James Kukucka created BCEL-357:
----------------------------------
Summary: StringIndexOutOfBoundsException when Verifying Java
Method Name in Pass2Verifier
Key: BCEL-357
URL: https://issues.apache.org/jira/browse/BCEL-357
Project: Commons BCEL
Issue Type: Bug
Components: Verifier
Affects Versions: 6.5.0
Environment: {code:java}
public class ParserTest {
public void testWithInputStream(InputStream inputStream) throws IOException
{
JavaClass clazz;
try {
clazz = new ClassParser(inputStream, "Hello.class").parse();
} catch (ClassFormatException e) {
// ClassFormatException thrown by the parser is just invalid input
Assume.assumeNoException(e);
return;
}
// Any non-IOException thrown here should be marked a failure
// (including ClassFormatException)
verifyJavaClass(clazz);
}
private void verifyJavaClass( JavaClass javaClass) throws IOException {
try {
Repository.addClass(javaClass);
Verifier verifier =
StatelessVerifierFactory.getVerifier(javaClass.getClassName());
VerificationResult result;
result = verifier.doPass1();
assumeThat(result.getMessage(), result.getStatus(),
is(VerificationResult.VERIFIED_OK));
result = verifier.doPass2();
assumeThat(result.getMessage(), result.getStatus(),
is(VerificationResult.VERIFIED_OK));
for (int i = 0; i < javaClass.getMethods().length; i++) {
result = verifier.doPass3a(i);
assumeThat(result.getMessage(), result.getStatus(),
is(VerificationResult.VERIFIED_OK));
}
} finally {
Repository.clearCache();
}
}
public static void main(String[] args) throws IOException {
ParserTest pt = new ParserTest();
FileInputStream fis = new FileInputStream(new
File("/home/jamesk/bcel_bugs/str_index.input"));
pt.testWithInputStream(fis);
}
}
{code}
Reporter: James Kukucka
Attachments: str_index.input
StringIndexOutOfBoundsException found during fuzzing research. Attaching file
that triggred the Exception.
Stack trace:
{code:java}
Exception in thread "main" java.lang.StringIndexOutOfBoundsException: String
index out of range: 0
at java.lang.String.charAt(String.java:658)
at
org.apache.bcel.verifier.statics.Pass2Verifier.validJavaLangMethodName(Pass2Verifier.java:1458)
at
org.apache.bcel.verifier.statics.Pass2Verifier.validMethodName(Pass2Verifier.java:1432)
at
org.apache.bcel.verifier.statics.Pass2Verifier.validClassMethodName(Pass2Verifier.java:1448)
at
org.apache.bcel.verifier.statics.Pass2Verifier.access$900(Pass2Verifier.java:85)
at
org.apache.bcel.verifier.statics.Pass2Verifier$FAMRAV_Visitor.visitConstantMethodref(Pass2Verifier.java:1350)
at
org.apache.bcel.classfile.ConstantMethodref.accept(ConstantMethodref.java:68)
at
org.apache.bcel.classfile.DescendingVisitor.visitConstantMethodref(DescendingVisitor.java:347)
at
org.apache.bcel.classfile.ConstantMethodref.accept(ConstantMethodref.java:68)
at
org.apache.bcel.classfile.DescendingVisitor.visitConstantPool(DescendingVisitor.java:268)
at org.apache.bcel.classfile.ConstantPool.accept(ConstantPool.java:87)
at
org.apache.bcel.classfile.DescendingVisitor.visitJavaClass(DescendingVisitor.java:104)
at org.apache.bcel.classfile.JavaClass.accept(JavaClass.java:213)
at
org.apache.bcel.classfile.DescendingVisitor.visit(DescendingVisitor.java:84)
at
org.apache.bcel.verifier.statics.Pass2Verifier.field_and_method_refs_are_valid(Pass2Verifier.java:1290)
at
org.apache.bcel.verifier.statics.Pass2Verifier.do_verify(Pass2Verifier.java:161)
at org.apache.bcel.verifier.PassVerifier.verify(PassVerifier.java:70)
at org.apache.bcel.verifier.Verifier.doPass2(Verifier.java:75)
{code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
