RFR: 8330684: ClassFile API runs into StackOverflowError while parsing certain class' bytes
Adam Sotona
asotona at openjdk.org
Tue Apr 23 07:48:54 UTC 2024
ClassFile API dives into the nested constant pool entries without type restrictions, while parsing a class file. Validation of the entry is performed post-parsing. Specifically corrupted constant pool entry may cause infinite loop during parsing and throws SOE.
This patch resolves the issue by providing specific implementations for the nested CP entries parsing, instead of sharing the common (post-checking) code.
Added test simulates the situation on inner-looped method reference entry.
Please review.
Thank you,
Adam
-------------
Commit messages:
- added bug#
- 8330684: ClassFile API runs into StackOverflowError while parsing certain class' bytesactory.java
Changes: https://git.openjdk.org/jdk/pull/18907/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=18907&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8330684
Stats: 84 lines in 2 files changed: 60 ins; 5 del; 19 mod
Patch: https://git.openjdk.org/jdk/pull/18907.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/18907/head:pull/18907
PR: https://git.openjdk.org/jdk/pull/18907
More information about the core-libs-dev
mailing list