RFR 8223730 : URLClassLoader.findClass() can throw IndexOutOfBoundsException
Ivan Gerasimov
ivan.gerasimov at oracle.com
Tue May 14 01:23:40 UTC 2019
Thank you Pavel and Brent for reviewing!
With kind regards,
Ivan
On 5/13/19 4:47 PM, Brent Christian wrote:
> I think the change looks OK.
>
> I agree that this case is unlikely to come up in the real world, so no
> regtest seems acceptable; tag the bug with noreg-hard.
>
> (Another option might be a test in a seldom-run Tier that @requires a
> large amount of heap.)
>
> -Brent
>
> On 5/11/19 3:07 PM, Ivan Gerasimov wrote:
>> Hello!
>>
>> An integer overflow during array size calculation can happen in a
>> case of loading extremely huge class file (which is unlikely in the
>> real world).
>>
>> It is possible to create a regression test (see the bug), though I
>> doubt it would carry much weight while requiring much memory.
>>
>> I did check manually that the POC runs fine with the patched JDK.
>>
>> Would you please help review the fix?
>>
>> BUGURL: https://bugs.openjdk.java.net/browse/JDK-8223730
>> WEBREV: http://cr.openjdk.java.net/~igerasim/8223730/00/webrev/
>>
>
--
With kind regards,
Ivan Gerasimov
More information about the core-libs-dev
mailing list