central dir signature 4 bytes (0x06054b50)
number of this disk 2 bytes
number of the disk with the
start of the central directory 2 bytes
total number of entries in the
central directory on this disk 2 bytes
total number of entries in
the central directory 2 bytes
size of the central directory 4 bytes
offset of start of central
directory with respect to
the starting disk number 4 bytes
.ZIP file comment length 2 bytes
.ZIP file comment (variable size)
This is a serious performance issue.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
