Bug Description

While tracing the intermittent server lockups, I identified a file descriptor leak in the app submission pipeline, specifically within the process_jar function (submit_app/processjar.py).

When a .jar file is uploaded, the zip archive is opened to read the manifest. However, if an exception (such as InvalidJarError or ValueError) is raised during the manifest parsing process, the execution halts before the explicit archive.close() call is reached.

Because these unclosed file descriptors remain tied to the WSGI worker process, a burst of malformed uploads will cause the server to hit the OS ulimit ("Too many open files"), leading to worker exhaustion.

Steps to Reproduce

1. Simulate the upload of malformed .jar files (e.g., archives with invalid MANIFEST.MF syntax).
2. Monitor the open file count for the Python process using lsof.
3. Observe that the file descriptor count increases with every failed upload and does not return to baseline.

Proof of Leak:

Expected Behavior

The zip archive should be safely closed immediately after reading, ensuring the OS releases the handler regardless of whether the parsing logic succeeds or throws an exception.

Environment

• Python Version: Tested locally on 3.14.2
• Django Version: 4.2.15
• OS: macOS / Linux