RFR: 8303866: Allow ZipInputStream.readEnd to parse small Zip64 ZIP files [v4]

Eirik Bjorsnos duke at openjdk.org
Wed Nov 8 13:20:33 UTC 2023 

> ZipInputStream.readEnd currently assumes a Zip64 data descriptor if the number of compressed or uncompressed bytes read from the inflater is larger than the Zip64 magic value.
> 
> While the ZIP format  mandates that the data descriptor `SHOULD be stored in ZIP64 format (as 8 byte values) when a file's size exceeds 0xFFFFFFFF`, it also states that `ZIP64 format MAY be used regardless of the size of a file`. For such small entries, the above assumption does not hold.
> 
> This PR augments ZipInputStream.readEnd to also assume 8-byte sizes if the ZipEntry includes a Zip64 extra information field. This brings ZipInputStream into alignment with the APPNOTE format spec:
> 
> 
> When extracting, if the zip64 extended information extra 
> field is present for the file the compressed and 
> uncompressed sizes will be 8 byte values.
> 
> 
> While small Zip64 files with 8-byte data descriptors are not commonly found in the wild, it is possible to create one using the Info-ZIP command line `-fd` flag:
> 
> `echo hello | zip -fd > hello.zip`
> 
> The PR also adds a test verifying that such a small Zip64 file can be parsed by ZipInputStream.

Eirik Bjorsnos has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 25 commits:

 - Convert test from testNG to JUnit
 - Fix the check that the size of an extra field block size must not grow past the total extra field length
 - Move isZip64ExtBlockSizeValid back into ZipInputStream, since it is different from the ZipFile implementation which reads the LOC
 - Merge branch 'master' into data-descriptor
   
   # Conflicts:
   #	src/java.base/share/classes/java/util/zip/ZipFile.java
 - Remove excessive comment
 - Move isZip64ExtBlockSizeValid to ZipUtils, use it from ZipInputStream and ZipFile.Source
 - Merge branch 'master' into data-descriptor
 - Use block comments instead of javadoc comments to avoid doclint warnings
 - Merge branch 'master' into data-descriptor
 - Zip64 extra field of a LOC header has 1-3 long components
 - ... and 15 more: https://git.openjdk.org/jdk/compare/1e687b45...657f961e

-------------

Changes: https://git.openjdk.org/jdk/pull/12524/files
 Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=12524&range=03
  Stats: 229 lines in 2 files changed: 228 ins; 0 del; 1 mod
  Patch: https://git.openjdk.org/jdk/pull/12524.diff
  Fetch: git fetch https://git.openjdk.org/jdk.git pull/12524/head:pull/12524

PR: https://git.openjdk.org/jdk/pull/12524

More information about the core-libs-dev mailing list