packages/apache-commons-compress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!13 fix CVE-2021-35517 CVE-2021-35516 CVE-2021-35515 CVE-2021-36090

Browse Source 
From: @houyingchao
Reviewed-by: @small_leek,@wangchong1995924
Signed-off-by: @wangchong1995924
This commit is contained in:
openeuler-ci-bot 2021-08-03 09:03:47 +00:00 committed by Gitee
commit 8781708391
8 changed files with 618 additions and 299 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

127
0003-COMPRESS-463-throw-exception-when-detecting-a-trunca.patch
View File

@ -1,127 +0,0 @@
From 2f169c27bf0252229c6a96ea18d9b6f9348c6b9e Mon Sep 17 00:00:00 2001
From: Marian Koncek <mkoncek@redhat.com>
Date: Fri, 5 Oct 2018 13:10:18 +0200
Subject: [PATCH] COMPRESS-463 throw exception when detecting a truncated
stored entry
---
.../archivers/zip/ZipArchiveInputStream.java | 3 +-
.../zip/Maven221MultiVolumeTest.java | 7 ++
.../zip/ZipArchiveInputStreamTest.java | 69 +++++++++++++++++++
3 files changed, 78 insertions(+), 1 deletion(-)
diff --git a/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java b/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java
index 729d92e..4c239ec 100644
--- a/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java
+++ b/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java
@@ -523,7 +523,8 @@ public class ZipArchiveInputStream extends ArchiveInputStream implements InputSt
buf.position(0);
final int l = in.read(buf.array());
if (l == -1) {
- return -1;
+ buf.limit(0);
+ throw new IOException("Truncated ZIP file");
}
buf.limit(l);
diff --git a/src/test/java/org/apache/commons/compress/archivers/zip/Maven221MultiVolumeTest.java b/src/test/java/org/apache/commons/compress/archivers/zip/Maven221MultiVolumeTest.java
index c28f3de..0a905e3 100644
--- a/src/test/java/org/apache/commons/compress/archivers/zip/Maven221MultiVolumeTest.java
+++ b/src/test/java/org/apache/commons/compress/archivers/zip/Maven221MultiVolumeTest.java
@@ -96,6 +96,13 @@ public class Maven221MultiVolumeTest {
assertEquals("Truncated ZIP file", e.getMessage());
}
+ try {
+ zi.read(buffer);
+ fail("shouldn't be able to read from truncated entry after exception");
+ } catch (final IOException e) {
+ assertEquals("Truncated ZIP file", e.getMessage());
+ }
+
// and now we get another entry, which should also yield
// an exception
try {
diff --git a/src/test/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStreamTest.java b/src/test/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStreamTest.java
index 5d1cdb1..5bf003b 100644
--- a/src/test/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStreamTest.java
+++ b/src/test/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStreamTest.java
@@ -340,6 +340,75 @@ public class ZipArchiveInputStreamTest {
}
}
+ @Test
+ public void singleByteReadThrowsAtEofForCorruptedStoredEntry() throws Exception {
+ byte[] content;
+ try (FileInputStream fs = new FileInputStream(getFile("COMPRESS-264.zip"))) {
+ content = IOUtils.toByteArray(fs);
+ }
+ // make size much bigger than entry's real size
+ for (int i = 17; i < 26; i++) {
+ content[i] = (byte) 0xff;
+ }
+ try (ByteArrayInputStream in = new ByteArrayInputStream(content);
+ ZipArchiveInputStream archive = new ZipArchiveInputStream(in)) {
+ ArchiveEntry e = archive.getNextEntry();
+ try {
+ IOUtils.toByteArray(archive);
+ fail("expected exception");
+ } catch (IOException ex) {
+ assertEquals("Truncated ZIP file", ex.getMessage());
+ }
+ try {
+ archive.read();
+ fail("expected exception");
+ } catch (IOException ex) {
+ assertEquals("Truncated ZIP file", ex.getMessage());
+ }
+ try {
+ archive.read();
+ fail("expected exception");
+ } catch (IOException ex) {
+ assertEquals("Truncated ZIP file", ex.getMessage());
+ }
+ }
+ }
+
+ @Test
+ public void multiByteReadThrowsAtEofForCorruptedStoredEntry() throws Exception {
+ byte[] content;
+ try (FileInputStream fs = new FileInputStream(getFile("COMPRESS-264.zip"))) {
+ content = IOUtils.toByteArray(fs);
+ }
+ // make size much bigger than entry's real size
+ for (int i = 17; i < 26; i++) {
+ content[i] = (byte) 0xff;
+ }
+ byte[] buf = new byte[2];
+ try (ByteArrayInputStream in = new ByteArrayInputStream(content);
+ ZipArchiveInputStream archive = new ZipArchiveInputStream(in)) {
+ ArchiveEntry e = archive.getNextEntry();
+ try {
+ IOUtils.toByteArray(archive);
+ fail("expected exception");
+ } catch (IOException ex) {
+ assertEquals("Truncated ZIP file", ex.getMessage());
+ }
+ try {
+ archive.read(buf);
+ fail("expected exception");
+ } catch (IOException ex) {
+ assertEquals("Truncated ZIP file", ex.getMessage());
+ }
+ try {
+ archive.read(buf);
+ fail("expected exception");
+ } catch (IOException ex) {
+ assertEquals("Truncated ZIP file", ex.getMessage());
+ }
+ }
+ }
+
private static byte[] readEntry(ZipArchiveInputStream zip, ZipArchiveEntry zae) throws IOException {
final int len = (int)zae.getSize();
final byte[] buff = new byte[len];
--
2.17.1

32
0004-Avoid-use-of-internal-Mockito-API.patch
View File

@ -1,32 +0,0 @@
From 4dd332d8f82d3a5f0ac6654d2c1733e44da6ddbd Mon Sep 17 00:00:00 2001
From: Mat Booth <mat.booth@redhat.com>
Date: Thu, 7 Feb 2019 14:57:25 +0000
Subject: [PATCH 3/3] Avoid use of internal Mockito API
---
.../compress/utils/FixedLengthBlockOutputStreamTest.java | 2 --
1 file changed, 2 deletions(-)
diff --git a/src/test/java/org/apache/commons/compress/utils/FixedLengthBlockOutputStreamTest.java b/src/test/java/org/apache/commons/compress/utils/FixedLengthBlockOutputStreamTest.java
index cfda61b..e94ccee 100644
--- a/src/test/java/org/apache/commons/compress/utils/FixedLengthBlockOutputStreamTest.java
+++ b/src/test/java/org/apache/commons/compress/utils/FixedLengthBlockOutputStreamTest.java
@@ -39,7 +39,6 @@ import java.nio.file.Path;
import java.util.concurrent.atomic.AtomicBoolean;
import org.hamcrest.core.IsInstanceOf;
import org.junit.Test;
-import org.mockito.internal.matchers.GreaterOrEqual;
public class FixedLengthBlockOutputStreamTest {
@@ -294,7 +293,6 @@ public class FixedLengthBlockOutputStreamTest {
private static void assertContainsAtOffset(String msg, byte[] expected, int offset,
byte[] actual) {
- assertThat(actual.length, new GreaterOrEqual<>(offset + expected.length));
for (int i = 0; i < expected.length; i++) {
assertEquals(String.format("%s ([%d])", msg, i), expected[i], actual[i + offset]);
}
--
2.20.1

119
CVE-2019-12402.patch
View File

@ -1,119 +0,0 @@
diff -Nur commons-compress-1.17-src_old/src/main/java/org/apache/commons/compress/archivers/zip/NioZipEncoding.java commons-compress-1.17-src/src/main/java/org/apache/commons/compress/archivers/zip/NioZipEncoding.java
--- commons-compress-1.17-src_old/src/main/java/org/apache/commons/compress/archivers/zip/NioZipEncoding.java 2019-12-26 01:58:18.095645681 -0500
+++ commons-compress-1.17-src/src/main/java/org/apache/commons/compress/archivers/zip/NioZipEncoding.java 2019-12-26 01:59:05.351833877 -0500
@@ -112,7 +112,9 @@
} else if (res.isOverflow()) {
int increment = estimateIncrementalEncodingSize(enc, cb.remaining());
out = ZipEncodingHelper.growBufferBy(out, increment);
- }
+ }else if(res.isUnderflow() || res.isError()) {
+ break;
+ }
}
// tell the encoder we are done
enc.encode(cb, out, true);
diff -Nur commons-compress-1.17-src_old/src/test/java/org/apache/commons/compress/archivers/zip/NioZipEncodingTest.java commons-compress-1.17-src/src/test/java/org/apache/commons/compress/archivers/zip/NioZipEncodingTest.java
--- commons-compress-1.17-src_old/src/test/java/org/apache/commons/compress/archivers/zip/NioZipEncodingTest.java 1969-12-31 19:00:00.000000000 -0500
+++ commons-compress-1.17-src/src/test/java/org/apache/commons/compress/archivers/zip/NioZipEncodingTest.java 2019-12-26 01:59:34.823951249 -0500
@@ -0,0 +1,101 @@
+/*
+ * *LicensedtotheApacheSoftwareFoundation(ASF)underone
+ * *ormorecontributorlicenseagreements.SeetheNOTICEfile
+ * *distributedwiththisworkforadditionalinformation
+ * *regardingcopyrightownership.TheASFlicensesthisfile
+ * *toyouundertheApacheLicense,Version2.0(the
+ * *"License");youmaynotusethisfileexceptincompliance
+ * *withtheLicense.YoumayobtainacopyoftheLicenseat
+ * *
+ * *http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * *Unlessrequiredbyapplicablelaworagreedtoinwriting,
+ * *softwaredistributedundertheLicenseisdistributedonan
+ * *"ASIS"BASIS,WITHOUTWARRANTIESORCONDITIONSOFANY
+ * *KIND,eitherexpressorimplied.SeetheLicenseforthe
+ * *specificlanguagegoverningpermissionsandlimitations
+ * *undertheLicense.
+ *
+ */
+package org.apache.commons.compress.archivers.zip;
+
+import java.nio.ByteBuffer;
+import java.nio.charset.StandardCharsets;
+import java.util.Arrays;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+public class NioZipEncodingTest {
+
+ private static final String UMLAUTS = "\u00e4\u00f6\u00fc";
+
+ @Test
+ public void umlautToUTF16BE() {
+ NioZipEncoding e = new NioZipEncoding(StandardCharsets.UTF_16BE, false);
+ ByteBuffer bb = e.encode(UMLAUTS);
+ final int off = bb.arrayOffset();
+ byte[] result = Arrays.copyOfRange(bb.array(), off, off + bb.limit() - bb.position());
+ Assert.assertArrayEquals(UMLAUTS.getBytes(StandardCharsets.UTF_16BE), result);
+ }
+
+ @Test
+ public void umlautToUTF8() {
+ NioZipEncoding e = new NioZipEncoding(StandardCharsets.UTF_8, true);
+ ByteBuffer bb = e.encode("\u00e4\u00f6\u00fc");
+ final int off = bb.arrayOffset();
+ byte[] result = Arrays.copyOfRange(bb.array(), off, off + bb.limit() - bb.position());
+ Assert.assertArrayEquals(UMLAUTS.getBytes(StandardCharsets.UTF_8), result);
+ }
+
+ @Test
+ public void umlautToISO88591() {
+ NioZipEncoding e = new NioZipEncoding(StandardCharsets.ISO_8859_1, true);
+ ByteBuffer bb = e.encode("\u00e4\u00f6\u00fc");
+ final int off = bb.arrayOffset();
+ byte[] result = Arrays.copyOfRange(bb.array(), off, off + bb.limit() - bb.position());
+ Assert.assertArrayEquals(UMLAUTS.getBytes(StandardCharsets.ISO_8859_1), result);
+ }
+
+ @Test
+ public void unmappableUmlauts() {
+ NioZipEncoding e = new NioZipEncoding(StandardCharsets.US_ASCII, false);
+ ByteBuffer bb = e.encode("\u00e4\u00f6\u00fc");
+ final int off = bb.arrayOffset();
+ byte[] result = Arrays.copyOfRange(bb.array(), off, off + bb.limit() - bb.position());
+ Assert.assertEquals("%U00E4%U00F6%U00FC", new String(result, StandardCharsets.US_ASCII));
+ }
+
+ private static final String RAINBOW_EMOJI = "\ud83c\udf08";
+
+ @Test
+ public void unmappableRainbowEmoji() {
+ NioZipEncoding e = new NioZipEncoding(StandardCharsets.US_ASCII, false);
+ ByteBuffer bb = e.encode(RAINBOW_EMOJI);
+ final int off = bb.arrayOffset();
+ byte[] result = Arrays.copyOfRange(bb.array(), off, off + bb.limit() - bb.position());
+ Assert.assertEquals("%UD83C%UDF08", new String(result, StandardCharsets.US_ASCII));
+ }
+
+ @Test
+ public void rainbowEmojiToSurrogatePairUTF16() {
+ NioZipEncoding e = new NioZipEncoding(StandardCharsets.UTF_16BE, false);
+ ByteBuffer bb = e.encode(RAINBOW_EMOJI);
+ final int off = bb.arrayOffset();
+ byte[] result = Arrays.copyOfRange(bb.array(), off, off + bb.limit() - bb.position());
+ Assert.assertArrayEquals(RAINBOW_EMOJI.getBytes(StandardCharsets.UTF_16BE), result);
+ }
+
+ @Test
+ public void partialSurrogatePair() {
+ NioZipEncoding e = new NioZipEncoding(StandardCharsets.US_ASCII, false);
+ ByteBuffer bb = e.encode("\ud83c");
+ final int off = bb.arrayOffset();
+ byte[] result = Arrays.copyOfRange(bb.array(), off, off + bb.limit() - bb.position());
+ Assert.assertEquals(0, result.length);
+ }
+
+
+}
+
+

130
apache-commons-compress-build.xml Normal file
View File

@ -0,0 +1,130 @@
<?xml version="1.0" encoding="UTF-8"?>
<project name="commons-compress" default="package" basedir=".">
<!-- ====================================================================== -->
<!-- Build environment properties -->
<!-- ====================================================================== -->
<property file="build.properties"/>
<property name="build.name" value="commons-compress"/>
<property name="build.version" value="1.21"/>
<property name="build.finalName" value="${build.name}-${build.version}"/>
<property name="build.dir" value="target"/>
<property name="build.javadocDir" value="${build.dir}/site/apidocs"/>
<property name="build.outputDir" value="${build.dir}/classes"/>
<property name="build.srcDir.0" value="src/main/java"/>
<property name="build.resourceDir.0" value="src/main/resources"/>
<property name="build.resourceDir.1" value="."/>
<property name="commons.osgi.dynamicImport" value=""/>
<property name="commons.osgi.excludeDependencies" value="true"/>
<property name="commons.osgi.export" value="org.apache.commons.compress;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.ar;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.arj;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.cpio;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.dump;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.examples;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.jar;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.sevenz;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.tar;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.zip;version=&quot;${build.version}&quot;,org.apache.commons.compress.changes;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.bzip2;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.deflate;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.deflate64;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.gzip;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.lz4;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.lz77support;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.lzma;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.lzw;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.pack200;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.snappy;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.xz;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.z;version=&quot;${build.version}&quot;,org.apache.commons.compress.harmony.archive.internal.nls;version=&quot;${build.version}&quot;,org.apache.commons.compress.harmony.pack200;version=&quot;${build.version}&quot;,org.apache.commons.compress.harmony.unpack200;version=&quot;${build.version}&quot;,org.apache.commons.compress.harmony.unpack200.bytecode;version=&quot;${build.version}&quot;,org.apache.commons.compress.harmony.unpack200.bytecode.forms;version=&quot;${build.version}&quot;,org.apache.commons.compress.java.util.jar;version=&quot;${build.version}&quot;,org.apache.commons.compress.parallel;version=&quot;${build.version}&quot;,org.apache.commons.compress.utils;version=&quot;${build.version}&quot;"/>
<property name="commons.osgi.import" value="org.tukaani.xz;resolution:=optional,org.objectweb.asm;resolution:=optional,javax.crypto;resolution:=optional,javax.crypto.spec;resolution:=optional"/>
<property name="commons.osgi.private" value=""/>
<property name="commons.osgi.symbolicName" value="org.apache.commons.compress"/>
<property name="compiler.source" value="1.8"/>
<property name="compiler.target" value="1.8"/>
<!-- ====================================================================== -->
<!-- Defining classpaths -->
<!-- ====================================================================== -->
<path id="build.classpath">
<fileset dir="lib">
<include name="**/*.jar">
</include>
</fileset>
</path>
<!-- ====================================================================== -->
<!-- Cleaning up target -->
<!-- ====================================================================== -->
<target name="clean" description="Clean the output directory">
<delete dir="${build.dir}"/>
</target>
<!-- ====================================================================== -->
<!-- Compilation target -->
<!-- ====================================================================== -->
<target name="compile" description="Compile the code">
<mkdir dir="${build.outputDir}"/>
<javac destdir="${build.outputDir}"
encoding="iso-8859-1"
nowarn="false"
debug="true"
optimize="false"
deprecation="true"
target="${compiler.target}"
verbose="false"
fork="false"
source="${compiler.source}">
<src>
<pathelement location="${build.srcDir.0}"/>
</src>
<classpath refid="build.classpath"/>
</javac>
<mkdir dir="${build.outputDir}/META-INF"/>
<copy todir="${build.outputDir}/META-INF">
<fileset dir="${build.resourceDir.1}">
<include name="NOTICE.txt"/>
<include name="LICENSE.txt"/>
</fileset>
</copy>
</target>
<!-- ====================================================================== -->
<!-- Javadoc target -->
<!-- ====================================================================== -->
<target name="javadoc" description="Generates the Javadoc of the application">
<mkdir dir="${build.javadocDir}"/>
<javadoc sourcepath="${build.srcDir.0}"
packagenames="*"
destdir="${build.javadocDir}"
access="protected"
verbose="false"
encoding="iso-8859-1"
version="true"
use="true"
author="true"
splitindex="false"
nodeprecated="false"
nodeprecatedlist="false"
notree="false"
noindex="false"
nohelp="false"
nonavbar="false"
serialwarn="false"
source="${compiler.source}"
linksource="true"
breakiterator="false">
<classpath refid="build.classpath"/>
</javadoc>
</target>
<!-- ====================================================================== -->
<!-- Package target -->
<!-- ====================================================================== -->
<target name="package" depends="compile" description="Package the application">
<jar jarfile="${build.dir}/${build.finalName}.jar"
compress="true"
index="false"
basedir="${build.outputDir}"
excludes="**/package.html">
<manifest>
<attribute name="Bundle-SymbolicName" value="${commons.osgi.symbolicName}"/>
<attribute name="Bundle-Version" value="${build.version}"/>
<attribute name="Export-Package" value="${commons.osgi.export}"/>
<attribute name="Import-Package" value="${commons.osgi.import}"/>
</manifest>
</jar>
</target>
</project>

61
apache-commons-compress.spec
View File

@ -1,24 +1,27 @@
Name: apache-commons-compress
Version: 1.17
Release: 6
Summary: Java API for working with archivers and compressed files
Version: 1.21
Release: 1
Summary: Java API for working with compressed files and archivers
License: ASL 2.0
URL: http://commons.apache.org/proper/commons-compress/
BuildArch: noarch
Source0: http://archive.apache.org/dist/commons/compress/source/commons-compress-%{version}-src.tar.gz
Source1: http://archive.apache.org/dist/commons/compress/source/commons-compress-%{version}-src.tar.gz.asc
Source2: %{name}-build.xml
Patch0001: 0001-Remove-Brotli-compressor.patch
Patch0002: 0002-Remove-ZSTD-compressor.patch
Patch0003: 0003-COMPRESS-463-throw-exception-when-detecting-a-trunca.patch
Patch0004: 0004-Avoid-use-of-internal-Mockito-API.patch
Patch6000: CVE-2019-12402.patch
BuildRequires: maven-local mvn(junit:junit) mvn(org.apache.commons:commons-parent:pom:)
BuildRequires: mvn(org.apache.felix:maven-bundle-plugin) mvn(org.powermock:powermock-api-mockito)
BuildRequires: mvn(org.apache.maven.plugins:maven-antrun-plugin) mvn(org.osgi:org.osgi.core)
BuildRequires: mvn(org.powermock:powermock-module-junit4) mvn(org.tukaani:xz)
Patch0003: fix_java_8_compatibility.patch
BuildRequires: ant objectweb-asm3 fdupes java-devel >= 1.8 javapackages-local xz-java
Provides: commons-compress = %{version}-%{release}
Obsoletes: commons-compress < %{version}-%{release}
Provides: jakarta-commons-compress = %{version}-%{release}
Obsoletes: jakarta-commons-compress < %{version}-%{release}
%description
The Apache Commons Compress library defines an API for working with
ar, cpio, Unix dump, tar, zip, gzip, XZ, Pack200 and bzip2 files.
In version 1.14 read-only support for Brotli decompression has been added,
but it has been removed from this package.
%package help
Summary: API documentation for apache-commons-compress
@ -31,31 +34,47 @@ This package provides API documentation for apache-commons-compress.
%prep
%autosetup -n commons-compress-%{version}-src -p1
cp %{SOURCE2} build.xml
%pom_remove_dep org.brotli:dec
rm -r src/{main,test}/java/org/apache/commons/compress/compressors/brotli
%pom_remove_dep :zstd-jni
rm -r src/{main,test}/java/org/apache/commons/compress/compressors/zstandard
rm src/test/java/org/apache/commons/compress/compressors/DetectCompressorTestCase.java
%pom_remove_dep org.ops4j.pax.exam:::test
%pom_remove_dep :org.apache.felix.framework::test
%pom_remove_dep :javax.inject::test
%pom_remove_dep :slf4j-api::test
rm src/test/java/org/apache/commons/compress/OsgiITest.java
%pom_remove_plugin :maven-javadoc-plugin
%pom_xpath_remove "pom:profiles/pom:profile[pom:id[text()='java9+']]"
%pom_remove_parent .
%pom_xpath_inject "pom:project" "<groupId>org.apache.commons</groupId>" .
%build
%mvn_file : commons-compress apache-commons-compress
%mvn_alias : commons:
%mvn_build -- -Dcommons.osgi.symbolicName=org.apache.commons.compress
mkdir -p lib
build-jar-repository -s lib xz-java objectweb-asm3
%{ant} package javadoc
%install
%mvn_install
install -dm 0755 %{buildroot}%{_javadir}
install -pm 0644 target/commons-compress-%{version}.jar %{buildroot}%{_javadir}/commons-compress.jar
ln -sf commons-compress.jar %{buildroot}%{_javadir}/%{name}.jar
install -dm 0755 %{buildroot}%{_mavenpomdir}
install -pm 0644 pom.xml %{buildroot}%{_mavenpomdir}/commons-compress.pom
%add_maven_depmap commons-compress.pom commons-compress.jar -a commons:commons-compress,commons-compress:commons-compress
install -dm 0755 %{buildroot}%{_javadocdir}/%{name}
cp -pr target/site/apidocs/* %{buildroot}%{_javadocdir}/%{name}
%fdupes -s %{buildroot}%{_javadocdir}
%files -f .mfiles
%doc LICENSE.txt NOTICE.txt
%{_javadir}/%{name}.jar
%license LICENSE.txt
%doc NOTICE.txt
%files help -f .mfiles-javadoc
%files help
%{_javadocdir}/%{name}
%license LICENSE.txt
%doc NOTICE.txt
%changelog
* Tue Aug 3 2021 houyingchao <houyingchao@huawei.com> - 1.21-1
- Upgrade to 1.21
* Sat Sep 12 2020 leiju <leiju4@huawei.com> - 1.17-4.h2
- Avoid use of internal Mockito API

BIN
commons-compress-1.17-src.tar.gz → commons-compress-1.21-src.tar.gz
View File

Binary file not shown.

7
commons-compress-1.21-src.tar.gz.asc Normal file
View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
iHEEABEKADEWIQTOgHWiUVR77iSbwVGiEVrhX2uLcgUCYOiAPBMcYm9kZXdpZ0Bh
cGFjaGUub3JnAAoJEKIRWuFfa4tyyNwAn1RAMciW7Os/lbwCiQ/RJ64GL+LSAKDB
7ZWg3nXsSSAnuN7K/3doWvLkLQ==
=iHWA
-----END PGP SIGNATURE-----

441
fix_java_8_compatibility.patch Normal file
View File

@ -0,0 +1,441 @@
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/sevenz/BoundedSeekableByteChannelInputStream.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/sevenz/BoundedSeekableByteChannelInputStream.java 2021-07-19 16:32:46.529020782 +0200
@@ -19,6 +19,7 @@
import java.io.IOException;
import java.io.InputStream;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.channels.SeekableByteChannel;
@@ -83,7 +84,7 @@
} else {
buf = ByteBuffer.allocate(bytesToRead);
bytesRead = channel.read(buf);
- buf.flip();
+ ((Buffer)buf).flip();
}
if (bytesRead >= 0) {
buf.get(b, off, bytesRead);
@@ -93,9 +94,9 @@
}
private int read(final int len) throws IOException {
- buffer.rewind().limit(len);
+ ((Buffer)buffer).rewind().limit(len);
final int read = channel.read(buffer);
- buffer.flip();
+ ((Buffer)buffer).flip();
return read;
}
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java 2021-07-19 16:20:02.675782684 +0200
@@ -26,6 +26,7 @@
import java.io.FilterInputStream;
import java.io.IOException;
import java.io.InputStream;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.nio.CharBuffer;
@@ -499,7 +500,7 @@
while (pos > minPos) {
pos--;
channel.position(pos);
- nidBuf.rewind();
+ ((Buffer)nidBuf).rewind();
if (channel.read(nidBuf) < 1) {
throw new EOFException();
}
@@ -2016,9 +2017,9 @@
}
private void readFully(final ByteBuffer buf) throws IOException {
- buf.rewind();
+ ((Buffer)buf).rewind();
IOUtils.readFully(channel, buf);
- buf.flip();
+ ((Buffer)buf).flip();
}
@Override
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZOutputFile.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZOutputFile.java 2021-07-19 16:14:03.565317437 +0200
@@ -26,6 +26,7 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.nio.channels.SeekableByteChannel;
@@ -341,7 +342,7 @@
crc32.reset();
crc32.update(bb.array(), SevenZFile.sevenZSignature.length + 6, 20);
bb.putInt(SevenZFile.sevenZSignature.length + 2, (int) crc32.getValue());
- bb.flip();
+ ((Buffer)bb).flip();
channel.write(bb);
}
@@ -826,7 +827,7 @@
private final ByteBuffer buffer = ByteBuffer.allocate(BUF_SIZE);
@Override
public void write(final int b) throws IOException {
- buffer.clear();
+ ((Buffer)buffer).clear();
buffer.put((byte) b).flip();
channel.write(buffer);
compressedCrc32.update(b);
@@ -844,7 +845,7 @@
if (len > BUF_SIZE) {
channel.write(ByteBuffer.wrap(b, off, len));
} else {
- buffer.clear();
+ ((Buffer)buffer).clear();
buffer.put(b, off, len).flip();
channel.write(buffer);
}
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/NioZipEncoding.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/NioZipEncoding.java 2021-07-19 16:14:03.565317437 +0200
@@ -20,6 +20,7 @@
package org.apache.commons.compress.archivers.zip;
import java.io.IOException;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.CharBuffer;
import java.nio.charset.Charset;
@@ -121,8 +122,8 @@
enc.encode(cb, out, true);
// may have caused underflow, but that's been ignored traditionally
- out.limit(out.position());
- out.rewind();
+ ((Buffer)out).limit(out.position());
+ ((Buffer)out).rewind();
return out;
}
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java 2021-07-19 16:14:03.565317437 +0200
@@ -25,6 +25,7 @@
import java.io.InputStream;
import java.io.PushbackInputStream;
import java.math.BigInteger;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.util.Arrays;
import java.util.zip.CRC32;
@@ -256,7 +257,7 @@
allowStoredEntriesWithDataDescriptor;
this.skipSplitSig = skipSplitSig;
// haven't read anything so far
- buf.limit(0);
+ ((Buffer)buf).limit(0);
}
public ZipArchiveEntry getNextZipEntry() throws IOException {
@@ -596,13 +597,13 @@
}
if (buf.position() >= buf.limit()) {
- buf.position(0);
+ ((Buffer)buf).position(0);
final int l = in.read(buf.array());
if (l == -1) {
- buf.limit(0);
+ ((Buffer)buf).limit(0);
throw new IOException("Truncated ZIP file");
}
- buf.limit(l);
+ ((Buffer)buf).limit(l);
count(l);
current.bytesReadFromStream += l;
@@ -795,7 +796,7 @@
}
inf.reset();
- buf.clear().flip();
+ ((Buffer)buf).clear().flip();
current = null;
lastStoredEntry = null;
}
@@ -860,7 +861,7 @@
}
final int length = in.read(buf.array());
if (length > 0) {
- buf.limit(length);
+ ((Buffer)buf).limit(length);
count(buf.limit());
inf.setInput(buf.array(), 0, buf.limit());
}
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/ZipEncodingHelper.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/ZipEncodingHelper.java 2021-07-19 16:29:53.519835167 +0200
@@ -18,6 +18,7 @@
package org.apache.commons.compress.archivers.zip;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
@@ -85,8 +86,8 @@
}
static ByteBuffer growBufferBy(final ByteBuffer buffer, final int increment) {
- buffer.limit(buffer.position());
- buffer.rewind();
+ ((Buffer)buffer).limit(buffer.position());
+ ((Buffer)buffer).rewind();
final ByteBuffer on = ByteBuffer.allocate(buffer.capacity() + increment);
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/ZipFile.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/ZipFile.java 2021-07-19 16:28:13.175147502 +0200
@@ -25,6 +25,7 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.SequenceInputStream;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
import java.nio.channels.SeekableByteChannel;
@@ -713,7 +714,7 @@
positionAtCentralDirectory();
centralDirectoryStartOffset = archive.position();
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
long sig = ZipLong.getValue(wordBuf);
@@ -724,7 +725,7 @@
while (sig == CFH_SIG) {
readCentralDirectoryEntry(noUTF8Flag);
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
sig = ZipLong.getValue(wordBuf);
}
@@ -743,7 +744,7 @@
private void
readCentralDirectoryEntry(final Map<ZipArchiveEntry, NameAndComment> noUTF8Flag)
throws IOException {
- cfhBbuf.rewind();
+ ((Buffer)cfhBbuf).rewind();
IOUtils.readFully(archive, cfhBbuf);
int off = 0;
final Entry ze = new Entry();
@@ -1100,7 +1101,7 @@
archive.position() > ZIP64_EOCDL_LENGTH;
if (searchedForZip64EOCD) {
archive.position(archive.position() - ZIP64_EOCDL_LENGTH);
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
found = Arrays.equals(ZipArchiveOutputStream.ZIP64_EOCD_LOC_SIG,
wordBuf);
@@ -1128,11 +1129,11 @@
private void positionAtCentralDirectory64()
throws IOException {
if (isSplitZipArchive) {
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
final long diskNumberOfEOCD = ZipLong.getValue(wordBuf);
- dwordBbuf.rewind();
+ ((Buffer)dwordBbuf).rewind();
IOUtils.readFully(archive, dwordBbuf);
final long relativeOffsetOfEOCD = ZipEightByteInteger.getLongValue(dwordBuf);
((ZipSplitReadOnlySeekableByteChannel) archive)
@@ -1140,12 +1141,12 @@
} else {
skipBytes(ZIP64_EOCDL_LOCATOR_OFFSET
- WORD /* signature has already been read */);
- dwordBbuf.rewind();
+ ((Buffer)dwordBbuf).rewind();
IOUtils.readFully(archive, dwordBbuf);
archive.position(ZipEightByteInteger.getLongValue(dwordBuf));
}
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
if (!Arrays.equals(wordBuf, ZipArchiveOutputStream.ZIP64_EOCD_SIG)) {
throw new ZipException("Archive's ZIP64 end of central "
@@ -1155,13 +1156,13 @@
if (isSplitZipArchive) {
skipBytes(ZIP64_EOCD_CFD_DISK_OFFSET
- WORD /* signature has already been read */);
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
centralDirectoryStartDiskNumber = ZipLong.getValue(wordBuf);
skipBytes(ZIP64_EOCD_CFD_LOCATOR_RELATIVE_OFFSET);
- dwordBbuf.rewind();
+ ((Buffer)dwordBbuf).rewind();
IOUtils.readFully(archive, dwordBbuf);
centralDirectoryStartRelativeOffset = ZipEightByteInteger.getLongValue(dwordBuf);
((ZipSplitReadOnlySeekableByteChannel) archive)
@@ -1169,7 +1170,7 @@
} else {
skipBytes(ZIP64_EOCD_CFD_LOCATOR_OFFSET
- WORD /* signature has already been read */);
- dwordBbuf.rewind();
+ ((Buffer)dwordBbuf).rewind();
IOUtils.readFully(archive, dwordBbuf);
centralDirectoryStartDiskNumber = 0;
centralDirectoryStartRelativeOffset = ZipEightByteInteger.getLongValue(dwordBuf);
@@ -1188,20 +1189,20 @@
throws IOException {
if (isSplitZipArchive) {
skipBytes(CFD_DISK_OFFSET);
- shortBbuf.rewind();
+ ((Buffer)shortBbuf).rewind();
IOUtils.readFully(archive, shortBbuf);
centralDirectoryStartDiskNumber = ZipShort.getValue(shortBuf);
skipBytes(CFD_LOCATOR_RELATIVE_OFFSET);
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
centralDirectoryStartRelativeOffset = ZipLong.getValue(wordBuf);
((ZipSplitReadOnlySeekableByteChannel) archive)
.position(centralDirectoryStartDiskNumber, centralDirectoryStartRelativeOffset);
} else {
skipBytes(CFD_LOCATOR_OFFSET);
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
centralDirectoryStartDiskNumber = 0;
centralDirectoryStartRelativeOffset = ZipLong.getValue(wordBuf);
@@ -1238,9 +1239,9 @@
for (; off >= stopSearching; off--) {
archive.position(off);
try {
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
- wordBbuf.flip();
+ ((Buffer)wordBbuf).flip();
} catch (final EOFException ex) { // NOSONAR
break;
}
@@ -1352,9 +1353,9 @@
} else {
archive.position(offset + LFH_OFFSET_FOR_FILENAME_LENGTH);
}
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
- wordBbuf.flip();
+ ((Buffer)wordBbuf).flip();
wordBbuf.get(shortBuf);
final int fileNameLen = ZipShort.getValue(shortBuf);
wordBbuf.get(shortBuf);
@@ -1382,7 +1383,7 @@
*/
private boolean startsWithLocalFileHeader() throws IOException {
archive.position(0);
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
return Arrays.equals(wordBuf, ZipArchiveOutputStream.LFH_SIG);
}
@@ -1418,7 +1419,7 @@
@Override
protected int read(final long pos, final ByteBuffer buf) throws IOException {
final int read = archive.read(buf, pos);
- buf.flip();
+ ((Buffer)buf).flip();
return read;
}
}
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/utils/FixedLengthBlockOutputStream.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/utils/FixedLengthBlockOutputStream.java 2021-07-19 16:16:51.850472686 +0200
@@ -21,6 +21,7 @@
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.nio.channels.ClosedChannelException;
@@ -88,7 +89,7 @@
}
private void writeBlock() throws IOException {
- buffer.flip();
+ ((Buffer)buffer).flip();
final int i = out.write(buffer);
final boolean hasRemaining = buffer.hasRemaining();
if (i != blockSize || hasRemaining) {
@@ -97,7 +98,7 @@
blockSize, i);
throw new IOException(msg);
}
- buffer.clear();
+ ((Buffer)buffer).clear();
}
@Override
@@ -142,7 +143,7 @@
// fill up the reset of buffer and write the block.
if (buffer.position() != 0) {
final int n = buffer.remaining();
- src.limit(src.position() + n);
+ ((Buffer)src).limit(src.position() + n);
buffer.put(src);
writeBlock();
srcLeft -= n;
@@ -150,12 +151,12 @@
// whilst we have enough bytes in src for complete blocks,
// write them directly from src without copying them to buffer
while (srcLeft >= blockSize) {
- src.limit(src.position() + blockSize);
+ ((Buffer)src).limit(src.position() + blockSize);
out.write(src);
srcLeft -= blockSize;
}
// copy any remaining bytes into buffer
- src.limit(savedLimit);
+ ((Buffer)src).limit(savedLimit);
buffer.put(src);
}
return srcRemaining;
@@ -242,7 +243,7 @@
final int pos = buffer.position();
final int len = buffer.limit() - pos;
out.write(buffer.array(), buffer.arrayOffset() + pos, len);
- buffer.position(buffer.limit());
+ ((Buffer)buffer).position(buffer.limit());
return len;
} catch (final IOException e) {
try {
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/utils/IOUtils.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/utils/IOUtils.java 2021-07-19 17:09:11.659891748 +0200
@@ -25,6 +25,7 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.channels.ReadableByteChannel;
import java.nio.file.Files;
@@ -372,7 +373,7 @@
break;
}
output.write(b.array(), 0, readNow);
- b.rewind();
+ ((Buffer)b).rewind();
read += readNow;
}
return output.toByteArray();