Skip to content

Commit

Permalink
Merge pull request #694 from keithc-ca/v0.40.1
Browse files Browse the repository at this point in the history
Merge latest changes from jdk-11.0.20.1+1
  • Loading branch information
pshipton authored Aug 24, 2023
2 parents f53b132 + bc56168 commit 0880e8d
Show file tree
Hide file tree
Showing 7 changed files with 1,004 additions and 18 deletions.
2 changes: 1 addition & 1 deletion .jcheck/conf
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
[general]
project=jdk-updates
jbs=JDK
version=11.0.20
version=11.0.20.1

[checks]
error=author,committer,reviewers,merge,issues,executable,symlink,message,hg-tag,whitespace
Expand Down
2 changes: 1 addition & 1 deletion closed/openjdk-tag.gmk
Original file line number Diff line number Diff line change
@@ -1 +1 @@
OPENJDK_TAG := jdk-11.0.20+8
OPENJDK_TAG := jdk-11.0.20.1+1
4 changes: 2 additions & 2 deletions make/autoconf/version-numbers
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,11 @@
DEFAULT_VERSION_FEATURE=11
DEFAULT_VERSION_INTERIM=0
DEFAULT_VERSION_UPDATE=20
DEFAULT_VERSION_PATCH=0
DEFAULT_VERSION_PATCH=1
DEFAULT_VERSION_EXTRA1=0
DEFAULT_VERSION_EXTRA2=0
DEFAULT_VERSION_EXTRA3=0
DEFAULT_VERSION_DATE=2023-07-18
DEFAULT_VERSION_DATE=2023-08-24
DEFAULT_VERSION_CLASSFILE_MAJOR=55 # "`$EXPR $DEFAULT_VERSION_FEATURE + 44`"
DEFAULT_VERSION_CLASSFILE_MINOR=0
DEFAULT_ACCEPTABLE_BOOT_VERSIONS="10 11"
Expand Down
53 changes: 43 additions & 10 deletions src/java.base/share/classes/java/util/zip/ZipFile.java
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@
import jdk.internal.ref.CleanerFactory;
import jdk.internal.vm.annotation.Stable;
import sun.nio.cs.UTF_8;
import sun.security.action.GetBooleanAction;
import sun.security.action.GetPropertyAction;
import java.security.AccessController;

import static java.util.zip.ZipConstants64.*;
Expand Down Expand Up @@ -120,12 +120,12 @@ class ZipFile implements ZipConstants, Closeable {
public static final int OPEN_READ = 0x1;

/**
* Flag which specifies whether the validation of the Zip64 extra
* fields should be disabled
* Flag to specify whether the Extra ZIP64 validation should be
* disabled.
*/
private static final boolean disableZip64ExtraFieldValidation =
AccessController.doPrivileged
(new GetBooleanAction("jdk.util.zip.disableZip64ExtraFieldValidation"));
private static final boolean DISABLE_ZIP64_EXTRA_VALIDATION =
getDisableZip64ExtraFieldValidation();

/**
* Mode flag to open a zip file and mark it for deletion. The file will be
* deleted some time between the moment that it is opened and the moment
Expand Down Expand Up @@ -1131,6 +1131,22 @@ private String[] getMetaInfEntryNames() {
private static boolean isWindows;
private static final JavaLangAccess JLA;

/**
* Returns the value of the System property which indicates whether the
* Extra ZIP64 validation should be disabled.
*/
static boolean getDisableZip64ExtraFieldValidation() {
boolean result;
String value = GetPropertyAction.privilegedGetProperty(
"jdk.util.zip.disableZip64ExtraFieldValidation");
if (value == null) {
result = false;
} else {
result = value.isEmpty() || value.equalsIgnoreCase("true");
}
return result;
}

static {
SharedSecrets.setJavaUtilZipFileAccess(
new JavaUtilZipFileAccess() {
Expand Down Expand Up @@ -1241,25 +1257,32 @@ private void checkExtraFields(int cenPos, int startingOffset,
zerror("Invalid CEN header (extra data field size too long)");
}
int currentOffset = startingOffset;
while (currentOffset < extraEndOffset) {
// Walk through each Extra Header. Each Extra Header Must consist of:
// Header ID - 2 bytes
// Data Size - 2 bytes:
while (currentOffset + Integer.BYTES <= extraEndOffset) {
int tag = get16(cen, currentOffset);
currentOffset += Short.BYTES;

int tagBlockSize = get16(cen, currentOffset);
currentOffset += Short.BYTES;
int tagBlockEndingOffset = currentOffset + tagBlockSize;

// The ending offset for this tag block should not go past the
// offset for the end of the extra field
if (tagBlockEndingOffset > extraEndOffset) {
zerror("Invalid CEN header (invalid zip64 extra data field size)");
zerror(String.format(
"Invalid CEN header (invalid extra data field size for " +
"tag: 0x%04x at %d)",
tag, cenPos));
}
currentOffset += Short.BYTES;

if (tag == ZIP64_EXTID) {
// Get the compressed size;
long csize = CENSIZ(cen, cenPos);
// Get the uncompressed size;
long size = CENLEN(cen, cenPos);

checkZip64ExtraFieldValues(currentOffset, tagBlockSize,
csize, size);
}
Expand All @@ -1283,6 +1306,16 @@ private void checkZip64ExtraFieldValues(int off, int blockSize, long csize,
long size)
throws ZipException {
byte[] cen = this.cen;
// if ZIP64_EXTID blocksize == 0, which may occur with some older
// versions of Apache Ant and Commons Compress, validate csize and size
// to make sure neither field == ZIP64_MAGICVAL
if (blockSize == 0) {
if (csize == ZIP64_MAGICVAL || size == ZIP64_MAGICVAL) {
zerror("Invalid CEN header (invalid zip64 extra data field size)");
}
// Only validate the ZIP64_EXTID data if the block size > 0
return;
}
// Validate the Zip64 Extended Information Extra Field (0x0001)
// length.
if (!isZip64ExtBlockSizeValid(blockSize)) {
Expand Down Expand Up @@ -1693,7 +1726,7 @@ private void initCEN(int knownTotal, ZipCoder zc) throws IOException {
} else {
checkEncoding(zc, cen, pos + CENHDR, nlen);
}
if (elen > 0 && !disableZip64ExtraFieldValidation) {
if (elen > 0 && !DISABLE_ZIP64_EXTRA_VALIDATION) {
long extraStartingOffset = pos + CENHDR + nlen;
if ((int)extraStartingOffset != extraStartingOffset) {
zerror("invalid CEN header (bad extra offset)");
Expand Down
14 changes: 13 additions & 1 deletion src/jdk.zipfs/share/classes/jdk/nio/zipfs/ZipFileSystem.java
Original file line number Diff line number Diff line change
Expand Up @@ -2575,10 +2575,22 @@ void readExtra(ZipFileSystem zipfs) throws IOException {
int sz = SH(extra, pos + 2);
pos += 4;
if (pos + sz > elen) { // invalid data
throw new ZipException("Invalid CEN header (invalid zip64 extra data field size)");
throw new ZipException(String.format(
"Invalid CEN header (invalid extra data field size for " +
"tag: 0x%04x size: %d)",
tag, sz));
}
switch (tag) {
case EXTID_ZIP64 :
// if ZIP64_EXTID blocksize == 0, which may occur with some older
// versions of Apache Ant and Commons Compress, validate csize
// size, and locoff to make sure the fields != ZIP64_MAGICVAL
if (sz == 0) {
if (csize == ZIP64_MINVAL || size == ZIP64_MINVAL || locoff == ZIP64_MINVAL) {
throw new ZipException("Invalid CEN header (invalid zip64 extra data field size)");
}
break;
}
// Check to see if we have a valid block size
if (!isZip64ExtBlockSizeValid(sz)) {
throw new ZipException("Invalid CEN header (invalid zip64 extra data field size)");
Expand Down
7 changes: 4 additions & 3 deletions test/jdk/java/util/zip/ZipFile/CorruptedZipFiles.java
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
*/

/* @test
* @bug 4770745 6218846 6218848 6237956
* @bug 4770745 6218846 6218848 6237956 8313765
* @summary test for correct detection and reporting of corrupted zip files
* @author Martin Buchholz
*/
Expand Down Expand Up @@ -113,8 +113,9 @@ public static void main(String[] args) throws Exception {

err.println("corrupted CENEXT 1");
bad = good.clone();
bad[cenpos+CENEXT]++;
checkZipException(bad, ".*invalid zip64 extra data field size.*");
bad[cenpos+CENEXT] = (byte)0xff;
bad[cenpos+CENEXT+1] = (byte)0xff;
checkZipException(bad, ".*extra data field size too long.*");

err.println("corrupted CENEXT 2");
bad = good.clone();
Expand Down
Loading

0 comments on commit 0880e8d

Please sign in to comment.