diff --git a/CONTRIBUTORS b/CONTRIBUTORS
index 35df55ef9..e45c14031 100644
--- a/CONTRIBUTORS
+++ b/CONTRIBUTORS
@@ -267,6 +267,7 @@ Takashi Okamoto
 Taoufik Romdhane
 Tariq Master
 Trejkaz Xaoza
+Thomas Aglassinger
 Thomas Butz
 Thomas Christen
 Thomas Christensen
diff --git a/WHATSNEW b/WHATSNEW
index 128e1d6aa..0821e41f7 100644
--- a/WHATSNEW
+++ b/WHATSNEW
@@ -58,6 +58,9 @@ Changes that could break older environments:
    passed in a null or empty InputStream to read from.
    Bugzilla Report 32200
 
+ * <unzip> will now fail on archives with an empty central directory.
+   Bugzilla report 35000.
+
 Fixed bugs:
 -----------
 
diff --git a/contributors.xml b/contributors.xml
index 5ae2e5ebc..3c98eca29 100644
--- a/contributors.xml
+++ b/contributors.xml
@@ -1074,6 +1074,10 @@
     <first>Tariq</first>
     <last>Master</last>
   </name>
+  <name>
+    <first>Thomas</first>
+    <last>Aglassinger</last>
+  </name>
   <name>
     <first>Thomas</first>
     <last>Butz</last>
diff --git a/src/main/org/apache/tools/zip/ZipFile.java b/src/main/org/apache/tools/zip/ZipFile.java
index 4e7edcff2..f15f4aa7d 100644
--- a/src/main/org/apache/tools/zip/ZipFile.java
+++ b/src/main/org/apache/tools/zip/ZipFile.java
@@ -276,6 +276,10 @@ public class ZipFile {
         archive.readFully(signatureBytes);
         long sig = ZipLong.getValue(signatureBytes);
         final long cfhSig = ZipLong.getValue(ZipOutputStream.CFH_SIG);
+        if (sig != cfhSig) {
+            throw new IOException("central directory is empty, can't expand"
+                                  + " archive.");
+        }
         while (sig == cfhSig) {
             archive.readFully(cfh);
             int off = 0;
diff --git a/src/tests/antunit/taskdefs/broken_cd.zip b/src/tests/antunit/taskdefs/broken_cd.zip
new file mode 100644
index 000000000..721fb4501
Binary files /dev/null and b/src/tests/antunit/taskdefs/broken_cd.zip differ
diff --git a/src/tests/antunit/taskdefs/unzip-test.xml b/src/tests/antunit/taskdefs/unzip-test.xml
new file mode 100644
index 000000000..80fcf3fdd
--- /dev/null
+++ b/src/tests/antunit/taskdefs/unzip-test.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+
+<project name="unzip-test" default="antunit"
+         xmlns:au="antlib:org.apache.ant.antunit">
+  <import file="../antunit-base.xml" />
+
+  <property name="dest.dir" location="unzip.dest"/>
+
+  <target name="setUp">
+    <mkdir dir="${dest.dir}" />
+  </target>
+
+  <target name="tearDown">
+    <delete dir="${dest.dir}"/>
+  </target>
+
+  <target name="testFailureOnBrokenCentralDirectoryStructure">
+    <au:expectfailure
+       expectedmessage="central directory is empty, can't expand archive.">
+      <unzip src="broken_cd.zip" dest="${dest.dir}"/>
+    </au:expectfailure>
+  </target>
+</project>