Description of problem: After upgrading zlib to 1.2.10 OpenJDK started to produce corrupt JAR files in some cases. Version-Release number of selected component (if applicable): java-1.8.0-openjdk-1.8.0.111-5.b16.fc26.x86_64 zlib-1.2.10-1.fc26.x86_64 (scratch build, see bug #1409372) Steps to Reproduce: 1. javac Bug1411984.java 2. java Bug1411984 3. jar xf /tmp/foo.jar Actual results: java.util.zip.ZipException: invalid entry size (expected 104269 but got 98812 bytes) at java.util.zip.ZipInputStream.readEnd(ZipInputStream.java:384) at java.util.zip.ZipInputStream.read(ZipInputStream.java:196) at java.util.zip.ZipInputStream.closeEntry(ZipInputStream.java:140) at sun.tools.jar.Main.extractFile(Main.java:1072) at sun.tools.jar.Main.extract(Main.java:981) at sun.tools.jar.Main.run(Main.java:311) at sun.tools.jar.Main.main(Main.java:1288) Additional info: zlib 1.2.10 is not yet in Fedora at the time of creating this bug. See bug #1409372.
Created attachment 1239982 [details] Reproducer
Have you been able to diagnose whether this is result of zlib's API misuse, or is that something to be resolved in zlib upstream?
I can look into this, but it will have to wait until after the imminent OpenJDK security update. In the meantime, a possible workaround is to disable the use of the system zlib, so OpenJDK reverts to using its in-tree version.
(In reply to Pavel Raiskup from comment #2) > Have you been able to diagnose whether this is result of zlib's API misuse, > or is that something to be resolved in zlib upstream? I don't know that, but I think that OpenJDK bug is more likely.
Just for Info: Tested on Mageia some java build with zlib 1.2.11 and now they successfully built \o/
zlib (http://www.zlib.net/) says that 1.2.10 is broken: """Due to the bug fixes, any installations of 1.2.9 or 1.2.10 should be immediately replaced with 1.2.11""" So I am closing this because this appears to be a bug in zlib (which as been fixed) rather than in OpenJDK.