Bug 61294

Summary: IOUtils.skipFully can run into infinite loop
Product: POI Reporter: Tim Allison <tallison>
Component: POI OverallAssignee: POI Developers List <dev>
Severity: normal    
Priority: P2    
Version: 3.16-dev   
Target Milestone: ---   
Hardware: PC   
OS: All   

Description Tim Allison 2017-07-13 15:19:43 UTC
Luis Filipe Nassif, over on TIKA-2428, reported that the EMFParser can hit an infinite loop on corrupt files.  IOUtils.skipfully can run into an infinite loop.

We need to change readSoFar to a long to avoid overflow; we need to account for FileInputStream alleging that it skipped more bytes than were available; and we need to account for an InputStream returning 0, which can happen for a) because it wanted to but there are still bytes available() or b) it hit the end of the InputStream.  In the last case, where bytes are available and the full length has not been skipped, we need to fallback to read() to make sure read doesn't hit a -1.
Comment 1 bjrke 2017-08-25 08:11:37 UTC
to find the issue, simply execute
IOUtils.skipFully(new ByteArrayInputStream(new byte[0]), 1);
Comment 3 Dominik Stadler 2017-08-25 11:51:51 UTC
I added this test via r1806162, so this bug seems to be fixed already for some time.
Comment 4 Tim Allison 2017-08-28 13:50:54 UTC
Y, sorry.  I forgot to close/resolve this issue...