From 9b4b922d2c19a5f441625a26941a6024341c8feb Mon Sep 17 00:00:00 2001
From: Stefan Bodewig <bodewig@apache.org>
Date: Fri, 8 Aug 2008 11:36:43 +0000
Subject: [PATCH] fail early if ZipFile is applied to a non-ZIP archive.  PR
 45463.  Suggested by Alison Winters.

git-svn-id: https://svn.apache.org/repos/asf/ant/core/trunk@683942 13f79535-47bb-0310-9956-ffa450edef68
---
 CONTRIBUTORS                               | 1 +
 WHATSNEW                                   | 4 ++++
 contributors.xml                           | 4 ++++
 src/main/org/apache/tools/zip/ZipFile.java | 6 +++++-
 4 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/CONTRIBUTORS b/CONTRIBUTORS
index cf6336f70..e5b49d6c8 100644
--- a/CONTRIBUTORS
+++ b/CONTRIBUTORS
@@ -4,6 +4,7 @@ Adam Blinkinsop
 Aleksandr Ishutin
 Alexey Panchenko
 Alexey Solofnenko
+Alison Winters
 Andreas Ames
 Andreas Mross
 Andrew Everitt
diff --git a/WHATSNEW b/WHATSNEW
index 6804fb391..c7a1ddea4 100644
--- a/WHATSNEW
+++ b/WHATSNEW
@@ -235,6 +235,10 @@ Other changes:
    relative file name).
    Bugzilla Report 28911.
 
+ * <unzip> will now detect that it was asked to extract a file that is
+   not an archive earlier if the file is big.
+   Bugzilla Report 45463.
+
 Changes from Ant 1.7.0 TO Ant 1.7.1
 =============================================
 
diff --git a/contributors.xml b/contributors.xml
index 160320e83..a26661234 100644
--- a/contributors.xml
+++ b/contributors.xml
@@ -46,6 +46,10 @@
     <first>Alexey</first>
     <last>Solofnenko</last>
   </name>
+  <name>
+    <first>Alison</first>
+    <last>Winters</last>
+  </name>
   <name>
     <first>Andreas</first>
     <last>Ames</last>
diff --git a/src/main/org/apache/tools/zip/ZipFile.java b/src/main/org/apache/tools/zip/ZipFile.java
index 82a218e0c..df4e43261 100644
--- a/src/main/org/apache/tools/zip/ZipFile.java
+++ b/src/main/org/apache/tools/zip/ZipFile.java
@@ -366,6 +366,9 @@ public class ZipFile {
         /* the starting disk number        */ + WORD
         /* zipfile comment length          */ + SHORT;
 
+    private static final int MAX_EOCD_SIZE = MIN_EOCD_SIZE
+        /* maximum length of zipfile comment */ + 0xFFFF;
+
     private static final int CFD_LOCATOR_OFFSET =
         /* end of central dir signature    */ WORD
         /* number of this disk             */ + SHORT
@@ -386,11 +389,12 @@ public class ZipFile {
         throws IOException {
         boolean found = false;
         long off = archive.length() - MIN_EOCD_SIZE;
+        long stopSearching = Math.max(0L, archive.length() - MAX_EOCD_SIZE);
         if (off >= 0) {
             archive.seek(off);
             byte[] sig = ZipOutputStream.EOCD_SIG;
             int curr = archive.read();
-            while (curr != -1) {
+            while (off >= stopSearching && curr != -1) {
                 if (curr == sig[POS_0]) {
                     curr = archive.read();
                     if (curr == sig[POS_1]) {