RFR: 8341625: Improve ZipFile validation of the END header [v2]
Lance Andersen
lancea at openjdk.org
Mon Oct 7 20:02:35 UTC 2024
On Mon, 7 Oct 2024 19:54:15 GMT, Eirik Bjørsnøs <eirbjo at openjdk.org> wrote:
>> Please review this PR which adds validation of the 'total entries' value when fetched from the 'ZIP64 End of Central Directory' header.
>>
>> We should reject this value under the following conditions:
>>
>> 1. It is too large to fit within the specified CEN size (considering each CEN header encodes as at least 46 bytes each)
>> 2. It is too large to create the `int[] entries` array safely (max value is `ArraysSupport.SOFT_MAX_ARRAY_LENGTH / 3`)
>>
>> I claim that condition 2 here is already implicitly validated by the current maximum CEN size validation. (A CEN encoding such a large number of entries would exceed the maximum CEN size a lot and would already be rejected)
>>
>> This change aims to protect the integrity of the implementation against specially crafted ZIP files. No sane ZIP tool will produce such files.
>>
>> Testing:
>>
>> This PR adds a test `EndOfCenValidation.shouldRejectBadTotalEntries` which exercises the first condition above.
>>
>> ZIP tests run locally. GHA results pending.
>
> Eirik Bjørsnøs has updated the pull request incrementally with two additional commits since the last revision:
>
> - Remove trailing whitespace
> - Use a ZIP64 test vector which may be reproduced using InfoZIP
Marked as reviewed by lancea (Reviewer).
-------------
PR Review: https://git.openjdk.org/jdk/pull/21384#pullrequestreview-2352826338
More information about the core-libs-dev
mailing list