RFR: 8336025: Improve ZipOutputSream validation of MAX CEN Header field limits [v2]
Alan Bateman
alanb at openjdk.org
Mon Sep 16 18:22:07 UTC 2024
On Mon, 16 Sep 2024 18:12:32 GMT, Lance Andersen <lancea at openjdk.org> wrote:
>> src/java.base/share/classes/java/util/zip/ZipOutputStream.java line 409:
>>
>>> 407: * A ZipException will be thrown if the combined length of the entry name,
>>> 408: * the extra field data, the entry comment and {@linkplain #CENHDR CEN Header size},
>>> 409: * exceeds 65,535 bytes.
>>
>> Is this missing text to say that close may write as part of closing?
>
> ZipOutputStream::close() calls DeflaterOutputStream::close() will in turn will call ZipOutputStream::finish()
>
> I could remove the above and just leave the verbiage in ZipOutputStream::finish(), I only added it to close as I didn't think it was obvious that close resulted in a call to finish.
>
> I do not have a strong preference or do you have an alterantive suggestion?
I think having ZOS.close say that it finishes writing the contents of the ZIP output stream and closes it, would make the API docs easier to read. If you do then no need for close to talk about the ZipException.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21003#discussion_r1761641300
More information about the core-libs-dev
mailing list