do not read past end of extra fields when reading extra field

Erik Hetzner · Erik Hetzner · commit 2465516d2f07 · 2014-02-21T08:43:04.000-08:00
diff --git a/src/main/java/org/archive/format/gzip/GZIPFExtraRecord.java b/src/main/java/org/archive/format/gzip/GZIPFExtraRecord.java
@@ -98,12 +98,17 @@ public void writeTo(OutputStream os) throws IOException {
 			os.write(value);
 		}
 	}
-	public int read(InputStream is) throws IOException {
+	public int read(InputStream is, int maxRead) throws IOException {
 		byte tmpName[] = null;
 		byte tmpVal[] = null;
 		int valLen = 0;
 		tmpName = ByteOp.readNBytes(is, GZIP_FEXTRA_NAME_BYTES);
 		valLen = ByteOp.readShort(is);
+		if (valLen > (maxRead - BYTES_IN_SHORT - GZIP_FEXTRA_NAME_BYTES)) {
+			/* read in what's left, but throw an exception */
+			tmpVal = ByteOp.readNBytes(is, maxRead - BYTES_IN_SHORT - GZIP_FEXTRA_NAME_BYTES);
+			throw new GZIPFormatException.GZIPExtraFieldShortException(maxRead);
+		}
 		if(valLen > 0) {
 			tmpVal = ByteOp.readNBytes(is, valLen);
 		}
diff --git a/src/main/java/org/archive/format/gzip/GZIPFExtraRecords.java b/src/main/java/org/archive/format/gzip/GZIPFExtraRecords.java
@@ -53,12 +53,17 @@ public void readRecords(InputStream is)
 		ArrayList<GZIPFExtraRecord> tmpList = new ArrayList<GZIPFExtraRecord>();
 		while(bytesRemaining > 0) {
 			GZIPFExtraRecord tmpRecord = new GZIPFExtraRecord();
-			int bytesRead = tmpRecord.read(is);
-			bytesRemaining -= bytesRead;
+			try {
+				int bytesRead = tmpRecord.read(is, bytesRemaining);
+				bytesRemaining -= bytesRead;
+				tmpList.add(tmpRecord);
+			} catch (GZIPFormatException.GZIPExtraFieldShortException ex) {
+				/* not enough bytes for the extra field; move on */
+				bytesRemaining -= ex.bytesRead;
+			}
 			if(bytesRemaining < 0) {
 				throw new GZIPFormatException("Invalid FExtra length/records");
 			}
-			tmpList.add(tmpRecord);
 		}
 		this.addAll(tmpList);
 	}
diff --git a/src/main/java/org/archive/format/gzip/GZIPFormatException.java b/src/main/java/org/archive/format/gzip/GZIPFormatException.java
@@ -21,4 +21,11 @@ public GZIPFormatException(Exception e) {
 	public GZIPFormatException(String message, IOException e) {
 		super(message,e);
 	}
+	public static class GZIPExtraFieldShortException extends GZIPFormatException {
+		int bytesRead;
+		public GZIPExtraFieldShortException(int bytesRead) {
+			super("Extra Field short.");
+			this.bytesRead = bytesRead;
+		}
+	}
 }
diff --git a/src/test/java/org/archive/format/gzip/GZIPMemberSeriesTest.java b/src/test/java/org/archive/format/gzip/GZIPMemberSeriesTest.java
@@ -374,6 +374,9 @@ public void testAutoSkip() throws IOException {
 		assertNull(m);
 		assertTrue(s.gotEOF());
 	}
-	
 
+	public void testWgetProblem() throws IndexOutOfBoundsException, FileNotFoundException, IOException {
+		InputStream is = getClass().getResourceAsStream("IAH-urls-wget.warc.gz");
+		new GZIPDecoder().parseHeader(is);
+	}
 }
diff --git a/src/test/resources/org/archive/format/gzip/IAH-urls-wget.warc.gz b/src/test/resources/org/archive/format/gzip/IAH-urls-wget.warc.gz

Original file line number	Diff line number	Diff line change
`@@ -98,12 +98,17 @@ public void writeTo(OutputStream os) throws IOException {`
`98`	`98`	`os.write(value);`
`99`	`99`	`}`
`100`	`100`	`}`
`101`		`- public int read(InputStream is) throws IOException {`
	`101`	`+ public int read(InputStream is, int maxRead) throws IOException {`
`102`	`102`	`byte tmpName[] = null;`
`103`	`103`	`byte tmpVal[] = null;`
`104`	`104`	`int valLen = 0;`
`105`	`105`	`tmpName = ByteOp.readNBytes(is, GZIP_FEXTRA_NAME_BYTES);`
`106`	`106`	`valLen = ByteOp.readShort(is);`
	`107`	`+ if (valLen > (maxRead - BYTES_IN_SHORT - GZIP_FEXTRA_NAME_BYTES)) {`
	`108`	`+ /* read in what's left, but throw an exception */`
	`109`	`+ tmpVal = ByteOp.readNBytes(is, maxRead - BYTES_IN_SHORT - GZIP_FEXTRA_NAME_BYTES);`
	`110`	`+ throw new GZIPFormatException.GZIPExtraFieldShortException(maxRead);`
	`111`	`+ }`
`107`	`112`	`if(valLen > 0) {`
`108`	`113`	`tmpVal = ByteOp.readNBytes(is, valLen);`
`109`	`114`	`}`
Original file line number	Diff line number	Diff line change
`@@ -21,4 +21,11 @@ public GZIPFormatException(Exception e) {`
`21`	`21`	`public GZIPFormatException(String message, IOException e) {`
`22`	`22`	`super(message,e);`
`23`	`23`	`}`
	`24`	`+ public static class GZIPExtraFieldShortException extends GZIPFormatException {`
	`25`	`+ int bytesRead;`
	`26`	`+ public GZIPExtraFieldShortException(int bytesRead) {`
	`27`	`+ super("Extra Field short.");`
	`28`	`+ this.bytesRead = bytesRead;`
	`29`	`+ }`
	`30`	`+ }`
`24`	`31`	`}`
Original file line number	Diff line number	Diff line change
`@@ -374,6 +374,9 @@ public void testAutoSkip() throws IOException {`
`374`	`374`	`assertNull(m);`
`375`	`375`	`assertTrue(s.gotEOF());`
`376`	`376`	`}`
`377`		`-`
`378`	`377`
	`378`	`+ public void testWgetProblem() throws IndexOutOfBoundsException, FileNotFoundException, IOException {`
	`379`	`+ InputStream is = getClass().getResourceAsStream("IAH-urls-wget.warc.gz");`
	`380`	`+ new GZIPDecoder().parseHeader(is);`
	`381`	`+ }`
`379`	`382`	`}`