Integrated: 8328874: Class::forName0 should validate the class name length early
Guanqiang Han
ghan at openjdk.org
Fri Sep 12 14:49:17 UTC 2025
On Fri, 15 Aug 2025 15:19:35 GMT, Guanqiang Han <ghan at openjdk.org> wrote:
> Validate class name length immediately after GetStringUTFLength() in Class.forName0. This prevents potential issues caused by overly long class names before they reach later code that would reject them, throwing ClassNotFoundException early.
This pull request has now been integrated.
Changeset: 44aad078
Author: Guanqiang Han <ghan at openjdk.org>
Committer: Roger Riggs <rriggs at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/44aad0786bc85e11eded1da4cf4eb96698424c8b
Stats: 131 lines in 4 files changed: 127 ins; 0 del; 4 mod
8328874: Class::forName0 should validate the class name length early
Reviewed-by: rriggs, liach, ayang
-------------
PR: https://git.openjdk.org/jdk/pull/26802
More information about the core-libs-dev
mailing list