Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OutOfMemoryError when parsing incorrect binary plist files #42

Closed
igorrogov opened this issue Jun 14, 2018 · 2 comments
Closed

OutOfMemoryError when parsing incorrect binary plist files #42

igorrogov opened this issue Jun 14, 2018 · 2 comments
Assignees

Comments

@igorrogov
Copy link

Hello,

Our application has to deal with a lot of plist files that usually come from unknown sources. Sometimes it's corrupted files but with a correct header.

When I run BinaryPropertyListParser on the attached sample file it will produce an OutOfMemoryError which sometimes can crash the entire application. It would be great to improve the validation part and throw an exception if incorrect header or trailer is detected:

Exception in thread "main" java.lang.OutOfMemoryError: Java heap space
	at com.dd.plist.BinaryPropertyListParser.doParse(BinaryPropertyListParser.java:135)
	at com.dd.plist.BinaryPropertyListParser.parse(BinaryPropertyListParser.java:87)
	at com.dd.plist.BinaryPropertyListParser.parse(BinaryPropertyListParser.java:154)
	at com.dd.plist.BinaryPropertyListParser.parse(BinaryPropertyListParser.java:166)
	at PlistIssue.main(PlistIssue.java:10)

Code to produce:
BinaryPropertyListParser.parse(new File("sample.plist"));

Version used: 1.20

Sample file: sample.plist.zip

Thanks.

@3breadt
Copy link
Owner

3breadt commented Jun 14, 2018

Thank you for the report. The issue has been fixed and will be included in the next release.
The parse method will now throw a PropertyListFormatException if an invalid trailer is detected.

@3breadt 3breadt closed this as completed Jun 14, 2018
@igorrogov
Copy link
Author

Thanks a lot!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants