RFR: 8308549: Classfile API should fail to generate over-sized Code attribute [v2]
Adam Sotona
asotona at openjdk.org
Wed May 24 13:18:15 UTC 2023
> Classfile API allowed to generate Code attribute exceeding the 65k limit. No exception has been thrown during class generation and the class failed verification later during class loading.
> This patch adds Code size limit check throwing IllegalArgumentException.
> The patch also adds similar check for constant pool size limit to avoid generation class file with corrupted constant pool.
> Two new tests are added to check response on oversized Code attribute and constant pool.
> `VerifierImpl` is extended to check Code attribute size as a part of class verification process.
>
> Please review.
>
> Thanks,
> Adam
Adam Sotona has updated the pull request incrementally with one additional commit since the last revision:
added check for empty Code + test
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/14100/files
- new: https://git.openjdk.org/jdk/pull/14100/files/32c00386..d4b21a22
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=14100&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=14100&range=00-01
Stats: 12 lines in 4 files changed: 10 ins; 0 del; 2 mod
Patch: https://git.openjdk.org/jdk/pull/14100.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/14100/head:pull/14100
PR: https://git.openjdk.org/jdk/pull/14100
More information about the core-libs-dev
mailing list