More specific exception with traversing ZIP content
Closed this issue · 3 comments
The IO exception thrown when a ZIP file contains files with traversing path names is a bit generic.
jodd-util/src/main/java/jodd/io/ZipUtil.java
Line 235 in 8d7398b
Maybe java.lang.IllegalStateException
?
It would be better to have a custom IOException
type, as this class throws all io exceptions... But I added a better message instead.
The updated message definitely clarifies it better. I'd probably still chose a different exception type, though, as that issue is not exactly IO related, but rather a security exception.
java.lang.SecurityException
might be a good choice, if the documentation was not very specific on it
Thrown by the security manager to indicate a security violation
It's more illegal state of the zip, just the effect may be dangerous :) Still, lets keep IOexception, just to keep it the same as the rest of the io
package.
I would replace them all with an unchecked version of IOException, but lets leave this version for the next major release