RFR: 8308549: Classfile API should fail to generate over-sized Code attribute
Chen Liang
liach at openjdk.org
Tue May 23 15:29:29 UTC 2023
On Tue, 23 May 2023 12:54:20 GMT, Adam Sotona <asotona at openjdk.org> wrote:
> Classfile API allowed to generate Code attribute exceeding the 65k limit. No exception has been thrown during class generation and the class failed verification later during class loading.
> This patch adds Code size limit check throwing IllegalArgumentException.
> The patch also adds similar check for constant pool size limit to avoid generation class file with corrupted constant pool.
> Two new tests are added to check response on oversized Code attribute and constant pool.
> `VerifierImpl` is extended to check Code attribute size as a part of class verification process.
>
> Please review.
>
> Thanks,
> Adam
On a side note, does Classfile API reject methods with too many slots (locals) (MethodTypeDesc can represent parameter lists with over 255 slots) or stack (operand)?
-------------
PR Comment: https://git.openjdk.org/jdk/pull/14100#issuecomment-1559642335
More information about the core-libs-dev
mailing list