Parsing just a local file header which uses a data descriptor is technically not reliable when it uses stored (uncompressed) data. A malicious actor could theoretically insert a local file header or data descriptor header at an arbitrary point to confuse parsing. Deflate compressed streams are self terminating, so they don't suffer from the same problem. If the size of an entry is only read from the central directory file header, this isn't a problem, but JVM zip parsing rejects such local file headers anyway.