[ http://issues.apache.org/jira/browse/HARMONY-295?page=all ] Richard Liang updated HARMONY-295: ---------------------------------- Attachment: Modified_Manifest_MainAttributes.jar This is the target jar to be tested. Please put it at the same location of the test case. The test case will pass on RI 5.0 and fail on Harmony > java.util.jar.JarInputStream does not throw Security Exception according to Java 5.0 Spec > ----------------------------------------------------------------------------------------- > > Key: HARMONY-295 > URL: http://issues.apache.org/jira/browse/HARMONY-295 > Project: Harmony > Type: Bug > Components: Classlib > Reporter: Richard Liang > Priority: Minor > Attachments: Modified_Manifest_MainAttributes.jar > > According to the new feature in JAR File Specification for java 5.0, .SF signature file which verifies the manifest has a new algorithm. If the main attributes are tampered, harmony will not throw security exception while RI 5.0 will. > Here is the test code to demo this issue: > public void test_JarInputStream_Modified_Manifest_MainAttributes() > throws IOException { > String path = URLDecoder.decode(this.getClass().getResource(".") > .getPath(), "UTF-8"); > FileInputStream fin = new FileInputStream(path > + "/Modified_Manifest_MainAttributes.jar"); > ZipEntry zipEntry = null; > JarInputStream jin = new JarInputStream(fin, true); > final int indexofDSA = 2; > final int totalEntries = 4; > int count = 0; > while (count == 0 || zipEntry != null) { > count++; > try { > zipEntry = jin.getNextEntry(); > if (count == indexofDSA + 1) > fail("Should throw Security Exception"); > } catch (SecurityException e) { > if (count != indexofDSA + 1) > throw e; > } > } > assertEquals(totalEntries + 2, count); > jin.close(); > fin.close(); > } -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira