Stricter number size checks in the Class-File API
Chen Liang
chen.l.liang at oracle.com
Thu Jul 10 22:54:06 UTC 2025
The Class-File API currently has a lot of places where it takes u2 or u1 arguments as int.
However, these arguments are never validated that they are actually read back to the same int value after truncation that happens when writing to class files. These usually represent user errors that should be corrected.
In particular, list structures in the class file format use u2 or u1 for their sizes. When list sizes are truncated, it directly leads to malformed class files, which is a more serious problem that is also harder to diagnose sometimes.
As a result, I am proposing to check these out-of-range values (except for accepting -1 as the class file minor version for 65535) eagerly whenever possible - that is, when passed to construct API models.
I expect relatively low compatibility impact, as these out-of-range values usually do not appear when judged case-by-case. Users can fallback to explicit argument truncation before passing the arguments as well.
See the CSRs for details:
https://bugs.openjdk.org/browse/JDK-8361637
https://bugs.openjdk.org/browse/JDK-8361906
Please do not hesitate to disagree with this assessment if you have any reason, for example, one of these "erroneous" usages are actually meaningful in your particular workload.
Regards,
Chen Liang
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/classfile-api-dev/attachments/20250710/ec92d654/attachment-0001.htm>
More information about the classfile-api-dev
mailing list