RFR: 8328874: Class::forName0 should validate the class name length early [v14]
Guanqiang Han
ghan at openjdk.org
Sun Sep 7 09:03:56 UTC 2025
> Validate class name length immediately after GetStringUTFLength() in Class.forName0. This prevents potential issues caused by overly long class names before they reach later code that would reject them, throwing ClassNotFoundException early.
Guanqiang Han has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains 18 additional commits since the last revision:
- Optimize implementation
- Merge remote-tracking branch 'upstream/master' into 8328874
- move common method into a common file.
- Merge remote-tracking branch 'upstream/master' into 8328874
- Update Class.java
change overflow check
- Update Class.java
Simplify length check
- Update Class.java
avoid the case of int overflow
- Update Class.java
Use ModifiedUtf.utfLen instead of static import for readability
- change copyright year
- a small fix
- ... and 8 more: https://git.openjdk.org/jdk/compare/0c155b4f...c01a6d58
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/26802/files
- new: https://git.openjdk.org/jdk/pull/26802/files/edc1694d..c01a6d58
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=26802&range=13
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=26802&range=12-13
Stats: 7116 lines in 177 files changed: 3643 ins; 2526 del; 947 mod
Patch: https://git.openjdk.org/jdk/pull/26802.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/26802/head:pull/26802
PR: https://git.openjdk.org/jdk/pull/26802
More information about the core-libs-dev
mailing list