diff options
Diffstat (limited to 'bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedContentImpl.java')
-rw-r--r-- | bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedContentImpl.java | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedContentImpl.java b/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedContentImpl.java index a22b2da50..327023560 100644 --- a/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedContentImpl.java +++ b/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedContentImpl.java @@ -1,5 +1,5 @@ /******************************************************************************* - * Copyright (c) 2007, 2016 IBM Corporation and others. + * Copyright (c) 2007, 2019 IBM Corporation and others. * * This program and the accompanying materials are made available under the * terms of the Eclipse Public License 2.0 which accompanies this distribution, @@ -33,6 +33,7 @@ import org.eclipse.osgi.storage.bundlefile.BundleFile; import org.eclipse.osgi.util.NLS; public class SignedContentImpl implements SignedContent { + final static int VERIFY_LIMIT = 1000 * 1024; // 1 mb; not sure what the best limit is final static SignerInfo[] EMPTY_SIGNERINFO = new SignerInfo[0]; // the content which is signed volatile SignedBundleFile content; // TODO can this be more general? @@ -196,7 +197,17 @@ public class SignedContentImpl implements SignedContent { } if (entry == null) throw new InvalidContentException(NLS.bind(SignedContentMessages.file_is_removed_from_jar, entryName, currentContent.getBaseFile().toString()), exception); - entry.getBytes(); + + if (entry.getSize() > VERIFY_LIMIT) { + try (InputStream in = entry.getInputStream()) { + final byte[] buf = new byte[1024]; + while (in.read(buf) > 0) { + // just exhausting the stream to verify + } + } + } else { + entry.getBytes(); + } } } } |