On Fri, 29 Aug 2025 06:45:25 GMT, Guanqiang Han <g...@openjdk.org> wrote:
>> Validate class name length immediately after GetStringUTFLength() in >> Class.forName0. This prevents potential issues caused by overly long class >> names before they reach later code that would reject them, throwing >> ClassNotFoundException early. > > Guanqiang Han has updated the pull request incrementally with one additional > commit since the last revision: > > Update Class.java > > change overflow check I recommend putting this PR on hold - 65535 encoded size for modified utf8 is significant enough for a cross-JDK utility. As @rose00 suggested, I think I will explore adding a check in ClassFile API, and sharing the check with here. ------------- PR Comment: https://git.openjdk.org/jdk/pull/26802#issuecomment-3249851989
