Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

COMPRESS-644 -- do not allow zero by entries when detecting magic-less tar #386

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

COMPRESS-644 -- do not allow zero by entries when detecting magic-less tar #386

wants to merge 4 commits into from

Conversation

tballison
Copy link
Contributor

When relying on reading the first record from a tar file and then verifying the checksum as proof that the file is a tar file, require that the record have more than zero bytes.

@codecov-commenter
Copy link

codecov-commenter commented May 15, 2023
edited

Codecov Report

Merging #386 (2204031) into master (1223b72) will decrease coverage by 0.01%.
The diff coverage is 42.85%.

@@             Coverage Diff              @@
##             master     #386      +/-   ##
============================================
- Coverage     80.45%   80.44%   -0.01%     
- Complexity     6723     6724       +1     
============================================
  Files           343      343              
  Lines         25312    25316       +4     
  Branches       4107     4109       +2     
============================================
+ Hits          20365    20366       +1     
+ Misses         3366     3365       -1     
- Partials       1581     1585       +4
Impacted Files Coverage Δ
...s/compress/compressors/CompressorOutputStream.java 100.00% <ø> (ø)
...mmons/compress/archivers/ArchiveStreamFactory.java 89.30% <33.33%> (-2.26%) ⬇️
...mpressors/pack200/InMemoryCachingStreamBridge.java 100.00% <100.00%> (ø)

... and 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

garydgregory
garydgregory requested changes May 15, 2023
View reviewed changes
Copy link
Member

@garydgregory garydgregory left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tballison
Thank you for the PR. Please see my comments.

src/test/java/org/apache/commons/compress/DetectArchiverTestCase.java Outdated Show resolved Hide resolved
src/main/java/org/apache/commons/compress/archivers/ArchiveStreamFactory.java Outdated Show resolved Hide resolved
src/main/java/org/apache/commons/compress/archivers/ArchiveStreamFactory.java Outdated
// COMPRESS-644 - do not allow zero byte file entries
TarArchiveEntry tae = tais.getNextTarEntry();
//try to find the first non-directory entry within the first 10 entries.
int max = 10;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What makes 10 special? Needs a comment or a better a Javadoc comment for a new constant.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Completely arbitrary. I improved documentation. I'm completely open to the idea of dropping this attempt to iterate through the first x directory entries.

asfgit pushed a commit that referenced this pull request Mar 4, 2024
@garydgregory
[COMPRESS-644] rchiveStreamFactory.detect(InputStream) returns TAR for
10a5787 
ICO file

- Based on PR #386, modified for old tar format
- Add test for old tar format archive
- Add test for empty TAR archives (which we can't detect)
garydgregory
garydgregory reviewed Mar 4, 2024
View reviewed changes
Copy link
Member

@garydgregory garydgregory left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello @tballison
Thanks for your patience.
The PR breaks detecting old format tar archives in an improved test since this PR was created.
I tweaked the detection from this PR and pushed a different fix in git master.

src/test/java/org/apache/commons/compress/DetectArchiverTestCase.java
@@ -141,4 +145,14 @@ public void testEmptyJarArchive() throws Exception {
public void testEmptyZipArchive() throws Exception {
checkEmptyArchive("zip");
}

@Test
public void ignoreZeroByteEntryInTarDetect_COMPRESS644() throws IOException {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IOException is not thrown here, so it shouldn't be in the method signature.

src/main/java/org/apache/commons/compress/archivers/ArchiveStreamFactory.java
TarArchiveEntry tae = tais.getNextTarEntry();
//try to find the first non-directory entry within the first 10 entries.
int count = 0;
while (tae != null && tae.isDirectory() && count++ < MAX_TAR_RECORDS) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This causes detection to fail for src/test/resources/COMPRESS-612/test-times-star-folder.tar (once you rebase on git master which tests more files).

asfgit pushed a commit that referenced this pull request Mar 4, 2024
@garydgregory
[COMPRESS-644] ArchiveStreamFactory.detect(InputStream) returns TAR for
227c48d 
ICO file #386

More test fixtures
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@garydgregory garydgregory garydgregory requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@tballison @codecov-commenter @garydgregory