7u-cpu-7u-dev-sync-feb-3-backup3 Udiff jdk/src/share/classes/java/util/jar/JarFile.java

jdk/src/share/classes/java/util/jar/JarFile.java

rev 5690 : 8000210: Improve JarFile code quality
Reviewed-by: ahgross, xuelei, mschoene

@@ -32,10 +32,11 @@
 import java.util.zip.*;
 import java.security.CodeSigner;
 import java.security.cert.Certificate;
 import java.security.AccessController;
 import java.security.CodeSource;
+import sun.misc.IOUtils;
 import sun.security.action.GetPropertyAction;
 import sun.security.util.ManifestEntryVerifier;
 import sun.misc.SharedSecrets;
 
 /**

@@ -327,10 +328,13 @@
         try {
             String[] names = getMetaInfEntryNames();
             if (names != null) {
                 for (int i = 0; i < names.length; i++) {
                     JarEntry e = getJarEntry(names[i]);
+                    if (e == null) {
+                        throw new JarException("corrupted jar file");
+                    }
                     if (!e.isDirectory()) {
                         if (mev == null) {
                             mev = new ManifestEntryVerifier
                                 (getManifestFromReference());
                         }

@@ -346,10 +350,14 @@
         } catch (IOException ex) {
             // if we had an error parsing any blocks, just
             // treat the jar file as being unsigned
             jv = null;
             verify = false;
+            if (JarVerifier.debug != null) {
+                JarVerifier.debug.println("jarfile parsing error!");
+                ex.printStackTrace();
+            }
         }
 
         // if after initializing the verifier we have nothing
         // signed, we null it out.

@@ -373,15 +381,13 @@
     /*
      * Reads all the bytes for a given entry. Used to process the
      * META-INF files.
      */
     private byte[] getBytes(ZipEntry ze) throws IOException {
-        byte[] b = new byte[(int)ze.getSize()];
-        try (DataInputStream is = new DataInputStream(super.getInputStream(ze))) {
-            is.readFully(b, 0, b.length);
+        try (InputStream is = super.getInputStream(ze)) {
+            return IOUtils.readFully(is, (int)ze.getSize(), true);
         }
-        return b;
     }
 
     /**
      * Returns an input stream for reading the contents of the specified
      * zip file entry.

@@ -477,16 +483,11 @@
 
         hasClassPathAttribute = false;
         if (!isKnownToNotHaveClassPathAttribute()) {
             JarEntry manEntry = getManEntry();
             if (manEntry != null) {
-                byte[] b = new byte[(int)manEntry.getSize()];
-                try (DataInputStream dis = new DataInputStream(
-                         super.getInputStream(manEntry))) {
-                    dis.readFully(b, 0, b.length);
-                }
-
+                byte[] b = getBytes(manEntry);
                 int last = b.length - src.length;
                 int i = 0;
                 next:
                 while (i<=last) {
                     for (int j=9; j>=0; j--) {