RFR: 8148854: Class names "SomeClass" and "LSomeClass;" treated by JVM as an equivalent
Dmitry Dmitriev
dmitry.dmitriev at oracle.com
Wed Aug 17 14:19:50 UTC 2016
Hi Rachel,
Can comment only test.
FormatCheckingTest.java file:
1) I think that @build instructions are not needed for this test as
Christian wrote in review request for JDK-8157957
"ClassNotFoundException: jdk.test.lib.JDKToolFinder"(i.e. "If you run
only that test in a clean jtwork folder and it passes, then
there's no need for @build.")
2) Test can be run in the same vm, i.e. you can remove "othervm" from
run action. Or test should be run in othervm?
Thank you,
Dmitry
On 16.08.2016 23:21, Rachel Protacio wrote:
> Hi,
>
> Bug summary: fuzzing a class file so that the class name "SomeClass"
> is instead "LSomeClass;" passed unnoticed through the VM because it
> was not format checked by default and the L; were stripped off before
> lookup.
>
> This fix makes sure that all class names loaded by the app class
> loader are format checked by default. The Verifier::relax_verify_for()
> function that was previously used for both format checking (setting
> _relax_verify) and reflection (as an access check) has been renamed to
> relax_access_for() specifically for its use in reflection.cpp. A
> relax_format_check_for() function has been added to
> classFileParser.cpp to address the format checking, only "relaxing"
> the check if loaded by the boot loader or platform class loader.
>
> This fix adds a jtreg test, and the change passes JCK vm tests and WLS
> tests, in addition to JPRT and RBT hotspot_all and non-colo tests. A
> compatibility request has been approved for this change.
>
> Bug: https://bugs.openjdk.java.net/browse/JDK-8148854
> Open webrev: http://cr.openjdk.java.net/~rprotacio/8148854.00/
>
> Thanks!
> Rachel
More information about the hotspot-runtime-dev
mailing list