RFR: 8321156: Improve the handling of invalid UTF-8 byte sequences for ZipInputStream::getNextEntry and ZipFile::getComment
Lance Andersen
lancea at openjdk.org
Sat Feb 24 19:12:56 UTC 2024
On Sat, 24 Feb 2024 17:15:02 GMT, Eirik Bjørsnøs <eirbjo at openjdk.org> wrote:
> Since the CSR is already approved, I'll add a question here:
>
> `ZipFile` performs a lot of validation while opening ZIP files, including throwning ZipException for invalid entry names or comments. Why handle the ZIP file comment differently (lazily)? If this comment was also validated by the constructor, then the API change for ZipFile::getComment would not be needed.
>
> Do we have reason to belive the encoding quality of ZIP file comments is less reliable than that of ZIP entry comments? Or is there some other reason this validation is done lazily?
Yes, there are some libraries/tools that are using the Zip file comment for its own purposes such as idea_rt.jar which is part of IntelliJ.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/17995#issuecomment-1962571347
More information about the core-libs-dev
mailing list