Bug 61294 - IOUtils.skipFully can run into infinite loop
Summary: IOUtils.skipFully can run into infinite loop
Status: RESOLVED FIXED
Alias: None
Product: POI
Classification: Unclassified
Component: POI Overall (show other bugs)
Version: 3.16-dev
Hardware: PC All
: P2 normal with 1 vote (vote)
Target Milestone: ---
Assignee: POI Developers List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-07-13 15:19 UTC by Tim Allison
Modified: 2017-08-28 13:50 UTC (History)
0 users


Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Allison 2017-07-13 15:19:43 UTC 
Luis Filipe Nassif, over on TIKA-2428, reported that the EMFParser can hit an infinite loop on corrupt files.  IOUtils.skipfully can run into an infinite loop.

We need to change readSoFar to a long to avoid overflow; we need to account for FileInputStream alleging that it skipped more bytes than were available; and we need to account for an InputStream returning 0, which can happen for a) because it wanted to but there are still bytes available() or b) it hit the end of the InputStream.  In the last case, where bytes are available and the full length has not been skipped, we need to fallback to read() to make sure read doesn't hit a -1.
Comment 1 bjrke 2017-08-25 08:11:37 UTC 
to find the issue, simply execute
IOUtils.skipFully(new ByteArrayInputStream(new byte[0]), 1);
Comment 3 Dominik Stadler 2017-08-25 11:51:51 UTC 
I added this test via r1806162, so this bug seems to be fixed already for some time.
Comment 4 Tim Allison 2017-08-28 13:50:54 UTC 
Y, sorry.  I forgot to close/resolve this issue...