On Thu, 23 Dec 2021 10:55:08 GMT, Masanori Yano <my...@openjdk.org> wrote:
> Could you please review the JDK-8272746 bug fixes? > Since the array index is of type int, the overflow occurs when the value of > end.cenlen is too large because of too many entries. > It is necessary to read a part of the CEN from the file to fix the problem > fundamentally, but the way will require an extensive fix and degrade > performance. > In practical terms, the size of the central directory rarely grows that > large. So, I fixed it to check the size of the central directory and throw an > exception if it is too large. src/java.base/share/classes/java/util/zip/ZipFile.java line 1501: > 1499: // read in the CEN and END > 1500: if (end.cenlen + ENDHDR >= Integer.MAX_VALUE) { > 1501: zerror("invalid END header (too large central > directory size)"); This check looks correct. It might be a bit clearer to say that "central directory size too large" rather than "too large central directory size". The bug report says that JDK 8 and the native zip handle these zip files, were you able to check that? ------------- PR: https://git.openjdk.java.net/jdk/pull/6927