Integrated: 8361635: Missing List length validation in the Class-File API
Chen Liang
liach at openjdk.org
Wed Sep 3 19:24:52 UTC 2025
On Thu, 10 Jul 2025 21:01:18 GMT, Chen Liang <liach at openjdk.org> wrote:
> The `class` file format often only stores lists up to 65535 in size because size is encoded as a u2. Currently, we truncate the list size and write all contents, creating malformed `class` files. Almost all scenarios where such oversized lists are created can be considered an error; we should eagerly reject lists that would never be encodable in the `class` file format when users construct model objects.
This pull request has now been integrated.
Changeset: 431f4672
Author: Chen Liang <liach at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/431f46724658b703e995e518cb7a2149c50d6a9d
Stats: 886 lines in 48 files changed: 775 ins; 20 del; 91 mod
8361635: Missing List length validation in the Class-File API
Reviewed-by: asotona
-------------
PR: https://git.openjdk.org/jdk/pull/26252
More information about the core-libs-dev
mailing list