StrictJarFile: Fix CheckJNI crashes due to invalid UTF-8 bytes.
Use the java.lang.String(byte[]) constructor instead of NewStringUTF since the former replaces malformed and unmappable characters instead of faulting on them. This also gives us some degree of consistency when it comes to how these names are handled. From StrictJarFile's perspective, the entry name is only used by the JarVerifier for two things : (1) keeping track of entries it has seen - this only requires the entry name to be stable. (2) looking up entry attributes in the manifest - this will continue to work if the same bogus encoding is used in the manifest. If the manifest uses valid UTF-8, the attribute lookup will fail and we'll return no certificates for the entry (this is a good thing). Finding an entry by name remains unaffacted because (as before) we require byte by byte equality with the input. The longer term fix is to disallow non-UTF entry names altogether but that needs a bit more advance notice. bug: 18584205 Change-Id: I7bb3e5bb09962d768a28aca4a6ece4dd54aa3473
Showing
Please register or sign in to comment