Bug 61294 - IOUtils.skipFully can run into infinite loop
Summary: IOUtils.skipFully can run into infinite loop
Status: NEW
Alias: None
Product: POI
Classification: Unclassified
Component: POI Overall (show other bugs)
Version: 3.16-dev
Hardware: PC All
: P2 normal (vote)
Target Milestone: ---
Assignee: POI Developers List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-07-13 15:19 UTC by Tim Allison
Modified: 2017-07-21 20:33 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Allison 2017-07-13 15:19:43 UTC
Luis Filipe Nassif, over on TIKA-2428, reported that the EMFParser can hit an infinite loop on corrupt files.  IOUtils.skipfully can run into an infinite loop.

We need to change readSoFar to a long to avoid overflow; we need to account for FileInputStream alleging that it skipped more bytes than were available; and we need to account for an InputStream returning 0, which can happen for a) because it wanted to but there are still bytes available() or b) it hit the end of the InputStream.  In the last case, where bytes are available and the full length has not been skipped, we need to fallback to read() to make sure read doesn't hit a -1.