RFR: 8148854: Class names "SomeClass" and "LSomeClass;" treated by JVM as an equivalent
Dmitry Dmitriev
dmitry.dmitriev at oracle.com
Wed Aug 17 16:35:48 UTC 2016
Rachel, thank you! Test looks good.
Dmitry
On 17.08.2016 19:24, Rachel Protacio wrote:
> Thanks for the comments - I've fixed as requested:
> http://cr.openjdk.java.net/~rprotacio/8148854.01/
> Rachel
>
>
> On 8/17/2016 10:19 AM, Dmitry Dmitriev wrote:
>> Hi Rachel,
>>
>> Can comment only test.
>> FormatCheckingTest.java file:
>> 1) I think that @build instructions are not needed for this test as
>> Christian wrote in review request for JDK-8157957
>> "ClassNotFoundException: jdk.test.lib.JDKToolFinder"(i.e. "If you run
>> only that test in a clean jtwork folder and it passes, then
>> there's no need for @build.")
>> 2) Test can be run in the same vm, i.e. you can remove "othervm" from
>> run action. Or test should be run in othervm?
>>
>> Thank you,
>> Dmitry
>>
>> On 16.08.2016 23:21, Rachel Protacio wrote:
>>> Hi,
>>>
>>> Bug summary: fuzzing a class file so that the class name "SomeClass"
>>> is instead "LSomeClass;" passed unnoticed through the VM because it
>>> was not format checked by default and the L; were stripped off
>>> before lookup.
>>>
>>> This fix makes sure that all class names loaded by the app class
>>> loader are format checked by default. The
>>> Verifier::relax_verify_for() function that was previously used for
>>> both format checking (setting _relax_verify) and reflection (as an
>>> access check) has been renamed to relax_access_for() specifically
>>> for its use in reflection.cpp. A relax_format_check_for() function
>>> has been added to classFileParser.cpp to address the format
>>> checking, only "relaxing" the check if loaded by the boot loader or
>>> platform class loader.
>>>
>>> This fix adds a jtreg test, and the change passes JCK vm tests and
>>> WLS tests, in addition to JPRT and RBT hotspot_all and non-colo
>>> tests. A compatibility request has been approved for this change.
>>>
>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8148854
>>> Open webrev: http://cr.openjdk.java.net/~rprotacio/8148854.00/
>>>
>>> Thanks!
>>> Rachel
>>
>
More information about the hotspot-runtime-dev
mailing list