RFR: 8336833: Endless loop in Javap ClassWriter
Adam Sotona
asotona at openjdk.org
Fri Jul 19 15:53:34 UTC 2024
On Fri, 19 Jul 2024 15:41:07 GMT, Chen Liang <liach at openjdk.org> wrote:
>> Artificially corrupted class with overflowing max - min values of `tableswitch` instruction cause infinite loop in `jdk.internal.classfile.impl.CodeImpl::inflateJumpTargets`
>>
>> This patch fixes the overflow and adds relevant test.
>>
>> Please review.
>>
>> Thank you,
>> Adam
>
> src/java.base/share/classes/jdk/internal/classfile/impl/AbstractInstruction.java line 320:
>
>> 318: int low = code.classReader.readInt(ap + 4);
>> 319: int high = code.classReader.readInt(ap + 8);
>> 320: if (high < low || (long)high - low > code.codeLength >> 2) {
>
> Maybe `Integer.toUnsignedLong(high - low)` might be clearer?
I think it is safer to convert to long beforehand.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20258#discussion_r1684570869
More information about the core-libs-dev
mailing list