For your information: The OpenJDK developers have messed up all recent JDK versions (released after July-17th: JDK 11, 17, 20) by changing the behavior of java.util.ZipFile when fixing the security problem JDK-8302483 (not yet released to the public).
This affects especially soot when processing APK files (but may also affect other JAR files) and can cause the following exception when trying to read it using ZipFile:
Caused by: java.util.zip.ZipException: Invalid CEN header (invalid zip64 extra data field size)
at java.base/java.util.zip.ZipFile$Source.zerror(ZipFile.java:1728)
at java.base/java.util.zip.ZipFile$Source.checkExtraFields(ZipFile.java:1261)
at java.base/java.util.zip.ZipFile$Source.checkAndAddEntry(ZipFile.java:1212)
at java.base/java.util.zip.ZipFile$Source.initCEN(ZipFile.java:1667)
As a workaround you can set the system property jdk.util.zip.disableZip64ExtraFieldValidation to true, unfortunately changing it via System.setProperty(..) has no effect, therefore the only way is to set the property at startup on command-line:
For your information: The OpenJDK developers have messed up all recent JDK versions (released after July-17th: JDK 11, 17, 20) by changing the behavior of
java.util.ZipFile
when fixing the security problemJDK-8302483
(not yet released to the public). This affects especially soot when processing APK files (but may also affect other JAR files) and can cause the following exception when trying to read it usingZipFile
:As a workaround you can set the system property
jdk.util.zip.disableZip64ExtraFieldValidation
totrue
, unfortunately changing it viaSystem.setProperty(..)
has no effect, therefore the only way is to set the property at startup on command-line: