Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.4.11
-
None
-
None
Description
packaging/zip.rb monkey patches ZipEntrySet, overriding the << method. This method is aliased in rubyzip as push. Opening an existing zip file will cause the entry set to be read using ZipCentralDirectory.read_central_directory_entries. This entry set is subsequently dup'ed. ZipCentralDirectory.read_central_directory_entries uses the << method to add entries, while dup calls the ZipFileEntrySet constructor which uses push for this. The former will trigger the monkey patched version of <<, the latter will trigger the unpatched version.
In the original version of << from rubyzip 0.9.9 an additional method 'to_key' is called which strips trailing slashes from the entry name. The monkey patched version of << does not do this. The end result is that @entrySet != @storedEntries in a ZipFile immediately after opening it. When the ZipFile is closed, ZipFile.commit_required? will always return true due to this and the zip file will be rewritten even though no changes were made.
The example code below demonstrates this behavior.
require 'buildr' artifact_file = "dojo-release-1.8.3.zip" artifact = "http://download.dojotoolkit.org/release-1.8.3/#{artifact_file}" FileUtils.rm artifact_file URI.download artifact, artifact_file puts `md5sum #{artifact_file}` Zip::ZipFile.open(artifact_file) do |zip| end puts `md5sum #{artifact_file}`