This PR updates the extra field validation added as part of [JDK-8302483](https://bugs.openjdk.org/browse/JDK-8302483) to deal with issues seen with 3rd party tools/libraries where a ZipException may be encountered when opening select APK, ZIP or JAR files. Please see refer to the links provided at the end the description for the more information ::
> ZipException: Invalid CEN header (invalid zip64 extra data field size) 1. Extra field includes padding : ----------------#1-------------------- [Central Directory Header] 0x3374: Signature : 0x02014b50 0x3378: Created Zip Spec : 0xa [1.0] 0x3379: Created OS : 0x0 [MS-DOS] 0x337a: VerMadeby : 0xa [0, 1.0] 0x337b: VerExtract : 0xa [1.0] 0x337c: Flag : 0x800 0x337e: Method : 0x0 [STORED] 0x3380: Last Mod Time : 0x385ca437 [Thu Feb 28 20:33:46 EST 2008] 0x3384: CRC : 0x694c6952 0x3388: Compressed Size : 0x624 0x338c: Uncompressed Size: 0x624 0x3390: Name Length : 0x1b 0x3392: Extra Length : 0x7 [tag=0xcafe, sz=0, data= ] ->[tag=cafe, size=0] 0x3394: Comment Length : 0x0 0x3396: Disk Start : 0x0 0x3398: Attrs : 0x0 0x339a: AttrsEx : 0x0 0x339e: Loc Header Offset: 0x0 0x33a2: File Name : res/drawable/size_48x48.jpg The extra field tag of `0xcafe` has its data size set to `0`. and the extra length is `7`. It is expected that you can use the tag's data size to traverse the extra fields. 2. The [BND tool](https://github.com/bndtools/bnd) added [problematic data to the extra field](https://issues.apache.org/jira/browse/FELIX-6622): ----------------#359-------------------- [Central Directory Header] 0x600b4: Signature : 0x02014b50 0x600b8: Created Zip Spec : 0x14 [2.0] 0x600b9: Created OS : 0x0 [MS-DOS] 0x600ba: VerMadeby : 0x14 [0, 2.0] 0x600bb: VerExtract : 0x14 [2.0] 0x600bc: Flag : 0x808 0x600be: Method : 0x8 [DEFLATED] 0x600c0: Last Mod Time : 0x2e418983 [Sat Feb 01 17:12:06 EST 2003] 0x600c4: CRC : 0xd8f689cb 0x600c8: Compressed Size : 0x23e 0x600cc: Uncompressed Size: 0x392 0x600d0: Name Length : 0x20 0x600d2: Extra Length : 0x8 [tag=0xbfef, sz=61373, data= 0x600d4: Comment Length : 0x0 0x600d6: Disk Start : 0x0 0x600d8: Attrs : 0x0 0x600da: AttrsEx : 0x0 0x600de: Loc Header Offset: 0x4f2fe 0x600e2: File Name : net/n3/nanoxml/CDATAReader.class In the above example, the extra length is `0x8` and the tag size is `61373` which exceeds the extra length. zip -T would also report an error: > zip -T foo.jar > net/n3/nanoxml/CDATAReader.class bad extra-field entry: > EF block length (61373 bytes) exceeds remaining EF data (4 bytes) > test of foo.jar FAILED 3. Some releases of Ant and commons-compress create CEN Zip64 extra headers with a size of 0 when Zip64 mode is required : ----------------#63-------------------- [Central Directory Header] 0x2fded9: Signature : 0x02014b50 0x2fdedd: Created Zip Spec : 0x2d [4.5] 0x2fdede: Created OS : 0x3 [UNIX] 0x2fdedf: VerMadeby : 0x32d [3, 4.5] 0x2fdee0: VerExtract : 0x2d [4.5] 0x2fdee1: Flag : 0x800 0x2fdee3: Method : 0x8 [DEFLATED] 0x2fdee5: Last Mod Time : 0x43516617 [Thu Oct 17 12:48:46 EDT 2013] 0x2fdee9: CRC : 0x0 0x2fdeed: Compressed Size : 0x2 0x2fdef1: Uncompressed Size: 0x0 0x2fdef5: Name Length : 0x22 0x2fdef7: Extra Length : 0x4 [tag=0x0001, sz=0, data= ] ->ZIP64: 0x2fdef9: Comment Length : 0x0 0x2fdefb: Disk Start : 0x0 0x2fdefd: Attrs : 0x0 0x2fdeff: AttrsEx : 0x81a40000 0x2fdf03: Loc Header Offset: 0x1440 0x2fdf07: File Name : .xdk_version_12.1.0.2.0_production [Local File Header] 0x1440: Signature : 0x04034b50 0x1444: Version : 0x2d [4.5] 0x1446: Flag : 0x800 0x1448: Method : 0x8 [DEFLATED] 0x144a: LastMTime : 0x43516617 [Thu Oct 17 12:48:46 EDT 2013] 0x144e: CRC : 0x0 0x1452: CSize : 0xffffffff 0x1456: Size : 0xffffffff 0x145a: Name Length : 0x22 [.xdk_version_12.1.0.2.0_production] 0x145c: ExtraLength : 0x14 [tag=0x0001, sz=16, data= 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 ] ->ZIP64: size *0x0 csize *0x2 *0x2d04034b500003 0x145e: File Name : [.xdk_version_12.1.0.2.0_production] Notice the CEN Extra length differs for the same tag in the LOC. As we are validating the Zip64 extra fields, we are not expecting the data size to be 0. Mach5 tiers 1-6 and the relevant JCK tests continue to pass with the above changes. The following 3rd party tools have (or have pending) fixes to address the issues highlighted above: - Apache Commons-compress fix for [Empty CEN Zip64 Extra Headers](https://github.com/apache/commons-compress/pull/10) fixed in [Commons-compress ](https://commons.apache.org/proper/commons-compress/changes-report.html#a1.11)[1.11](https://commons.apache.org/proper/commons-compress/changes-report.html#a1.11) (2016) - Ant fix for Empty [CEN Zip64 Extra Headers in process ](https://bz.apache.org/bugzilla/show_bug.cgi?id=66873) will be available in Ant 1.10.14 once it goes GA. - BND issue with writing invalid [Extra Headers](https://issues.apache.org/jira/browse/FELIX-6622) and is fixed in[ BND 5.3](https://github.com/bndtools/bnd/issues/4507) (2021) - The [maven-bundle-plugin 5.1.5](https://felix.apache.org/documentation/_attachments/components/bundle-plugin/index.html) includes the BND 5.3 patch. ------------- Commit messages: - Minor comment word smithing - Fix for JDK-8313765 Changes: https://git.openjdk.org/jdk/pull/15273/files Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=15273&range=00 Issue: https://bugs.openjdk.org/browse/JDK-8313765 Stats: 696 lines in 4 files changed: 676 ins; 4 del; 16 mod Patch: https://git.openjdk.org/jdk/pull/15273.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/15273/head:pull/15273 PR: https://git.openjdk.org/jdk/pull/15273