RFR: 8316141: Improve CEN header validation checking
Eirik Bjorsnos
duke at openjdk.org
Fri Dec 1 10:43:04 UTC 2023
On Wed, 8 Nov 2023 19:59:34 GMT, Lance Andersen <lancea at openjdk.org> wrote:
> Please review this PR which enhances the existing CEN header validation checking to ensure that the
> size of the CEN Header + name length + comment length + extra length do not exceed 65,535 bytes per the PKWare APP.NOTE 4.4.10, 4.4.11, & 4.4.12. Also check that current CEN header will not exceed the length of the CEN array.
>
> Mach 5 tiers 1-3 are clean with this change.
While investigating an unrelated issue, I noticed that Android's `zipalign` tool processes zip files and injects data into the extra field to make the beginning of the file data be word-aligned or page-aligned:
-------------
PR Comment: https://git.openjdk.org/jdk/pull/16570#issuecomment-1835864018
More information about the core-libs-dev
mailing list