<div dir="ltr"><div dir="ltr"><br></div><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, Jan 28, 2023 at 5:29 PM Lance Andersen <<a href="mailto:lance.andersen@oracle.com">lance.andersen@oracle.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div style="overflow-wrap: break-word;">
I think it is fine to move the validation immediately following findEND() though I am not sure there is a big win overall.
<div><br>
</div>
<div>I also would prefer to see the test based off of an actual ZIP(or at least have the current/modified version of the test). I would prefer to avoid having another place where we have duplicate code creating a CEN et al as it is another maintenance
point. </div>
<div><br>
</div>
<div>One option is to look at, is to store a zip in a byte array and modify the cenlen offset(you would want to provide the steps that were used to create the zip/byte array, I can provide you a trivial example if interested) </div></div></blockquote><div><br></div><div>Thanks Lance! </div><div><br></div><div>This inspired me to update the PR with the following changes:</div><div><br></div><div>- Make "real" ZIP files using ZipOutputStream as suggested, avoiding duplicating ZIP format internals</div><div>- Put one entry in the ZIP files instead of being empty<br></div><div>- Surgically update the CEN size in the END record to the desired value</div><div>- Remove all code to create and test ZIP64 files. What we are testing here is rejection of certain CEN values, not how they are parsed</div><div><br></div><div>The test case for the "big but valid" ZIP is updated to detect that the CEN size is rejected for being invalid (but not too large). ZipFIle is updated accordingly to move the CEN size checking closer to the other tests (after the zero-entry-short-circuit test)</div><div><br></div><div>While the ZIPs are still not GB-huge, and they are still invalid, the test now at least asserts them as such.</div><div><br></div><div>What do you think of this update?</div><div><br></div><div>Eirik.</div><div><br></div><div><br></div><div><br></div><div><br></div></div></div>