Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-7151049

JRE/JDK7 JarOutputStream Jar files are not byte identical to JRE/JDK6

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P4
    • Resolution: Not an Issue
    • Affects Version/s: 7
    • Fix Version/s: None
    • Component/s: core-libs

      Description

      FULL PRODUCT VERSION :
      Any with ZIP64 extentions

      A DESCRIPTION OF THE PROBLEM :
      When creating a Jar file using the JarOutputStream (in particular when unpacking a pack200 gzip file) the Jar file produced is not byte for byte the same as that produced in JRE/JDK6. This causes checksums on these files to be incorrect.

      The difference in the files traces to the flag value being modyfied with EFS (UTF-8 modifier), this flag is set to indicate that the file uses only UTF-8 but since the Java Jar implementation always (only) uses UTF-8 this is not neccessary (and was not present in JRE/JDK6); Removing this statment causes the JarOutputStream (JRE/JDK7) output to match that of JRE/JDK6 exactly and seems to have no other effect:
      ZipOutputStream.putNextEntry(ze)
      {
      .
      .
      .
          if ((zcF.get(this)).isUTF8())
              flagF.set(ze, flagF.get(obj)) |= EFS;
      .
      .
      .
      }


      It would be nice if we could at the very least request that the JarOutputStream not set this flag when unpacking pack200 files.

      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      use the pack200 utility in JRE/JDK6 to pack a Jar file (make sure to normailse the file first) then use the unpack200 utility from each of JRE/JDK6 and JRE/JDK7 to unpack the pack.gz file. (you can use the class versions or the executable versions). Finally compare the files byte for byte and you will find that they are slightly different (i.e. produce different checksums) This will no doubt cause problems for deployment systems that check the correctness of jar files (by checksums / hashes) before loading them.

      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      The Jar output from from the JarOutputStream in JRE/JDK7 when unpacking a pack200 packed file should be identicle to that produced using JRE/JDK7.
      ACTUAL -
      The Jar files are not identicle (though they are both valid.)

      REPRODUCIBILITY :
      This bug can be reproduced always.

      CUSTOMER SUBMITTED WORKAROUND :
      Use JRE/JDK6 OR
      Provide your own Zip/Jar Output Streams OR
      Override putNextEntry in the JarOutputStream and use reflection to modify the isUTF8 field on the ZipCoder object from the ZipOutputStream class.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            webbuggrp Webbug Group
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: