On Wed, 26 Mar 2025 14:41:08 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Updated with Sean's comments
>
> src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java line
> 1170:
>
>> 1168: entryName));
>> 1169: } else {
>> 1170: readEntry(cenInputStream);
>
> This could throw a `SecurityException` if the content does not match the
> digest. Although we have verified the JAR file with`JarFile`, things could be
> different when opened with a `JarInputStream`.
Added try-catch block.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23532#discussion_r2015092673
