RFR: 8280409: JarFile::verifiableEntry can fail with NPE accessing ze.getName()
Lance Andersen
lancea at openjdk.java.net
Fri Feb 4 16:10:11 UTC 2022
On Fri, 4 Feb 2022 15:55:33 GMT, Sean Mullan <mullan at openjdk.org> wrote:
> Could these unexpected exceptions also occur when using the `JarInputStream` API?
It's a different code path as Zip/JarFile leverage the CEN where Zip/JarInputStream leverage the LOC. I can give it a go and if there is an issue will create a separate issue
-------------
PR: https://git.openjdk.java.net/jdk/pull/7348
More information about the security-dev
mailing list