On Thu, 23 Dec 2021 10:55:08 GMT, Masanori Yano <my...@openjdk.org> wrote:
> Could you please review the JDK-8272746 bug fixes?
> Since the array index is of type int, the overflow occurs when the value of
> end.cenlen is too large because of too many entries.
> It is necessary to read a part of the CEN from the file to fix the problem
> fundamentally, but the way will require an extensive fix and degrade
> performance.
> In practical terms, the size of the central directory rarely grows that
> large. So, I fixed it to check the size of the central directory and throw an
> exception if it is too large.
src/java.base/share/classes/java/util/zip/ZipFile.java line 1501:
> 1499: // read in the CEN and END
> 1500: if (end.cenlen + ENDHDR >= Integer.MAX_VALUE) {
> 1501: zerror("invalid END header (too large central
> directory size)");
This check looks correct. It might be a bit clearer to say that "central
directory size too large" rather than "too large central directory size".
The bug report says that JDK 8 and the native zip handle these zip files, were
you able to check that?
-------------
PR: https://git.openjdk.java.net/jdk/pull/6927
