oblac/jodd-util

More specific exception with traversing ZIP content

Closed this issue · 3 comments

neroux commented

The IO exception thrown when a ZIP file contains files with traversing path names is a bit generic.

throw new IOException("Unzipping");

Maybe java.lang.IllegalStateException?

igr commented

It would be better to have a custom IOException type, as this class throws all io exceptions... But I added a better message instead.

neroux commented

The updated message definitely clarifies it better. I'd probably still chose a different exception type, though, as that issue is not exactly IO related, but rather a security exception.

java.lang.SecurityException might be a good choice, if the documentation was not very specific on it

Thrown by the security manager to indicate a security violation

igr commented

It's more illegal state of the zip, just the effect may be dangerous :) Still, lets keep IOexception, just to keep it the same as the rest of the io package.

I would replace them all with an unchecked version of IOException, but lets leave this version for the next major release