RFR: 8280409: JarFile::verifiableEntry can fail with NPE accessing ze.getName()
Lance Andersen
lancea at openjdk.java.net
Fri Feb 4 14:01:48 UTC 2022
Hi all,
Please review the attached patch to address
- That JarFile::getInputStream did not check for a null ZipEntry passed as a parameter
- Have Zip/JarFile::getInputStream throw a ZipException in the event that an unexpected exception occurs
Mach5 tiers1-3 runs are clean as are the TCK java.util.zip and java.util.jar test runs
Best
Lance
-------------
Commit messages:
- Update copyright year
- Address Zip/JarFile::getInputStream Exception handling
Changes: https://git.openjdk.java.net/jdk/pull/7348/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=7348&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8280409
Stats: 1081 lines in 3 files changed: 1026 ins; 26 del; 29 mod
Patch: https://git.openjdk.java.net/jdk/pull/7348.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/7348/head:pull/7348
PR: https://git.openjdk.java.net/jdk/pull/7348
More information about the security-dev
mailing list