Code review request: 8021788: JarInputStream doesn't provide certificates for some file under META-INF

Weijun Wang at
Sun Aug 4 18:28:17 PDT 2013

Please take a look at

The problem is that the method treats no META-INF entry as normal. If we 
can be sure that MANIFEST.MF and signature-related files are always at 
the beginning, we can safely treat an entry normal when we have done 
with those.


More information about the security-dev mailing list