RFR: 8340553: ZipEntry field validation does not take into account the size of a CEN header [v10]
Jaikiran Pai
jpai at openjdk.org
Sun Oct 20 12:12:01 UTC 2024
On Sat, 19 Oct 2024 16:28:34 GMT, Lance Andersen <lancea at openjdk.org> wrote:
>> Please review the changes for [JDK-8340553](https://bugs.openjdk.org/browse/JDK-8340553), which is a follow-on to [JDK-8336025](https://bugs.openjdk.org/browse/JDK-8336025) which addresses that
>>
>> - ZipEntry(String)
>> - ZipEntry::setComment
>> - ZipEntry::setExtra
>>
>> currently validate that the max possiible field size is 0xFFFF(65535) instead of 0xFFD1(65489) not taking into account the size of the CEN header which is 46 bytes per the PKWare APP.NOTE 4.4.10, 4.4.11, & 4.4.12
>>
>> The CSR has been approved.
>> Mach5 tiers1-3 run clean as do the relevant JCK tests
>
> Lance Andersen has updated the pull request incrementally with one additional commit since the last revision:
>
> Added additional clarifiction to isCENHeaderValid comment
Marked as reviewed by jpai (Reviewer).
-------------
PR Review: https://git.openjdk.org/jdk/pull/21544#pullrequestreview-2380420089
More information about the core-libs-dev
mailing list