> In the `class` file format, a lot of the values are `u1` or `u2`; the > Class-File API consistently model them with `int`. However, the API does not, > in general, validate that int values passed to the factory methods are not > out of the bounds as defined in the class file format. This patch proposes to > add such validation for factory methods accepting such more narrow data, > prepared by examining all `int`-accepting methods in the Class-File API. > > I expect this to have a small compatibility impact - besides the -1 for the > minor version, there is no other places where most significant bits are ever > meaningful, and I special cased it and consistently fail fast for all other > OOB values, which always mean programmer errors. > > A CSR will be created soon as well.
Chen Liang has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains three commits: - Merge branch 'master' of https://github.com/openjdk/jdk into fix/cf-u2-validation - Fix style - 8361614: Missing sub-int value validation in the Class-File API ------------- Changes: https://git.openjdk.org/jdk/pull/26201/files Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=26201&range=02 Stats: 541 lines in 33 files changed: 437 ins; 57 del; 47 mod Patch: https://git.openjdk.org/jdk/pull/26201.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/26201/head:pull/26201 PR: https://git.openjdk.org/jdk/pull/26201
