RFR: 8330684: ClassFile API runs into StackOverflowError while parsing certain class' bytes

Adam Sotona asotona at openjdk.org
Tue Apr 23 07:48:54 UTC 2024


ClassFile API dives into the nested constant pool entries without type restrictions, while parsing a class file. Validation of the entry is performed post-parsing. Specifically corrupted constant pool entry may cause infinite loop during parsing and throws SOE.
This patch resolves the issue by providing specific implementations for the nested CP entries parsing, instead of sharing the common (post-checking) code.
Added test simulates the situation on inner-looped method reference entry.

Please review.

Thank you,
Adam

-------------

Commit messages:
 - added bug#
 - 8330684: ClassFile API runs into StackOverflowError while parsing certain class' bytesactory.java

Changes: https://git.openjdk.org/jdk/pull/18907/files
  Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=18907&range=00
  Issue: https://bugs.openjdk.org/browse/JDK-8330684
  Stats: 84 lines in 2 files changed: 60 ins; 5 del; 19 mod
  Patch: https://git.openjdk.org/jdk/pull/18907.diff
  Fetch: git fetch https://git.openjdk.org/jdk.git pull/18907/head:pull/18907

PR: https://git.openjdk.org/jdk/pull/18907


More information about the core-libs-dev mailing list