jdk/src/share/classes/java/util/jar/JarFile.java
Print this page
rev 5690 : 8000210: Improve JarFile code quality
Reviewed-by: ahgross, xuelei, mschoene
@@ -32,10 +32,11 @@
import java.util.zip.*;
import java.security.CodeSigner;
import java.security.cert.Certificate;
import java.security.AccessController;
import java.security.CodeSource;
+import sun.misc.IOUtils;
import sun.security.action.GetPropertyAction;
import sun.security.util.ManifestEntryVerifier;
import sun.misc.SharedSecrets;
/**
@@ -327,10 +328,13 @@
try {
String[] names = getMetaInfEntryNames();
if (names != null) {
for (int i = 0; i < names.length; i++) {
JarEntry e = getJarEntry(names[i]);
+ if (e == null) {
+ throw new JarException("corrupted jar file");
+ }
if (!e.isDirectory()) {
if (mev == null) {
mev = new ManifestEntryVerifier
(getManifestFromReference());
}
@@ -346,10 +350,14 @@
} catch (IOException ex) {
// if we had an error parsing any blocks, just
// treat the jar file as being unsigned
jv = null;
verify = false;
+ if (JarVerifier.debug != null) {
+ JarVerifier.debug.println("jarfile parsing error!");
+ ex.printStackTrace();
+ }
}
// if after initializing the verifier we have nothing
// signed, we null it out.
@@ -373,15 +381,13 @@
/*
* Reads all the bytes for a given entry. Used to process the
* META-INF files.
*/
private byte[] getBytes(ZipEntry ze) throws IOException {
- byte[] b = new byte[(int)ze.getSize()];
- try (DataInputStream is = new DataInputStream(super.getInputStream(ze))) {
- is.readFully(b, 0, b.length);
+ try (InputStream is = super.getInputStream(ze)) {
+ return IOUtils.readFully(is, (int)ze.getSize(), true);
}
- return b;
}
/**
* Returns an input stream for reading the contents of the specified
* zip file entry.
@@ -477,16 +483,11 @@
hasClassPathAttribute = false;
if (!isKnownToNotHaveClassPathAttribute()) {
JarEntry manEntry = getManEntry();
if (manEntry != null) {
- byte[] b = new byte[(int)manEntry.getSize()];
- try (DataInputStream dis = new DataInputStream(
- super.getInputStream(manEntry))) {
- dis.readFully(b, 0, b.length);
- }
-
+ byte[] b = getBytes(manEntry);
int last = b.length - src.length;
int i = 0;
next:
while (i<=last) {
for (int j=9; j>=0; j--) {