[
https://issues.apache.org/jira/browse/TIKA-4399?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17941976#comment-17941976
]
ASF GitHub Bot commented on TIKA-4399:
--------------------------------------
tballison merged PR #2182:
URL: https://github.com/apache/tika/pull/2182
> RUnpackExtractor -- improve stream wrapping
> -------------------------------------------
>
> Key: TIKA-4399
> URL: https://issues.apache.org/jira/browse/TIKA-4399
> Project: Tika
> Issue Type: Task
> Reporter: Tim Allison
> Priority: Major
>
> In the RUnpackExtractor, we create a new TikaInputStream. This can cause
> problems because the security handler no longer tracks bytes read from the
> original stream, and it "thinks" that it is getting a zip bomb.
> In general, I think it would be cleanest to add a {{closeShield}} on
> TikaInputStream so that we're not wrapping it all over the place. We could
> also require that Parsers use a TikaInputStream on embedded files.
> This is a major and breaking change that is ok for 4.x. We should find a less
> disruptive solution for 3.x.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
