This is an automated email from the ASF dual-hosted git repository. ggregory pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/commons-bcel.git
commit e8c4bfbe0a00dc2c6b7d639c3880ca0d7faafbe4 Merge: f9e50479 7b5ac741 Author: Gary David Gregory (Code signing key) <[email protected]> AuthorDate: Tue Nov 22 07:52:29 2022 -0500 Merge branch 'master' of https://gitbox.apache.org/repos/asf/commons-bcel.git src/changes/changes.xml | 2 ++ .../java/org/apache/bcel/classfile/ElementValue.java | 12 +++++++++++- src/test/java/org/apache/bcel/OssFuzzTestCase.java | 5 +++++ src/test/resources/ossfuzz/issue53620/Test.class | Bin 0 -> 227530 bytes 4 files changed, 18 insertions(+), 1 deletion(-) diff --cc src/changes/changes.xml index 6825dc62,ecd81f27..8bed5637 --- a/src/changes/changes.xml +++ b/src/changes/changes.xml @@@ -75,42 -75,37 +75,44 @@@ The <action> type attribute can be add, <action type="add" dev="ggregory" due-to="nbauma109, Gary Gregory">Add org.apache.bcel.classfile.JavaClass.getSourceFilePath().</action> <action type="add" dev="ggregory" due-to="nbauma109, Gary Gregory">Add org.apache.bcel.generic.PUSH.PUSH(ConstantPoolGen, ArrayType).</action> <!-- FIX --> - <action type="fix" dev="ggregory" due-to="nbauma109, Gary Gregory">Typo in SimpleElementValue error message #161.</action> - <action type="fix" dev="ggregory" due-to="Mark Roberts, Gary Gregory">Fix code duplication in org.apache.bcel.verifier.structurals.ExceptionHandlers.ExceptionHandlers(MethodGen).</action> - <action type="fix" dev="ggregory" due-to="Sam Ng, Gary Gregory">Improve test coverage to bcel/generic and UtilityTest #162.</action> - <action type="fix" dev="ggregory" due-to="nbauma109, Gary Gregory">Code coverage and unit tests on the verifier #166.</action> - <action type="fix" dev="markt" due-to="OSS-Fuzz">References to constant pool entries that are not of the expected type should throw ClassFormatException, not ClassCastException.</action> - <action type="fix" dev="markt" due-to="OSS-Fuzz">When parsing an invalid class, ensure ClassParser.parse() throws ClassFormatException, not IllegalArgumentException.</action> - <action type="fix" dev="markt" due-to="OSS-Fuzz">org.apache.bcel.classfile.Code constructors now throw ClassFormatException on invalid input.</action> - <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.Deprecated constructors now throw ClassFormatException on invalid length input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">Avoid internal NPE in org.apache.bcel.util.ClassPath.getInputStream(String, String).</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">InstructionConstants.ALOAD_0 value is wrong (regression from 6.6.0).</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">InstructionConstants.DCONST_0 value is wrong (regression from 6.6.0).</action> <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.Attribute constructors now throw ClassFormatException on invalid name index input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.CodeException constructors now throw ClassFormatException on invalid input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.ConstantInvokeDynamic.ConstantInvokeDynamic(DataInput).</action> <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.ConstantValue constructors now throw ClassFormatException on invalid length input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.Deprecated constructors now throw ClassFormatException on invalid length input.</action> <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.EnclosingMethod constructors now throw ClassFormatException on invalid length, class index, or method index input.</action> - <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.Synthetic constructors now throw ClassFormatException on invalid length input.</action> - <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.Signature constructors now throw ClassFormatException on invalid length input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.ExceptionTable constructors now throw ClassFormatException on invalid input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.InnerClasses constructors now throw ClassFormatException on invalid input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.LineNumber constructors now throw ClassFormatException on invalid input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.LocalVariable constructors now throw ClassFormatException on invalid input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.LocalVariableTable constructors now throw ClassFormatException on invalid input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.LocalVariableTypeTable constructors now throw ClassFormatException on invalid input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.ModuleMainClass constructors now throw ClassFormatException on invalid input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.ModulePackages constructors now throw ClassFormatException on invalid input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.NestHost constructors now throw ClassFormatException on invalid input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.NestMembers constructors now throw ClassFormatException on invalid input.</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.Signature constructors now throw ClassFormatException on invalid input.</action> <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.SourceFile constructors now throw ClassFormatException on invalid input.</action> - <action type="fix" dev="ggregory" due-to="Gary Gregory">InstructionConstants.ALOAD_0 value is wrong (regression from 6.6.0).</action> - <action type="fix" dev="ggregory" due-to="Gary Gregory">InstructionConstants.DCONST_0 value is wrong (regression from 6.6.0).</action> - <action type="fix" dev="ggregory" due-to="Gary Gregory">Avoid internal NPE in org.apache.bcel.util.ClassPath.getInputStream(String, String).</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.StackMap constructors now throw ClassFormatException on invalid input.</action> <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.StackMapEntry.StackMapEntry(DataInput, ConstantPool) reads signed instead of unsigned shorts from its DataInput.</action> <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.StackMapType.StackMapType(DataInput, ConstantPool) reads signed instead of unsigned shorts from its DataInput.</action> - <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.ConstantInvokeDynamic.ConstantInvokeDynamic(DataInput).</action> + <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.Synthetic constructors now throw ClassFormatException on invalid length input.</action> <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.util.ClassPath hashCode() and equals() don't match.</action> - <action type="fix" dev="markt" due-to="OSS-Fuzz">org.apache.bcel.classfile.StackMapType constructors now throw ClassFormatException on invalid input.</action> + <action type="fix" dev="ggregory" due-to="Mark Roberts, Gary Gregory">Fix code duplication in org.apache.bcel.verifier.structurals.ExceptionHandlers.ExceptionHandlers(MethodGen).</action> + <action type="fix" dev="ggregory" due-to="Sam Ng, Gary Gregory">Improve test coverage to bcel/generic and UtilityTest #162.</action> <action type="fix" dev="ggregory" due-to="nbauma109, Gary Gregory">Code coverage and bug fixes for bcelifier #171.</action> + <action type="fix" dev="ggregory" due-to="nbauma109, Gary Gregory">Code coverage and unit tests on the verifier #166.</action> + <action type="fix" dev="ggregory" due-to="nbauma109, Gary Gregory">Typo in SimpleElementValue error message #161.</action> <action type="fix" dev="markt" due-to="Mark Thomas, Gary Gregory">org.apache.bcel.classfile.Attribute constructors now throw ClassFormatException on invalid length input.</action> - <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.CodeException constructors now throw ClassFormatException on invalid input.</action> - <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.ExceptionTable constructors now throw ClassFormatException on invalid input.</action> - <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.InnerClasses constructors now throw ClassFormatException on invalid input.</action> - <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.LineNumber constructors now throw ClassFormatException on invalid input.</action> - <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.LocalVariable constructors now throw ClassFormatException on invalid input.</action> + <action type="fix" dev="markt" due-to="OSS-Fuzz">References to constant pool entries that are not of the expected type should throw ClassFormatException, not ClassCastException.</action> + <action type="fix" dev="markt" due-to="OSS-Fuzz">When parsing an invalid class, ensure ClassParser.parse() throws ClassFormatException, not IllegalArgumentException.</action> + <action type="fix" dev="markt" due-to="OSS-Fuzz">org.apache.bcel.classfile.Code constructors now throw ClassFormatException on invalid input.</action> + <action type="fix" dev="markt" due-to="OSS-Fuzz">org.apache.bcel.classfile.StackMapType constructors now throw ClassFormatException on invalid input.</action> <!-- UPDATE --> + <action type="fix" dev="markt" due-to="OSS-Fuzz">When parsing class files, limit arrays to no more than 255 dimensions as per section 4.4.1 of the JVM specification</action> + <!-- UPDATE --> <action type="update" dev="ggregory" due-to="Gary Gregory">Bump spotbugs-maven-plugin from 4.7.2.2 to 4.7.3.0 #167.</action> <action type="update" dev="ggregory" due-to="Dependabot">Bump jmh.version from 1.35 to 1.36 #170.</action> </release>
