On Tue, 5 Dec 2023 15:58:14 GMT, Eirik Bjorsnos <d...@openjdk.org> wrote:
> Please review this PR which suggests we retire the ZIP test > `NoExtensionSignature` along with its `test.jar` test vector. > > The concern of a missing data descriptor signature is covered by the recently > updated `DataDescriptorSignatureMissing` test. That test is more complete, > includes more documentation and uses a programmatically generated test vector. > > One might argue that 'more tests are always better', but in this case I think > the 21 year old `NoExtensionSignature` test with its binary test vector is > nebulous and requires extensive analysis to understand, more so to update. I > think it does not carry its weight and should be retired. > > Careful analysis of the deleted `test.jar` test vector revealed that it > contains a local header with non-zero `compressed size` and `uncompressed > size` fields for a streaming-mode entry. `APPNOTE.TXT` mandates that when bit > 3 of the general purpose bit flag is set, then these fields and the `crc` > field should all be set to zero. > > By injecting assertions into `ZipInputStream.readLOC` I was able to determine > that `NoExtensionSignature` is the only test currently parsing a ZIP file > with such non-zero fields in streaming mode. > > Because of this, and out of caution, this PR introduces a new test > `DataDescriptorIgnoreCrcAndSizeFields` which explicitly verifies that > `ZipInputStream` does not read any non-zero `crc`, `compressed size` and > `uncompressed size` field values from a local header when in streaming mode. > `ZipInputStream` should ignore these values and it would be good to have a > test which asserts that this invariant holds even when the fields are > non-zero. For completeness, here is a trace of the deleted `test.zip`: ------ Local File Header ------ 000000 signature 0x04034b50 000004 version 20 000006 flags 0x0008 000008 method 8 Deflated 000010 time 0x9a45 19:18:10 000012 date 0x2c47 2002-02-07 000014 crc 0x00000000 000018 csize 2 000022 size 2 000026 nlen 8 000028 elen 0 000030 name 8 bytes 'test.txt' ------ File Data ------ 000038 data 4 bytes ------ Data Descriptor ------ 000042 crc 0xd8932aac 000046 csize 4 000050 size 2 ------ Central Directory File Header ------ 000054 signature 0x02014b50 000058 made by version 788 000060 extract version 20 000062 flags 0x0008 000064 method 8 Deflated 000066 time 0x9a45 19:18:10 000068 date 0x2c47 2002-02-07 000070 crc 0xd8932aac 000074 csize 4 000078 size 2 000082 diskstart 0 000084 nlen 8 000086 elen 0 000088 clen 0 000090 iattr 0x00 000092 eattr 0x81b60000 000096 loc offset 0 000100 name 8 bytes 'test.txt' ------ End of Central Directory ------ 000108 signature 0x06054b50 000112 this disk 0 000114 cen disk 0 000116 entries disk 1 000118 entries total 1 000120 cen size 54 000124 cen offset 54 000128 clen 0 ------------- PR Comment: https://git.openjdk.org/jdk/pull/16975#issuecomment-1845780545
