Amichai Rothman created ARIES-2124:
--------------------------------------
Summary: Embedded jar file is corrupt
Key: ARIES-2124
URL: https://issues.apache.org/jira/browse/ARIES-2124
Project: Aries
Issue Type: Bug
Components: jax-rs-whiteboard
Affects Versions: jax-rs-whiteboard-2.0.2
Reporter: Amichai Rothman
The aries-jax-rs-whiteboard karaf feature requires the bundle
mvn:org.apache.aries.spec/org.apache.aries.javax.jax.rs-api/1.0.1. This bundle,
in turn, contains an embedded jar and Bundle-ClassPath =
.,lib/geronimo-osgi-locator.jar.
This embedded jar is corrupt:
{quote}
$ unzip -t lib/geronimo-osgi-locator.jar
Archive: lib/geronimo-osgi-locator.jar
testing: META-INF/ OK
testing: META-INF/MANIFEST.MF bad extra-field entry:
EF block length (61373 bytes) exceeds remaining EF data (4 bytes)
$jar tf lib/geronimo-osgi-locator.jar
java.util.zip.ZipException: Invalid CEN header (invalid zip64 extra data field
size)
at java.base/java.util.zip.ZipFile$Source.zerror(ZipFile.java:1736)
{quote}
Even worse, other mechanisms that scan for resources within bundles balk at
this (with the same ZipException) when scanning this bundle even if they have
nothing to do with the jaxrs whiteboard. So this issue also breaks various
unrelated application components.
Note that the ZipFile exception may be related to changes in the JDK (11.0.20?)
that added stricter validity checks on zip files, however even after and
additional fix in JDK-8313765, using 11.0.20.1, this still occurs - presumably
because the file is truly corrupt (as shown by the unzip/jar tools).
btw I couldn't find where the source for org.apache.aries.javax.jax.rs-api is,
and maven central has a few newer releases up to 1.0.4, but all contain the
same embedded corrupt jar. Further, I'm not sure where the corrupt
geronimo-osgi-locator.jar came from. Maven central has a
geronimo-osgi-locator-1.0.jar and a geronimo-osgi-locator-1.1.jar, neither of
which are corrupt.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
