RFR (M): 8161224: CONSTANT_NameAndType_info permits references to illegal names and descriptors
dmitry.dmitriev at oracle.com
Tue Sep 6 20:14:25 UTC 2016
Small question about resource mark: on line 4850 you allocate new resource array which is used only in verify_unqualified_name() call. Do we need resource mark in this block?
----- Original Message -----
From: rachel.protacio at oracle.com
To: hotspot-runtime-dev at openjdk.java.net
Sent: Tuesday, September 6, 2016 11:01:45 PM GMT +03:00 Iraq
Subject: Re: RFR (M): 8161224: CONSTANT_NameAndType_info permits references to illegal names and descriptors
Thanks for the review! I've removed the resource mark. If no further
comments in the next hour, will commit.
On 9/6/2016 3:29 PM, harold seigel wrote:
> Hi Rachel,
> The change looks good. Just one nit:
> No resource mark is needed before calling classfile_parse_error() at
> line 4857.
> (No new RFR needed.)
> Thanks, Harold
> On 9/1/2016 5:30 PM, Rachel Protacio wrote:
>> Please review this fix, which addresses a few issues related to
>> incomplete format checking with NameAndType names and signatures.
>> First, the code that should have been format checking the strings in
>> later classfile versions was in fact just checking for periods, so
>> I've rewritten it to call verify_unqualified_name(). Second, the
>> checks were (depending on the version) only performed when referenced
>> through Methodref/Fieldref/InterfaceMethodref/InvokeDynamic, meaning
>> that non-referenced NameAndType bytecodes did not get checked like
>> they were supposed to. My change enforces the spec in both aspects.
>> To summarize:
>> The existing code had:
>> - strict checks for pre-5.0
>> - incomplete/non-spec-compliant checks for 5.0-and-later
>> - no checks for un-referenced NameAndType (A) names and (B)
>> 6.0-and-earlier signatures.
>> My change has:
>> - the same strict checks for pre-5.0
>> - complete/spec-compliant checks for 5.0-and-later
>> - all checks moved to the NameAndType section so all names and
>> signatures will be checked regardless of whether NameAndType is
>> Bug: https://bugs.openjdk.java.net/browse/JDK-8161224
>> Open webrev: http://cr.openjdk.java.net/~rprotacio/8161224.00/
>> Testing: The jck tests which had been failing for this bug now pass,
>> along with all other jck vm tests. Also tested with JPRT and RBT
>> hotspot_all and noncolo tests.
>> A compatibility request has been approved for this change.
>> Thank you,
More information about the hotspot-runtime-dev