RFR: 8314891: Additional Zip64 extra header validation [v8]
Eirik Bjorsnos
duke at openjdk.org
Wed Nov 8 16:31:16 UTC 2023
On Mon, 23 Oct 2023 19:12:57 GMT, Lance Andersen <lancea at openjdk.org> wrote:
>> Please review this PR which improves the Zip64 extra header validation:
>>
>> - Throw a ZipException If the extra len field is 0 and :
>> -- size, csize, or loc offset are set to 0xFFFFFFFF
>> -- disk starting number is set to 0xFFFF
>>
>> - We have a valid size for the Zip64 extra header but we are missing the csize or loc fields if they are expected to be part of the header
>>
>> Mach5 tiers 1-3 are clean
>
> Lance Andersen has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains ten additional commits since the last revision:
>
> - Merge branch 'master' into JDK-8314891
> - Add missing space
> - Revamp isZip64ExtBlockSizeValid
> - Merge branch 'master' into JDK-8314891
> - Merge branch 'master' into JDK-8314891
> - Remove tab(s) from comment
> - Added additional tests, along with additional cleanup and refactoring
> - Clean up some minor formatting issues
> - Additional Zip64 extra header validation
@LanceAndersen
I noticed that this PR did not update `ZipInputStream.readLOC` to perform consistency validation between expected and actual extra field size and values. Any particular reason why processing of LOC headers was not made consistent with CEN?
-------------
PR Comment: https://git.openjdk.org/jdk/pull/15650#issuecomment-1802241544
More information about the nio-dev
mailing list