RFR: 8336025: Improve ZipOutputSream validation of MAX CEN Header field limits [v2]
Alan Bateman
alanb at openjdk.org
Mon Sep 16 18:50:05 UTC 2024
On Mon, 16 Sep 2024 18:22:18 GMT, Lance Andersen <lancea at openjdk.org> wrote:
>> src/java.base/share/classes/java/util/zip/ZipEntry.java line 44:
>>
>>> 42: * entry comment and {@linkplain #CENHDR CEN Header size}, must not
>>> 43: * exceed 65,535 bytes. If it does, {@linkplain ZipOutputStream} will
>>> 44: * throw a {@linkplain ZipException} when writing the ZIP file entry.
>>
>> This looks a little out of place in ZipEntry's class description, does ZOS.putNextEntry throw or is it just finish and close?
>
> Short answer. finish() which calls writeCEN, will throw for the above.
>
> As the entry comment, is only part of the CEN, I wanted to keep the encoding in writeCEN as there is no reason to do it earlier.
I looks very out of place when reading ZipEntry's class description. I think we'll have to move to the places where the exception is thrown.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21003#discussion_r1761684317
More information about the core-libs-dev
mailing list