RFR: 8313765: Invalid CEN header (invalid zip64 extra data field size) [v2]
Lance Andersen
lancea at openjdk.org
Mon Aug 14 18:25:22 UTC 2023
On Mon, 14 Aug 2023 18:03:20 GMT, Sergey Bylokhov <serb at openjdk.org> wrote:
>> Lance Andersen has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains three additional commits since the last revision:
>>
>> - Merge branch 'master' into extraHeaders-JDK-8313765
>> - Minor comment word smithing
>> - Fix for JDK-8313765
>
> src/jdk.zipfs/share/classes/jdk/nio/zipfs/ZipFileSystem.java line 3108:
>
>> 3106: break;
>> 3107: }
>> 3108: if (size == ZIP64_MINVAL) {
>
> Note that we always increase "pos" only in case of "_MINVAL". If the values of size and csize are correct/valid in the "body" of the zip file and only locoff is negative then we should skip two fields in the extra block and read the third one. Otherwise, we may read some random values and throw an exception.
I am not sure I (quite) understand your question completely..
How ZIpFS::readExtra has navigated these fields has not changed
If you have a tool that creates a zip/jar that demonstrates an issue that might need further examination, please provide a test case, the tool that created the zip/jar in question and open a new bug.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/15273#discussion_r1293821603
More information about the nio-dev
mailing list