Code review request: 8021788: JarInputStream doesn't provide certificates for some file under META-INF
Weijun Wang
weijun.wang at oracle.com
Mon Aug 5 01:28:17 UTC 2013
Please take a look at
http://cr.openjdk.java.net/~weijun/8021788/webrev.00/
The problem is that the method treats no META-INF entry as normal. If we
can be sure that MANIFEST.MF and signature-related files are always at
the beginning, we can safely treat an entry normal when we have done
with those.
Thanks
Max
More information about the security-dev
mailing list