packages/apache-commons-compress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2021-35517 CVE-2021-35516 CVE-2021-35515 CVE-2021-36090

Browse Source
This commit is contained in:
houyingchao 2021-08-03 12:26:35 +08:00
parent 0dd083f81e
commit c5f26a619b
8 changed files with 618 additions and 299 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

127
0003-COMPRESS-463-throw-exception-when-detecting-a-trunca.patch
View File

@ -1,127 +0,0 @@
From 2f169c27bf0252229c6a96ea18d9b6f9348c6b9e Mon Sep 17 00:00:00 2001
From: Marian Koncek <mkoncek@redhat.com>
Date: Fri, 5 Oct 2018 13:10:18 +0200
Subject: [PATCH] COMPRESS-463 throw exception when detecting a truncated
stored entry
---
.../archivers/zip/ZipArchiveInputStream.java | 3 +-
.../zip/Maven221MultiVolumeTest.java | 7 ++
.../zip/ZipArchiveInputStreamTest.java | 69 +++++++++++++++++++
3 files changed, 78 insertions(+), 1 deletion(-)
diff --git a/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java b/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java
index 729d92e..4c239ec 100644
--- a/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java
+++ b/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java
@@ -523,7 +523,8 @@ public class ZipArchiveInputStream extends ArchiveInputStream implements InputSt
buf.position(0);
final int l = in.read(buf.array());
if (l == -1) {
- return -1;
+ buf.limit(0);
+ throw new IOException("Truncated ZIP file");
}
buf.limit(l);
diff --git a/src/test/java/org/apache/commons/compress/archivers/zip/Maven221MultiVolumeTest.java b/src/test/java/org/apache/commons/compress/archivers/zip/Maven221MultiVolumeTest.java
index c28f3de..0a905e3 100644
--- a/src/test/java/org/apache/commons/compress/archivers/zip/Maven221MultiVolumeTest.java
+++ b/src/test/java/org/apache/commons/compress/archivers/zip/Maven221MultiVolumeTest.java
@@ -96,6 +96,13 @@ public class Maven221MultiVolumeTest {
assertEquals("Truncated ZIP file", e.getMessage());
}
+ try {
+ zi.read(buffer);
+ fail("shouldn't be able to read from truncated entry after exception");
+ } catch (final IOException e) {
+ assertEquals("Truncated ZIP file", e.getMessage());
+ }
+
// and now we get another entry, which should also yield
// an exception
try {
diff --git a/src/test/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStreamTest.java b/src/test/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStreamTest.java
index 5d1cdb1..5bf003b 100644
--- a/src/test/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStreamTest.java
+++ b/src/test/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStreamTest.java
@@ -340,6 +340,75 @@ public class ZipArchiveInputStreamTest {
}
}
+ @Test
+ public void singleByteReadThrowsAtEofForCorruptedStoredEntry() throws Exception {
+ byte[] content;
+ try (FileInputStream fs = new FileInputStream(getFile("COMPRESS-264.zip"))) {
+ content = IOUtils.toByteArray(fs);
+ }
+ // make size much bigger than entry's real size
+ for (int i = 17; i < 26; i++) {
+ content[i] = (byte) 0xff;
+ }
+ try (ByteArrayInputStream in = new ByteArrayInputStream(content);
+ ZipArchiveInputStream archive = new ZipArchiveInputStream(in)) {
+ ArchiveEntry e = archive.getNextEntry();
+ try {
+ IOUtils.toByteArray(archive);
+ fail("expected exception");
+ } catch (IOException ex) {
+ assertEquals("Truncated ZIP file", ex.getMessage());
+ }
+ try {
+ archive.read();
+ fail("expected exception");
+ } catch (IOException ex) {
+ assertEquals("Truncated ZIP file", ex.getMessage());
+ }
+ try {
+ archive.read();
+ fail("expected exception");
+ } catch (IOException ex) {
+ assertEquals("Truncated ZIP file", ex.getMessage());
+ }
+ }
+ }
+
+ @Test
+ public void multiByteReadThrowsAtEofForCorruptedStoredEntry() throws Exception {
+ byte[] content;
+ try (FileInputStream fs = new FileInputStream(getFile("COMPRESS-264.zip"))) {
+ content = IOUtils.toByteArray(fs);
+ }
+ // make size much bigger than entry's real size
+ for (int i = 17; i < 26; i++) {
+ content[i] = (byte) 0xff;
+ }
+ byte[] buf = new byte[2];
+ try (ByteArrayInputStream in = new ByteArrayInputStream(content);
+ ZipArchiveInputStream archive = new ZipArchiveInputStream(in)) {
+ ArchiveEntry e = archive.getNextEntry();
+ try {
+ IOUtils.toByteArray(archive);
+ fail("expected exception");
+ } catch (IOException ex) {
+ assertEquals("Truncated ZIP file", ex.getMessage());
+ }
+ try {
+ archive.read(buf);
+ fail("expected exception");
+ } catch (IOException ex) {
+ assertEquals("Truncated ZIP file", ex.getMessage());
+ }
+ try {
+ archive.read(buf);
+ fail("expected exception");
+ } catch (IOException ex) {
+ assertEquals("Truncated ZIP file", ex.getMessage());
+ }
+ }
+ }
+
private static byte[] readEntry(ZipArchiveInputStream zip, ZipArchiveEntry zae) throws IOException {
final int len = (int)zae.getSize();
final byte[] buff = new byte[len];
--
2.17.1

32
0004-Avoid-use-of-internal-Mockito-API.patch
View File

@ -1,32 +0,0 @@
From 4dd332d8f82d3a5f0ac6654d2c1733e44da6ddbd Mon Sep 17 00:00:00 2001
From: Mat Booth <mat.booth@redhat.com>
Date: Thu, 7 Feb 2019 14:57:25 +0000
Subject: [PATCH 3/3] Avoid use of internal Mockito API
---
.../compress/utils/FixedLengthBlockOutputStreamTest.java | 2 --
1 file changed, 2 deletions(-)
diff --git a/src/test/java/org/apache/commons/compress/utils/FixedLengthBlockOutputStreamTest.java b/src/test/java/org/apache/commons/compress/utils/FixedLengthBlockOutputStreamTest.java
index cfda61b..e94ccee 100644
--- a/src/test/java/org/apache/commons/compress/utils/FixedLengthBlockOutputStreamTest.java
+++ b/src/test/java/org/apache/commons/compress/utils/FixedLengthBlockOutputStreamTest.java
@@ -39,7 +39,6 @@ import java.nio.file.Path;
import java.util.concurrent.atomic.AtomicBoolean;
import org.hamcrest.core.IsInstanceOf;
import org.junit.Test;
-import org.mockito.internal.matchers.GreaterOrEqual;
public class FixedLengthBlockOutputStreamTest {
@@ -294,7 +293,6 @@ public class FixedLengthBlockOutputStreamTest {
private static void assertContainsAtOffset(String msg, byte[] expected, int offset,
byte[] actual) {
- assertThat(actual.length, new GreaterOrEqual<>(offset + expected.length));
for (int i = 0; i < expected.length; i++) {
assertEquals(String.format("%s ([%d])", msg, i), expected[i], actual[i + offset]);
}
--
2.20.1

119
CVE-2019-12402.patch
View File

@ -1,119 +0,0 @@
diff -Nur commons-compress-1.17-src_old/src/main/java/org/apache/commons/compress/archivers/zip/NioZipEncoding.java commons-compress-1.17-src/src/main/java/org/apache/commons/compress/archivers/zip/NioZipEncoding.java
--- commons-compress-1.17-src_old/src/main/java/org/apache/commons/compress/archivers/zip/NioZipEncoding.java 2019-12-26 01:58:18.095645681 -0500
+++ commons-compress-1.17-src/src/main/java/org/apache/commons/compress/archivers/zip/NioZipEncoding.java 2019-12-26 01:59:05.351833877 -0500
@@ -112,7 +112,9 @@
} else if (res.isOverflow()) {
int increment = estimateIncrementalEncodingSize(enc, cb.remaining());
out = ZipEncodingHelper.growBufferBy(out, increment);
- }
+ }else if(res.isUnderflow() || res.isError()) {
+ break;
+ }
}
// tell the encoder we are done
enc.encode(cb, out, true);
diff -Nur commons-compress-1.17-src_old/src/test/java/org/apache/commons/compress/archivers/zip/NioZipEncodingTest.java commons-compress-1.17-src/src/test/java/org/apache/commons/compress/archivers/zip/NioZipEncodingTest.java
--- commons-compress-1.17-src_old/src/test/java/org/apache/commons/compress/archivers/zip/NioZipEncodingTest.java 1969-12-31 19:00:00.000000000 -0500
+++ commons-compress-1.17-src/src/test/java/org/apache/commons/compress/archivers/zip/NioZipEncodingTest.java 2019-12-26 01:59:34.823951249 -0500
@@ -0,0 +1,101 @@
+/*
+ * *LicensedtotheApacheSoftwareFoundation(ASF)underone
+ * *ormorecontributorlicenseagreements.SeetheNOTICEfile
+ * *distributedwiththisworkforadditionalinformation
+ * *regardingcopyrightownership.TheASFlicensesthisfile
+ * *toyouundertheApacheLicense,Version2.0(the
+ * *"License");youmaynotusethisfileexceptincompliance
+ * *withtheLicense.YoumayobtainacopyoftheLicenseat
+ * *
+ * *http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * *Unlessrequiredbyapplicablelaworagreedtoinwriting,
+ * *softwaredistributedundertheLicenseisdistributedonan
+ * *"ASIS"BASIS,WITHOUTWARRANTIESORCONDITIONSOFANY
+ * *KIND,eitherexpressorimplied.SeetheLicenseforthe
+ * *specificlanguagegoverningpermissionsandlimitations
+ * *undertheLicense.
+ *
+ */
+package org.apache.commons.compress.archivers.zip;
+
+import java.nio.ByteBuffer;
+import java.nio.charset.StandardCharsets;
+import java.util.Arrays;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+public class NioZipEncodingTest {
+
+ private static final String UMLAUTS = "\u00e4\u00f6\u00fc";
+
+ @Test
+ public void umlautToUTF16BE() {
+ NioZipEncoding e = new NioZipEncoding(StandardCharsets.UTF_16BE, false);
+ ByteBuffer bb = e.encode(UMLAUTS);
+ final int off = bb.arrayOffset();
+ byte[] result = Arrays.copyOfRange(bb.array(), off, off + bb.limit() - bb.position());
+ Assert.assertArrayEquals(UMLAUTS.getBytes(StandardCharsets.UTF_16BE), result);
+ }
+
+ @Test
+ public void umlautToUTF8() {
+ NioZipEncoding e = new NioZipEncoding(StandardCharsets.UTF_8, true);
+ ByteBuffer bb = e.encode("\u00e4\u00f6\u00fc");
+ final int off = bb.arrayOffset();
+ byte[] result = Arrays.copyOfRange(bb.array(), off, off + bb.limit() - bb.position());
+ Assert.assertArrayEquals(UMLAUTS.getBytes(StandardCharsets.UTF_8), result);
+ }
+
+ @Test
+ public void umlautToISO88591() {
+ NioZipEncoding e = new NioZipEncoding(StandardCharsets.ISO_8859_1, true);
+ ByteBuffer bb = e.encode("\u00e4\u00f6\u00fc");
+ final int off = bb.arrayOffset();
+ byte[] result = Arrays.copyOfRange(bb.array(), off, off + bb.limit() - bb.position());
+ Assert.assertArrayEquals(UMLAUTS.getBytes(StandardCharsets.ISO_8859_1), result);
+ }
+
+ @Test
+ public void unmappableUmlauts() {
+ NioZipEncoding e = new NioZipEncoding(StandardCharsets.US_ASCII, false);
+ ByteBuffer bb = e.encode("\u00e4\u00f6\u00fc");
+ final int off = bb.arrayOffset();
+ byte[] result = Arrays.copyOfRange(bb.array(), off, off + bb.limit() - bb.position());
+ Assert.assertEquals("%U00E4%U00F6%U00FC", new String(result, StandardCharsets.US_ASCII));
+ }
+
+ private static final String RAINBOW_EMOJI = "\ud83c\udf08";
+
+ @Test
+ public void unmappableRainbowEmoji() {
+ NioZipEncoding e = new NioZipEncoding(StandardCharsets.US_ASCII, false);
+ ByteBuffer bb = e.encode(RAINBOW_EMOJI);
+ final int off = bb.arrayOffset();
+ byte[] result = Arrays.copyOfRange(bb.array(), off, off + bb.limit() - bb.position());
+ Assert.assertEquals("%UD83C%UDF08", new String(result, StandardCharsets.US_ASCII));
+ }
+
+ @Test
+ public void rainbowEmojiToSurrogatePairUTF16() {
+ NioZipEncoding e = new NioZipEncoding(StandardCharsets.UTF_16BE, false);
+ ByteBuffer bb = e.encode(RAINBOW_EMOJI);
+ final int off = bb.arrayOffset();
+ byte[] result = Arrays.copyOfRange(bb.array(), off, off + bb.limit() - bb.position());
+ Assert.assertArrayEquals(RAINBOW_EMOJI.getBytes(StandardCharsets.UTF_16BE), result);
+ }
+
+ @Test
+ public void partialSurrogatePair() {
+ NioZipEncoding e = new NioZipEncoding(StandardCharsets.US_ASCII, false);
+ ByteBuffer bb = e.encode("\ud83c");
+ final int off = bb.arrayOffset();
+ byte[] result = Arrays.copyOfRange(bb.array(), off, off + bb.limit() - bb.position());
+ Assert.assertEquals(0, result.length);
+ }
+
+
+}
+
+

130
apache-commons-compress-build.xml Normal file
View File

@ -0,0 +1,130 @@
<?xml version="1.0" encoding="UTF-8"?>
<project name="commons-compress" default="package" basedir=".">
<!-- ====================================================================== -->
<!-- Build environment properties -->
<!-- ====================================================================== -->
<property file="build.properties"/>
<property name="build.name" value="commons-compress"/>
<property name="build.version" value="1.21"/>
<property name="build.finalName" value="${build.name}-${build.version}"/>
<property name="build.dir" value="target"/>
<property name="build.javadocDir" value="${build.dir}/site/apidocs"/>
<property name="build.outputDir" value="${build.dir}/classes"/>
<property name="build.srcDir.0" value="src/main/java"/>
<property name="build.resourceDir.0" value="src/main/resources"/>
<property name="build.resourceDir.1" value="."/>
<property name="commons.osgi.dynamicImport" value=""/>
<property name="commons.osgi.excludeDependencies" value="true"/>
<property name="commons.osgi.export" value="org.apache.commons.compress;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.ar;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.arj;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.cpio;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.dump;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.examples;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.jar;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.sevenz;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.tar;version=&quot;${build.version}&quot;,org.apache.commons.compress.archivers.zip;version=&quot;${build.version}&quot;,org.apache.commons.compress.changes;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.bzip2;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.deflate;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.deflate64;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.gzip;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.lz4;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.lz77support;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.lzma;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.lzw;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.pack200;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.snappy;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.xz;version=&quot;${build.version}&quot;,org.apache.commons.compress.compressors.z;version=&quot;${build.version}&quot;,org.apache.commons.compress.harmony.archive.internal.nls;version=&quot;${build.version}&quot;,org.apache.commons.compress.harmony.pack200;version=&quot;${build.version}&quot;,org.apache.commons.compress.harmony.unpack200;version=&quot;${build.version}&quot;,org.apache.commons.compress.harmony.unpack200.bytecode;version=&quot;${build.version}&quot;,org.apache.commons.compress.harmony.unpack200.bytecode.forms;version=&quot;${build.version}&quot;,org.apache.commons.compress.java.util.jar;version=&quot;${build.version}&quot;,org.apache.commons.compress.parallel;version=&quot;${build.version}&quot;,org.apache.commons.compress.utils;version=&quot;${build.version}&quot;"/>
<property name="commons.osgi.import" value="org.tukaani.xz;resolution:=optional,org.objectweb.asm;resolution:=optional,javax.crypto;resolution:=optional,javax.crypto.spec;resolution:=optional"/>
<property name="commons.osgi.private" value=""/>
<property name="commons.osgi.symbolicName" value="org.apache.commons.compress"/>
<property name="compiler.source" value="1.8"/>
<property name="compiler.target" value="1.8"/>
<!-- ====================================================================== -->
<!-- Defining classpaths -->
<!-- ====================================================================== -->
<path id="build.classpath">
<fileset dir="lib">
<include name="**/*.jar">
</include>
</fileset>
</path>
<!-- ====================================================================== -->
<!-- Cleaning up target -->
<!-- ====================================================================== -->
<target name="clean" description="Clean the output directory">
<delete dir="${build.dir}"/>
</target>
<!-- ====================================================================== -->
<!-- Compilation target -->
<!-- ====================================================================== -->
<target name="compile" description="Compile the code">
<mkdir dir="${build.outputDir}"/>
<javac destdir="${build.outputDir}"
encoding="iso-8859-1"
nowarn="false"
debug="true"
optimize="false"
deprecation="true"
target="${compiler.target}"
verbose="false"
fork="false"
source="${compiler.source}">
<src>
<pathelement location="${build.srcDir.0}"/>
</src>
<classpath refid="build.classpath"/>
</javac>
<mkdir dir="${build.outputDir}/META-INF"/>
<copy todir="${build.outputDir}/META-INF">
<fileset dir="${build.resourceDir.1}">
<include name="NOTICE.txt"/>
<include name="LICENSE.txt"/>
</fileset>
</copy>
</target>
<!-- ====================================================================== -->
<!-- Javadoc target -->
<!-- ====================================================================== -->
<target name="javadoc" description="Generates the Javadoc of the application">
<mkdir dir="${build.javadocDir}"/>
<javadoc sourcepath="${build.srcDir.0}"
packagenames="*"
destdir="${build.javadocDir}"
access="protected"
verbose="false"
encoding="iso-8859-1"
version="true"
use="true"
author="true"
splitindex="false"
nodeprecated="false"
nodeprecatedlist="false"
notree="false"
noindex="false"
nohelp="false"
nonavbar="false"
serialwarn="false"
source="${compiler.source}"
linksource="true"
breakiterator="false">
<classpath refid="build.classpath"/>
</javadoc>
</target>
<!-- ====================================================================== -->
<!-- Package target -->
<!-- ====================================================================== -->
<target name="package" depends="compile" description="Package the application">
<jar jarfile="${build.dir}/${build.finalName}.jar"
compress="true"
index="false"
basedir="${build.outputDir}"
excludes="**/package.html">
<manifest>
<attribute name="Bundle-SymbolicName" value="${commons.osgi.symbolicName}"/>
<attribute name="Bundle-Version" value="${build.version}"/>
<attribute name="Export-Package" value="${commons.osgi.export}"/>
<attribute name="Import-Package" value="${commons.osgi.import}"/>
</manifest>
</jar>
</target>
</project>

61
apache-commons-compress.spec
View File

@ -1,24 +1,27 @@
Name: apache-commons-compress Name: apache-commons-compress
Version: 1.17 Version: 1.21
Release: 6 Release: 1
Summary: Java API for working with archivers and compressed files Summary: Java API for working with compressed files and archivers
License: ASL 2.0 License: ASL 2.0
URL: http://commons.apache.org/proper/commons-compress/ URL: http://commons.apache.org/proper/commons-compress/
BuildArch: noarch BuildArch: noarch
Source0: http://archive.apache.org/dist/commons/compress/source/commons-compress-%{version}-src.tar.gz Source0: http://archive.apache.org/dist/commons/compress/source/commons-compress-%{version}-src.tar.gz
Source1: http://archive.apache.org/dist/commons/compress/source/commons-compress-%{version}-src.tar.gz.asc
Source2: %{name}-build.xml
Patch0001: 0001-Remove-Brotli-compressor.patch Patch0001: 0001-Remove-Brotli-compressor.patch
Patch0002: 0002-Remove-ZSTD-compressor.patch Patch0002: 0002-Remove-ZSTD-compressor.patch
Patch0003: 0003-COMPRESS-463-throw-exception-when-detecting-a-trunca.patch Patch0003: fix_java_8_compatibility.patch
Patch0004: 0004-Avoid-use-of-internal-Mockito-API.patch BuildRequires: ant objectweb-asm3 fdupes java-devel >= 1.8 javapackages-local xz-java
Patch6000: CVE-2019-12402.patch Provides: commons-compress = %{version}-%{release}
BuildRequires: maven-local mvn(junit:junit) mvn(org.apache.commons:commons-parent:pom:) Obsoletes: commons-compress < %{version}-%{release}
BuildRequires: mvn(org.apache.felix:maven-bundle-plugin) mvn(org.powermock:powermock-api-mockito) Provides: jakarta-commons-compress = %{version}-%{release}
BuildRequires: mvn(org.apache.maven.plugins:maven-antrun-plugin) mvn(org.osgi:org.osgi.core) Obsoletes: jakarta-commons-compress < %{version}-%{release}
BuildRequires: mvn(org.powermock:powermock-module-junit4) mvn(org.tukaani:xz)
%description %description
The Apache Commons Compress library defines an API for working with The Apache Commons Compress library defines an API for working with
ar, cpio, Unix dump, tar, zip, gzip, XZ, Pack200 and bzip2 files. ar, cpio, Unix dump, tar, zip, gzip, XZ, Pack200 and bzip2 files.
In version 1.14 read-only support for Brotli decompression has been added,
but it has been removed from this package.
%package help %package help
Summary: API documentation for apache-commons-compress Summary: API documentation for apache-commons-compress
@ -31,31 +34,47 @@ This package provides API documentation for apache-commons-compress.
%prep %prep
%autosetup -n commons-compress-%{version}-src -p1 %autosetup -n commons-compress-%{version}-src -p1
cp %{SOURCE2} build.xml
%pom_remove_dep org.brotli:dec %pom_remove_dep org.brotli:dec
rm -r src/{main,test}/java/org/apache/commons/compress/compressors/brotli rm -r src/{main,test}/java/org/apache/commons/compress/compressors/brotli
%pom_remove_dep :zstd-jni %pom_remove_dep :zstd-jni
rm -r src/{main,test}/java/org/apache/commons/compress/compressors/zstandard rm -r src/{main,test}/java/org/apache/commons/compress/compressors/zstandard
rm src/test/java/org/apache/commons/compress/compressors/DetectCompressorTestCase.java rm src/test/java/org/apache/commons/compress/compressors/DetectCompressorTestCase.java
%pom_remove_dep org.ops4j.pax.exam:::test %pom_remove_plugin :maven-javadoc-plugin
%pom_remove_dep :org.apache.felix.framework::test %pom_xpath_remove "pom:profiles/pom:profile[pom:id[text()='java9+']]"
%pom_remove_dep :javax.inject::test %pom_remove_parent .
%pom_remove_dep :slf4j-api::test %pom_xpath_inject "pom:project" "<groupId>org.apache.commons</groupId>" .
rm src/test/java/org/apache/commons/compress/OsgiITest.java
%build %build
%mvn_file : commons-compress apache-commons-compress mkdir -p lib
%mvn_alias : commons: build-jar-repository -s lib xz-java objectweb-asm3
%mvn_build -- -Dcommons.osgi.symbolicName=org.apache.commons.compress %{ant} package javadoc
%install %install
%mvn_install install -dm 0755 %{buildroot}%{_javadir}
install -pm 0644 target/commons-compress-%{version}.jar %{buildroot}%{_javadir}/commons-compress.jar
ln -sf commons-compress.jar %{buildroot}%{_javadir}/%{name}.jar
install -dm 0755 %{buildroot}%{_mavenpomdir}
install -pm 0644 pom.xml %{buildroot}%{_mavenpomdir}/commons-compress.pom
%add_maven_depmap commons-compress.pom commons-compress.jar -a commons:commons-compress,commons-compress:commons-compress
install -dm 0755 %{buildroot}%{_javadocdir}/%{name}
cp -pr target/site/apidocs/* %{buildroot}%{_javadocdir}/%{name}
%fdupes -s %{buildroot}%{_javadocdir}
%files -f .mfiles %files -f .mfiles
%doc LICENSE.txt NOTICE.txt %{_javadir}/%{name}.jar
%license LICENSE.txt
%doc NOTICE.txt
%files help -f .mfiles-javadoc %files help
%{_javadocdir}/%{name}
%license LICENSE.txt
%doc NOTICE.txt
%changelog %changelog
* Tue Aug 3 2021 houyingchao <houyingchao@huawei.com> - 1.21-1
- Upgrade to 1.21
* Sat Sep 12 2020 leiju <leiju4@huawei.com> - 1.17-4.h2 * Sat Sep 12 2020 leiju <leiju4@huawei.com> - 1.17-4.h2
- Avoid use of internal Mockito API - Avoid use of internal Mockito API

BIN
commons-compress-1.17-src.tar.gz → commons-compress-1.21-src.tar.gz
View File

Binary file not shown.

7
commons-compress-1.21-src.tar.gz.asc Normal file
View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
iHEEABEKADEWIQTOgHWiUVR77iSbwVGiEVrhX2uLcgUCYOiAPBMcYm9kZXdpZ0Bh
cGFjaGUub3JnAAoJEKIRWuFfa4tyyNwAn1RAMciW7Os/lbwCiQ/RJ64GL+LSAKDB
7ZWg3nXsSSAnuN7K/3doWvLkLQ==
=iHWA
-----END PGP SIGNATURE-----

441
fix_java_8_compatibility.patch Normal file
View File

@ -0,0 +1,441 @@
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/sevenz/BoundedSeekableByteChannelInputStream.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/sevenz/BoundedSeekableByteChannelInputStream.java 2021-07-19 16:32:46.529020782 +0200
@@ -19,6 +19,7 @@
import java.io.IOException;
import java.io.InputStream;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.channels.SeekableByteChannel;
@@ -83,7 +84,7 @@
} else {
buf = ByteBuffer.allocate(bytesToRead);
bytesRead = channel.read(buf);
- buf.flip();
+ ((Buffer)buf).flip();
}
if (bytesRead >= 0) {
buf.get(b, off, bytesRead);
@@ -93,9 +94,9 @@
}
private int read(final int len) throws IOException {
- buffer.rewind().limit(len);
+ ((Buffer)buffer).rewind().limit(len);
final int read = channel.read(buffer);
- buffer.flip();
+ ((Buffer)buffer).flip();
return read;
}
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZFile.java 2021-07-19 16:20:02.675782684 +0200
@@ -26,6 +26,7 @@
import java.io.FilterInputStream;
import java.io.IOException;
import java.io.InputStream;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.nio.CharBuffer;
@@ -499,7 +500,7 @@
while (pos > minPos) {
pos--;
channel.position(pos);
- nidBuf.rewind();
+ ((Buffer)nidBuf).rewind();
if (channel.read(nidBuf) < 1) {
throw new EOFException();
}
@@ -2016,9 +2017,9 @@
}
private void readFully(final ByteBuffer buf) throws IOException {
- buf.rewind();
+ ((Buffer)buf).rewind();
IOUtils.readFully(channel, buf);
- buf.flip();
+ ((Buffer)buf).flip();
}
@Override
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZOutputFile.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZOutputFile.java 2021-07-19 16:14:03.565317437 +0200
@@ -26,6 +26,7 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.nio.channels.SeekableByteChannel;
@@ -341,7 +342,7 @@
crc32.reset();
crc32.update(bb.array(), SevenZFile.sevenZSignature.length + 6, 20);
bb.putInt(SevenZFile.sevenZSignature.length + 2, (int) crc32.getValue());
- bb.flip();
+ ((Buffer)bb).flip();
channel.write(bb);
}
@@ -826,7 +827,7 @@
private final ByteBuffer buffer = ByteBuffer.allocate(BUF_SIZE);
@Override
public void write(final int b) throws IOException {
- buffer.clear();
+ ((Buffer)buffer).clear();
buffer.put((byte) b).flip();
channel.write(buffer);
compressedCrc32.update(b);
@@ -844,7 +845,7 @@
if (len > BUF_SIZE) {
channel.write(ByteBuffer.wrap(b, off, len));
} else {
- buffer.clear();
+ ((Buffer)buffer).clear();
buffer.put(b, off, len).flip();
channel.write(buffer);
}
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/NioZipEncoding.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/NioZipEncoding.java 2021-07-19 16:14:03.565317437 +0200
@@ -20,6 +20,7 @@
package org.apache.commons.compress.archivers.zip;
import java.io.IOException;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.CharBuffer;
import java.nio.charset.Charset;
@@ -121,8 +122,8 @@
enc.encode(cb, out, true);
// may have caused underflow, but that's been ignored traditionally
- out.limit(out.position());
- out.rewind();
+ ((Buffer)out).limit(out.position());
+ ((Buffer)out).rewind();
return out;
}
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/ZipArchiveInputStream.java 2021-07-19 16:14:03.565317437 +0200
@@ -25,6 +25,7 @@
import java.io.InputStream;
import java.io.PushbackInputStream;
import java.math.BigInteger;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.util.Arrays;
import java.util.zip.CRC32;
@@ -256,7 +257,7 @@
allowStoredEntriesWithDataDescriptor;
this.skipSplitSig = skipSplitSig;
// haven't read anything so far
- buf.limit(0);
+ ((Buffer)buf).limit(0);
}
public ZipArchiveEntry getNextZipEntry() throws IOException {
@@ -596,13 +597,13 @@
}
if (buf.position() >= buf.limit()) {
- buf.position(0);
+ ((Buffer)buf).position(0);
final int l = in.read(buf.array());
if (l == -1) {
- buf.limit(0);
+ ((Buffer)buf).limit(0);
throw new IOException("Truncated ZIP file");
}
- buf.limit(l);
+ ((Buffer)buf).limit(l);
count(l);
current.bytesReadFromStream += l;
@@ -795,7 +796,7 @@
}
inf.reset();
- buf.clear().flip();
+ ((Buffer)buf).clear().flip();
current = null;
lastStoredEntry = null;
}
@@ -860,7 +861,7 @@
}
final int length = in.read(buf.array());
if (length > 0) {
- buf.limit(length);
+ ((Buffer)buf).limit(length);
count(buf.limit());
inf.setInput(buf.array(), 0, buf.limit());
}
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/ZipEncodingHelper.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/ZipEncodingHelper.java 2021-07-19 16:29:53.519835167 +0200
@@ -18,6 +18,7 @@
package org.apache.commons.compress.archivers.zip;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
@@ -85,8 +86,8 @@
}
static ByteBuffer growBufferBy(final ByteBuffer buffer, final int increment) {
- buffer.limit(buffer.position());
- buffer.rewind();
+ ((Buffer)buffer).limit(buffer.position());
+ ((Buffer)buffer).rewind();
final ByteBuffer on = ByteBuffer.allocate(buffer.capacity() + increment);
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/ZipFile.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/archivers/zip/ZipFile.java 2021-07-19 16:28:13.175147502 +0200
@@ -25,6 +25,7 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.SequenceInputStream;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
import java.nio.channels.SeekableByteChannel;
@@ -713,7 +714,7 @@
positionAtCentralDirectory();
centralDirectoryStartOffset = archive.position();
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
long sig = ZipLong.getValue(wordBuf);
@@ -724,7 +725,7 @@
while (sig == CFH_SIG) {
readCentralDirectoryEntry(noUTF8Flag);
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
sig = ZipLong.getValue(wordBuf);
}
@@ -743,7 +744,7 @@
private void
readCentralDirectoryEntry(final Map<ZipArchiveEntry, NameAndComment> noUTF8Flag)
throws IOException {
- cfhBbuf.rewind();
+ ((Buffer)cfhBbuf).rewind();
IOUtils.readFully(archive, cfhBbuf);
int off = 0;
final Entry ze = new Entry();
@@ -1100,7 +1101,7 @@
archive.position() > ZIP64_EOCDL_LENGTH;
if (searchedForZip64EOCD) {
archive.position(archive.position() - ZIP64_EOCDL_LENGTH);
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
found = Arrays.equals(ZipArchiveOutputStream.ZIP64_EOCD_LOC_SIG,
wordBuf);
@@ -1128,11 +1129,11 @@
private void positionAtCentralDirectory64()
throws IOException {
if (isSplitZipArchive) {
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
final long diskNumberOfEOCD = ZipLong.getValue(wordBuf);
- dwordBbuf.rewind();
+ ((Buffer)dwordBbuf).rewind();
IOUtils.readFully(archive, dwordBbuf);
final long relativeOffsetOfEOCD = ZipEightByteInteger.getLongValue(dwordBuf);
((ZipSplitReadOnlySeekableByteChannel) archive)
@@ -1140,12 +1141,12 @@
} else {
skipBytes(ZIP64_EOCDL_LOCATOR_OFFSET
- WORD /* signature has already been read */);
- dwordBbuf.rewind();
+ ((Buffer)dwordBbuf).rewind();
IOUtils.readFully(archive, dwordBbuf);
archive.position(ZipEightByteInteger.getLongValue(dwordBuf));
}
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
if (!Arrays.equals(wordBuf, ZipArchiveOutputStream.ZIP64_EOCD_SIG)) {
throw new ZipException("Archive's ZIP64 end of central "
@@ -1155,13 +1156,13 @@
if (isSplitZipArchive) {
skipBytes(ZIP64_EOCD_CFD_DISK_OFFSET
- WORD /* signature has already been read */);
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
centralDirectoryStartDiskNumber = ZipLong.getValue(wordBuf);
skipBytes(ZIP64_EOCD_CFD_LOCATOR_RELATIVE_OFFSET);
- dwordBbuf.rewind();
+ ((Buffer)dwordBbuf).rewind();
IOUtils.readFully(archive, dwordBbuf);
centralDirectoryStartRelativeOffset = ZipEightByteInteger.getLongValue(dwordBuf);
((ZipSplitReadOnlySeekableByteChannel) archive)
@@ -1169,7 +1170,7 @@
} else {
skipBytes(ZIP64_EOCD_CFD_LOCATOR_OFFSET
- WORD /* signature has already been read */);
- dwordBbuf.rewind();
+ ((Buffer)dwordBbuf).rewind();
IOUtils.readFully(archive, dwordBbuf);
centralDirectoryStartDiskNumber = 0;
centralDirectoryStartRelativeOffset = ZipEightByteInteger.getLongValue(dwordBuf);
@@ -1188,20 +1189,20 @@
throws IOException {
if (isSplitZipArchive) {
skipBytes(CFD_DISK_OFFSET);
- shortBbuf.rewind();
+ ((Buffer)shortBbuf).rewind();
IOUtils.readFully(archive, shortBbuf);
centralDirectoryStartDiskNumber = ZipShort.getValue(shortBuf);
skipBytes(CFD_LOCATOR_RELATIVE_OFFSET);
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
centralDirectoryStartRelativeOffset = ZipLong.getValue(wordBuf);
((ZipSplitReadOnlySeekableByteChannel) archive)
.position(centralDirectoryStartDiskNumber, centralDirectoryStartRelativeOffset);
} else {
skipBytes(CFD_LOCATOR_OFFSET);
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
centralDirectoryStartDiskNumber = 0;
centralDirectoryStartRelativeOffset = ZipLong.getValue(wordBuf);
@@ -1238,9 +1239,9 @@
for (; off >= stopSearching; off--) {
archive.position(off);
try {
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
- wordBbuf.flip();
+ ((Buffer)wordBbuf).flip();
} catch (final EOFException ex) { // NOSONAR
break;
}
@@ -1352,9 +1353,9 @@
} else {
archive.position(offset + LFH_OFFSET_FOR_FILENAME_LENGTH);
}
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
- wordBbuf.flip();
+ ((Buffer)wordBbuf).flip();
wordBbuf.get(shortBuf);
final int fileNameLen = ZipShort.getValue(shortBuf);
wordBbuf.get(shortBuf);
@@ -1382,7 +1383,7 @@
*/
private boolean startsWithLocalFileHeader() throws IOException {
archive.position(0);
- wordBbuf.rewind();
+ ((Buffer)wordBbuf).rewind();
IOUtils.readFully(archive, wordBbuf);
return Arrays.equals(wordBuf, ZipArchiveOutputStream.LFH_SIG);
}
@@ -1418,7 +1419,7 @@
@Override
protected int read(final long pos, final ByteBuffer buf) throws IOException {
final int read = archive.read(buf, pos);
- buf.flip();
+ ((Buffer)buf).flip();
return read;
}
}
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/utils/FixedLengthBlockOutputStream.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/utils/FixedLengthBlockOutputStream.java 2021-07-19 16:16:51.850472686 +0200
@@ -21,6 +21,7 @@
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.nio.channels.ClosedChannelException;
@@ -88,7 +89,7 @@
}
private void writeBlock() throws IOException {
- buffer.flip();
+ ((Buffer)buffer).flip();
final int i = out.write(buffer);
final boolean hasRemaining = buffer.hasRemaining();
if (i != blockSize || hasRemaining) {
@@ -97,7 +98,7 @@
blockSize, i);
throw new IOException(msg);
}
- buffer.clear();
+ ((Buffer)buffer).clear();
}
@Override
@@ -142,7 +143,7 @@
// fill up the reset of buffer and write the block.
if (buffer.position() != 0) {
final int n = buffer.remaining();
- src.limit(src.position() + n);
+ ((Buffer)src).limit(src.position() + n);
buffer.put(src);
writeBlock();
srcLeft -= n;
@@ -150,12 +151,12 @@
// whilst we have enough bytes in src for complete blocks,
// write them directly from src without copying them to buffer
while (srcLeft >= blockSize) {
- src.limit(src.position() + blockSize);
+ ((Buffer)src).limit(src.position() + blockSize);
out.write(src);
srcLeft -= blockSize;
}
// copy any remaining bytes into buffer
- src.limit(savedLimit);
+ ((Buffer)src).limit(savedLimit);
buffer.put(src);
}
return srcRemaining;
@@ -242,7 +243,7 @@
final int pos = buffer.position();
final int len = buffer.limit() - pos;
out.write(buffer.array(), buffer.arrayOffset() + pos, len);
- buffer.position(buffer.limit());
+ ((Buffer)buffer).position(buffer.limit());
return len;
} catch (final IOException e) {
try {
--- commons-compress-1.21-src/src/main/java/org/apache/commons/compress/utils/IOUtils.java 2020-01-22 16:10:15.000000000 +0100
+++ commons-compress-1.21-src/src/main/java/org/apache/commons/compress/utils/IOUtils.java 2021-07-19 17:09:11.659891748 +0200
@@ -25,6 +25,7 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
+import java.nio.Buffer;
import java.nio.ByteBuffer;
import java.nio.channels.ReadableByteChannel;
import java.nio.file.Files;
@@ -372,7 +373,7 @@
break;
}
output.write(b.array(), 0, readNow);
- b.rewind();
+ ((Buffer)b).rewind();
read += readNow;
}
return output.toByteArray();