RFR: 8339711: ZipFile.Source.initCEN needlessly reads END header [v3]
Jaikiran Pai
jpai at openjdk.org
Mon Sep 30 09:33:39 UTC 2024
On Mon, 30 Sep 2024 09:27:11 GMT, Eirik Bjørsnøs <eirbjo at openjdk.org> wrote:
>> Please review this cleanup PR which makes `ZipFile.Source.initCEN` not include the 22-byte trailing`END` header when reading the `CEN` section of the ZIP file.
>>
>> The reading of the END header was probably brought over from native code with the transition to Java in JDK 9.
>>
>> In the current JDK, the END header is unused. This needlessly complicates multiple code paths accessing the array since they must account for the trailing END record when calculating the end of CEN position.
>>
>> Additionally, the enforcement of the maximum CEN size limit is currently off by one. It allows the construction of a byte array of size `Integer.MAX_VALUE - 1`, but this size is not supported by OpenJDK. Instead, the maximum CEN limit should be such that is does not exceed `Integer.MAX_VALUE - 2`.
>>
>> Testing:
>>
>> The `EndOfCenValidation` test is updated to test the rejection of a CEN of size `Integer.MAX_VALUE - 1` as the new minumum rejected CEN size.
>>
>> The `ZipFileOpen` benchmark seems neutral to this change.
>
> Eirik Bjørsnøs has updated the pull request incrementally with two additional commits since the last revision:
>
> - Update copyright year for CenSizeTooLarge
> - Delegate MAX_CEN_SIZE to existing internal constant ArraysSupport.SOFT_MAX_ARRAY_LENGTH
The latest changes in `45c9c6ef` look good to me. I haven't run our CI tests against the latest updates, so please wait for the tier1 testing to complete in GitHub actions, before integrating.
-------------
Marked as reviewed by jpai (Reviewer).
PR Review: https://git.openjdk.org/jdk/pull/20905#pullrequestreview-2336901227
More information about the core-libs-dev
mailing list