RFR: 8330684: ClassFile API runs into StackOverflowError while parsing certain class' bytes [v3]
Adam Sotona
asotona at openjdk.org
Fri Apr 26 13:34:08 UTC 2024
> ClassFile API dives into the nested constant pool entries without type restrictions, while parsing a class file. Validation of the entry is performed post-parsing. Specifically corrupted constant pool entry may cause infinite loop during parsing and throws SOE.
> This patch resolves the issue by providing specific implementations for the nested CP entries parsing, instead of sharing the common (post-checking) code.
> Added test simulates the situation on inner-looped method reference entry.
>
> Please review.
>
> Thank you,
> Adam
Adam Sotona has updated the pull request incrementally with one additional commit since the last revision:
Apply suggestions from code review
Co-authored-by: ExE Boss <3889017+ExE-Boss at users.noreply.github.com>
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/18907/files
- new: https://git.openjdk.org/jdk/pull/18907/files/e706346b..4a28694f
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=18907&range=02
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=18907&range=01-02
Stats: 9 lines in 1 file changed: 4 ins; 0 del; 5 mod
Patch: https://git.openjdk.org/jdk/pull/18907.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/18907/head:pull/18907
PR: https://git.openjdk.org/jdk/pull/18907
More information about the core-libs-dev
mailing list