Bug#654899: libarchive-zip-perl: jh_manifest from javahelper creates corrupt archives (jars)
Niko Tyni
ntyni at debian.org
Tue Jan 10 19:56:31 UTC 2012
On Mon, Jan 09, 2012 at 04:19:29PM +0200, Niko Tyni wrote:
> OK, I see it now. Still no idea why I couldn't get it to happen with the
> hand made .jar, but when testing with the terraintool source I missed
> the (now obvious) fact that jh_manifest was operating on the copy in
> debian/terraintool/usr/share/...
Status update: it happens with jar/zip files created by the jar binary
from OpenJDK. Just reading a zip and writing it out triggers it without
having to add or delete any members.
Files created with fastjar don't get corrupted.
Archive::Zip 1.31_03 is still affected FWIW.
The bug is also present on stable; I assume that the java toolchain must
has changed in some way since stable and escalated the problem.
Anyway, something like this breaks there as well:
% mkdir empty
% /usr/lib/jvm/java-6-openjdk/bin/jar c empty/ > empty.jar
% cat > t.pl
#!/usr/bin/perl -w
use strict;
use Archive::Zip qw( :ERROR_CODES :CONSTANTS );
my $in = shift;
my $zip = Archive::Zip->new();
$zip->read( $in ) == AZ_OK or error("Could not read $in: $!");
$zip->writeToFileNamed("out.zip") == AZ_OK or error("Writing modified jar failed: $!");
% perl t.pl empty.jar
% unzip -t out.zip
Archive: out.zip
META-INF/: ucsize 0 <> csize 2 for STORED entry
continuing with "compressed" size value
testing: META-INF/ bad CRC 1a6cd7b3 (should be 00000000)
testing: META-INF/MANIFEST.MF OK
testing: empty/ OK
At least one error was detected in out.zip.
Will dive into the Archive::Zip code next, and glare at 'zipinfo -v' output.
--
Niko Tyni ntyni at debian.org
More information about the pkg-perl-maintainers
mailing list