Code review request: 8021788: JarInputStream doesn't provide certificates for some file under META-INF
Chris Hegarty
chris.hegarty at oracle.com
Tue Aug 6 10:20:26 UTC 2013
This looks ok to me Max, but I think it would be good to get a second
review on this too.
-Chris.
On 05/08/2013 02:28, Weijun Wang wrote:
> Please take a look at
>
> http://cr.openjdk.java.net/~weijun/8021788/webrev.00/
>
> The problem is that the method treats no META-INF entry as normal. If we
> can be sure that MANIFEST.MF and signature-related files are always at
> the beginning, we can safely treat an entry normal when we have done
> with those.
>
> Thanks
> Max
More information about the security-dev
mailing list