This is an automated email from the ASF dual-hosted git repository.
ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-compress.git
The following commit(s) were added to refs/heads/master by this push:
new 7143c5589 Throw an IllegalArgumentException when a file name or
comment in gzip parameters encodes to a byte array with a 0 byte #618
7143c5589 is described below
commit 7143c5589931db3c8d15537051ab5a070f96c707
Author: Gary Gregory <[email protected]>
AuthorDate: Sat Nov 30 08:29:42 2024 -0500
Throw an IllegalArgumentException when a file name or comment in gzip
parameters encodes to a byte array with a 0 byte #618
- Sort members
- Better local var names in tests
- Use JUnit feature instead of custom code
- Add missing assertions
---
src/changes/changes.xml | 1 +
.../compress/compressors/gzip/GzipParameters.java | 16 +++---
.../compressors/gzip/GzipParametersTest.java | 63 ++++++++++++----------
3 files changed, 44 insertions(+), 36 deletions(-)
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index a8af8751e..cb2b2e34a 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -54,6 +54,7 @@ The <action> type attribute can be add,update,fix,remove.
<action type="fix" dev="ggregory" due-to="Glavo">Remove unused local
variable in ZipFile #615.</action>
<action type="fix" dev="ggregory" due-to="Glavo, Gary Gregory">Optimize
ZipEightByteInteger #614.</action>
<action type="fix" dev="ggregory" due-to="Gary
Gregory">ZipEightByteInteger.toString() now returns a number string without
text prefix, like BigInteger.</action>
+ <action type="fix" dev="ggregory" due-to="ddeschenes-1, Gary
Gregory">Throw an IllegalArgumentException when a file name or comment in gzip
parameters encodes to a byte array with a 0 byte #618.</action>
<!-- ADD -->
<action type="add" dev="ggregory" due-to="Gary Gregory">Add
GzipParameters.getModificationInstant().</action>
<action type="add" dev="ggregory" due-to="Gary Gregory">Add
GzipParameters.setModificationInstant(Instant).</action>
diff --git
a/src/main/java/org/apache/commons/compress/compressors/gzip/GzipParameters.java
b/src/main/java/org/apache/commons/compress/compressors/gzip/GzipParameters.java
index 4588e8ad9..5e10d887b 100644
---
a/src/main/java/org/apache/commons/compress/compressors/gzip/GzipParameters.java
+++
b/src/main/java/org/apache/commons/compress/compressors/gzip/GzipParameters.java
@@ -299,13 +299,6 @@ public class GzipParameters {
private int bufferSize = 512;
private int deflateStrategy = Deflater.DEFAULT_STRATEGY;
- private String requireNonNulByte(final String text) {
- if (StringUtils.isNotEmpty(text) &&
ArrayUtils.contains(text.getBytes(fileNameCharset), (byte) 0)) {
- throw new IllegalArgumentException("String encoded in Charset '" +
fileNameCharset + "' contains the nul byte 0 which is not supported in gzip.");
- }
- return text;
- }
-
/**
* Gets size of the buffer used to retrieve compressed data.
*
@@ -382,7 +375,6 @@ public class GzipParameters {
return fileName;
}
-
/**
* Gets the Charset to use for writing file names and comments.
* <p>
@@ -396,6 +388,7 @@ public class GzipParameters {
return fileNameCharset;
}
+
/**
* Gets the most recent modification time (MTIME) of the original file
being compressed.
*
@@ -439,6 +432,13 @@ public class GzipParameters {
return operatingSystem;
}
+ private String requireNonNulByte(final String text) {
+ if (StringUtils.isNotEmpty(text) &&
ArrayUtils.contains(text.getBytes(fileNameCharset), (byte) 0)) {
+ throw new IllegalArgumentException("String encoded in Charset '" +
fileNameCharset + "' contains the nul byte 0 which is not supported in gzip.");
+ }
+ return text;
+ }
+
/**
* Sets size of the buffer used to retrieve compressed data from {@link
Deflater} and write to underlying {@link OutputStream}.
*
diff --git
a/src/test/java/org/apache/commons/compress/compressors/gzip/GzipParametersTest.java
b/src/test/java/org/apache/commons/compress/compressors/gzip/GzipParametersTest.java
index d2febb1d9..0cb90119e 100644
---
a/src/test/java/org/apache/commons/compress/compressors/gzip/GzipParametersTest.java
+++
b/src/test/java/org/apache/commons/compress/compressors/gzip/GzipParametersTest.java
@@ -20,6 +20,7 @@
package org.apache.commons.compress.compressors.gzip;
import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
@@ -43,12 +44,26 @@ public class GzipParametersTest {
assertEquals(Deflater.HUFFMAN_ONLY,
gzipParameters.getDeflateStrategy());
}
- @Test
- public void testToString() {
+ @ParameterizedTest
+ //@formatter:off
+ @CsvSource({
+ " , hello\0world, false",
+ "ISO-8859-1, hello\0world, false",
+ "UTF-8 , hello\0world, false",
+ "UTF-16BE , helloworld, false"
+ })
+ //@formatter:on
+ public void testIllegalCommentOrFileName(final Charset charset, final
String text) {
final GzipParameters gzipParameters = new GzipParameters();
- assertTrue(gzipParameters.toString().contains("UNKNOWN"));
- gzipParameters.setOS(GzipParameters.OS.Z_SYSTEM);
- assertTrue(gzipParameters.toString().contains("Z_SYSTEM"));
+ if (charset != null) {
+ gzipParameters.setFileNameCharset(charset);
+ }
+ assertThrows(IllegalArgumentException.class, () ->
gzipParameters.setComment(text));
+ assertNull(gzipParameters.getComment());
+ assertThrows(IllegalArgumentException.class, () ->
gzipParameters.setFilename(text));
+ assertNull(gzipParameters.getFileName());
+ assertThrows(IllegalArgumentException.class, () ->
gzipParameters.setFileName(text));
+ assertNull(gzipParameters.getFileName());
}
@ParameterizedTest
@@ -62,32 +77,24 @@ public class GzipParametersTest {
"UTF-8 , helloƩworld"
})
//@formatter:on
- public void testLegalCommentOrFileName(final String charset, final String
text) {
- final GzipParameters p = new GzipParameters();
+ public void testLegalCommentOrFileName(final Charset charset, final String
text) {
+ final GzipParameters gzipParameters = new GzipParameters();
if (charset != null) {
- p.setFileNameCharset(Charset.forName(charset));
+ gzipParameters.setFileNameCharset(charset);
}
- p.setComment(text);
- p.setFilename(text);
- p.setFileName(text);
+ gzipParameters.setComment(text);
+ assertEquals(text, gzipParameters.getComment());
+ gzipParameters.setFilename(text);
+ assertEquals(text, gzipParameters.getFileName());
+ gzipParameters.setFileName(text);
+ assertEquals(text, gzipParameters.getFileName());
}
- @ParameterizedTest
- //@formatter:off
- @CsvSource({
- " , hello\0world, false",
- "ISO-8859-1, hello\0world, false",
- "UTF-8 , hello\0world, false",
- "UTF-16BE , helloworld, false"
- })
- //@formatter:on
- public void testIllegalCommentOrFileName(final String charset, final
String text) {
- final GzipParameters p = new GzipParameters();
- if (charset != null) {
- p.setFileNameCharset(Charset.forName(charset));
- }
- assertThrows(IllegalArgumentException.class, () -> p.setComment(text));
- assertThrows(IllegalArgumentException.class, () ->
p.setFilename(text));
- assertThrows(IllegalArgumentException.class, () ->
p.setFileName(text));
+ @Test
+ public void testToString() {
+ final GzipParameters gzipParameters = new GzipParameters();
+ assertTrue(gzipParameters.toString().contains("UNKNOWN"));
+ gzipParameters.setOS(GzipParameters.OS.Z_SYSTEM);
+ assertTrue(gzipParameters.toString().contains("Z_SYSTEM"));
}
}
