RFR 8223730 : URLClassLoader.findClass() can throw IndexOutOfBoundsException

Brent Christian brent.christian at oracle.com
Mon May 13 23:47:31 UTC 2019


I think the change looks OK.

I agree that this case is unlikely to come up in the real world, so no 
regtest seems acceptable; tag the bug with noreg-hard.

(Another option might be a test in a seldom-run Tier that @requires a 
large amount of heap.)

-Brent

On 5/11/19 3:07 PM, Ivan Gerasimov wrote:
> Hello!
> 
> An integer overflow during array size calculation can happen in a case 
> of loading extremely huge class file (which is unlikely in the real world).
> 
> It is possible to create a regression test (see the bug), though I doubt 
> it would carry much weight while requiring much memory.
> 
> I did check manually that the POC runs fine with the patched JDK.
> 
> Would you please help review the fix?
> 
> BUGURL: https://bugs.openjdk.java.net/browse/JDK-8223730
> WEBREV: http://cr.openjdk.java.net/~igerasim/8223730/00/webrev/
> 


More information about the core-libs-dev mailing list