Re: RFR: 8321802: (zipfs) Add validation of incorrect LOC signature in ZipFileSystem [v2]
On Tue, 12 Dec 2023 11:59:36 GMT, Eirik Bjorsnos wrote: >> Please review this PR which adds validation of incorrect LOC signatures in >> `ZipFileSystem`. >> >> `ZipFile` already rejects the case where the offset pointed to from the CEN >> header does not start with the expected LOC signature. It makes sense to add >> this check to `ZipFileSystem` as well. > > Eirik Bjorsnos has updated the pull request incrementally with one additional > commit since the last revision: > > Use uppercase LOC in ZipException messages Marked as reviewed by alanb (Reviewer). - PR Review: https://git.openjdk.org/jdk/pull/17059#pullrequestreview-1785407026
Re: RFR: 8321802: (zipfs) Add validation of incorrect LOC signature in ZipFileSystem [v2]
On Tue, 12 Dec 2023 11:59:36 GMT, Eirik Bjorsnos wrote: >> Please review this PR which adds validation of incorrect LOC signatures in >> `ZipFileSystem`. >> >> `ZipFile` already rejects the case where the offset pointed to from the CEN >> header does not start with the expected LOC signature. It makes sense to add >> this check to `ZipFileSystem` as well. > > Eirik Bjorsnos has updated the pull request incrementally with one additional > commit since the last revision: > > Use uppercase LOC in ZipException messages Marked as reviewed by lancea (Reviewer). - PR Review: https://git.openjdk.org/jdk/pull/17059#pullrequestreview-1777315017
Re: RFR: 8321802: (zipfs) Add validation of incorrect LOC signature in ZipFileSystem [v2]
On Tue, 12 Dec 2023 11:47:35 GMT, Lance Andersen wrote:
>> Eirik Bjorsnos has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Use uppercase LOC in ZipException messages
>
> src/jdk.zipfs/share/classes/jdk/nio/zipfs/ZipFileSystem.java line 2579:
>
>> 2577: }
>> 2578: if (LOCSIG(buf) != LOCSIG) {
>> 2579: throw new ZipException("invalid loc header (bad
>> signature)");
>
> Please change loc -> LOC
Fixed, including the ZipException for the preceding read check.
-
PR Review Comment: https://git.openjdk.org/jdk/pull/17059#discussion_r1423888116
Re: RFR: 8321802: (zipfs) Add validation of incorrect LOC signature in ZipFileSystem [v2]
> Please review this PR which adds validation of incorrect LOC signatures in > `ZipFileSystem`. > > `ZipFile` already rejects the case where the offset pointed to from the CEN > header does not start with the expected LOC signature. It makes sense to add > this check to `ZipFileSystem` as well. Eirik Bjorsnos has updated the pull request incrementally with one additional commit since the last revision: Use uppercase LOC in ZipException messages - Changes: - all: https://git.openjdk.org/jdk/pull/17059/files - new: https://git.openjdk.org/jdk/pull/17059/files/bd18ce34..c7ca450e Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk=17059=01 - incr: https://webrevs.openjdk.org/?repo=jdk=17059=00-01 Stats: 2 lines in 1 file changed: 0 ins; 0 del; 2 mod Patch: https://git.openjdk.org/jdk/pull/17059.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/17059/head:pull/17059 PR: https://git.openjdk.org/jdk/pull/17059
Re: RFR: 8321802: (zipfs) Add validation of incorrect LOC signature in ZipFileSystem
On Mon, 11 Dec 2023 15:38:28 GMT, Eirik Bjorsnos wrote:
> Please review this PR which adds validation of incorrect LOC signatures in
> `ZipFileSystem`.
>
> `ZipFile` already rejects the case where the offset pointed to from the CEN
> header does not start with the expected LOC signature. It makes sense to add
> this check to `ZipFileSystem` as well.
src/jdk.zipfs/share/classes/jdk/nio/zipfs/ZipFileSystem.java line 2579:
> 2577: }
> 2578: if (LOCSIG(buf) != LOCSIG) {
> 2579: throw new ZipException("invalid loc header (bad
> signature)");
Please change loc -> LOC
-
PR Review Comment: https://git.openjdk.org/jdk/pull/17059#discussion_r1423879142
RFR: 8321802: (zipfs) Add validation of incorrect LOC signature in ZipFileSystem
Please review this PR which adds validation of incorrect LOC signatures in `ZipFileSystem`. `ZipFile` already rejects the case where the offset pointed to from the CEN header does not start with the expected LOC signature. It makes sense to add this check to `ZipFileSystem` as well. - Commit messages: - Vaidate that LOC offset pointed to from the CEN actually starts with the expected LOC signature Changes: https://git.openjdk.org/jdk/pull/17059/files Webrev: https://webrevs.openjdk.org/?repo=jdk=17059=00 Issue: https://bugs.openjdk.org/browse/JDK-8321802 Stats: 14 lines in 2 files changed: 13 ins; 0 del; 1 mod Patch: https://git.openjdk.org/jdk/pull/17059.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/17059/head:pull/17059 PR: https://git.openjdk.org/jdk/pull/17059
Re: RFR: 8321802: (zipfs) Add validation of incorrect LOC signature in ZipFileSystem
On Mon, 11 Dec 2023 15:38:28 GMT, Eirik Bjorsnos wrote: > Please review this PR which adds validation of incorrect LOC signatures in > `ZipFileSystem`. > > `ZipFile` already rejects the case where the offset pointed to from the CEN > header does not start with the expected LOC signature. It makes sense to add > this check to `ZipFileSystem` as well. Marked as reviewed by alanb (Reviewer). - PR Review: https://git.openjdk.org/jdk/pull/17059#pullrequestreview-1776849857
