RFR: 8215788: Clarify JarInputStream Manifest access

Weijun Wang weijun at openjdk.org
Tue Sep 13 20:48:11 UTC 2022


On Fri, 26 Aug 2022 15:48:55 GMT, Lance Andersen <lancea at openjdk.org> wrote:

> Please review this PR which updates  the JarInputStream class description to clarify when the Manifest is accessible via JarInputStream::getManifest and JarInputStream::get[Jar]Entry.
> 
> It is worth noting that with this update, we are finally documenting  behavior that dates back to when this class was added to JDK 1.2
> 
> 
> Best,
> Lance

Mostly good. Some small comments.

BTW, there are still a lot of `linkplain`. I'm not sure how javadoc are written for core-libs, but my experience on security-libs is that it's only used when the text is — er — plaintext that's neither a class name nor a method name.

src/java.base/share/classes/java/util/jar/JarInputStream.java line 36:

> 34:  * The {@code JarInputStream} class, which extends {@linkplain ZipInputStream},
> 35:  * is used to read the contents of a JAR file from an input stream.
> 36:  * It provides support for reading an optional {@linkplain JarFile#MANIFEST_NAME Manifest}

`Manifest` above is the same as the one below. If the one below is in fixed-width, so should be the one above.

src/java.base/share/classes/java/util/jar/JarInputStream.java line 67:

> 65:  *      </li>
> 66:  *      <li>
> 67:  *         All signature-related entries must immediately follow the {@code Manifest}

No need to say `must`. This is is one of the requirements.

src/java.base/share/classes/java/util/jar/JarInputStream.java line 78:

> 76:  * <b>Note:</b>If a {@code JarEntry} is modified after the Jar file is signed,
> 77:  * a {@linkplain SecurityException} will be thrown when an attempt is made to
> 78:  * read the entry.

Not sure if the the `an attempt` word is precise. The exception is only thrown when the last byte is read.

-------------

PR: https://git.openjdk.org/jdk/pull/10045


More information about the core-libs-dev mailing list