On Mon, 8 Jan 2024 15:04:58 GMT, Jaikiran Pai <j...@openjdk.org> wrote:
>> Eirik Bjørsnøs has updated the pull request with a new target base due to a >> merge or a rebase. The pull request now contains 33 commits: >> >> - Merge branch 'master' into data-descriptor >> - Extract ZIP64_BLOCK_SIZE_OFFSET as a constant >> - A Zip64 extra field used in a LOC header must include both the >> uncompressed and compressed size fields, and does not include local header >> offset or disk start number fields. Conequently, a valid LOC Zip64 block >> must always be 16 bytes long. >> - Document better the zip command and options used to generate the test >> vector ZIP >> - Fix spelling of "presence" >> - Add a @bug reference in the test >> - Use the term "block size" when referring to the size of a Zip64 extra >> field data block >> - Update comment reflect that a Zip64 extended field in a LOC header has >> only two valid block sizes >> - Convert test from testNG to JUnit >> - Fix the check that the size of an extra field block size must not grow >> past the total extra field length >> - ... and 23 more: https://git.openjdk.org/jdk/compare/e2042421...ddff130f > > src/java.base/share/classes/java/util/zip/ZipInputStream.java line 654: > >> 652: * data contained no Zip64 field. >> 653: */ >> 654: private boolean hasZip64Extra(ZipEntry e) throws IOException { > > Given what this method does, I think it shouldn't throw an IOException (or > any other exception for that matter), should strictly return true or false. I > haven't imported this code locally, but as far as I can see in its > implementation, there doesn't seem to be anything that throws a checked > IOException, so perhaps this throws is already redundant? Fixed. > The private `hasMagic` method in `java.util.jar.JarOutputStream` has an > example where we catch the `ArrayIndexOutOfBoundsException` when dealing with > the extra data, we should do similar here and return `false`. I've updated for loop to verify that there is always at least 4 bytes available to read the two short fields, so now a `ArrayIndexOutOfBoundsException` should no longer be possible. I also extended the test in the PR to cover a case where the LOC extra field ends with a truncated extra field (just the two-byte tag) to cover this case. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/12524#discussion_r1446275924 PR Review Comment: https://git.openjdk.org/jdk/pull/12524#discussion_r1446278827
