[jira] [Created] (BCEL-359) ClassGenException in Pass3aVerifier

Fri, 03 Sep 2021 09:58:04 -0700 

James Kukucka created BCEL-359:
----------------------------------

             Summary: ClassGenException in Pass3aVerifier
                 Key: BCEL-359
                 URL: https://issues.apache.org/jira/browse/BCEL-359
             Project: Commons BCEL
          Issue Type: Bug
          Components: Verifier
    Affects Versions: 6.5.0
         Environment: 
{code:java}
public class ParserTest {


    public void testWithInputStream(InputStream inputStream) throws IOException 
{
        JavaClass clazz;
        try {
            clazz = new ClassParser(inputStream, "Hello.class").parse();
        } catch (ClassFormatException e) {
            // ClassFormatException thrown by the parser is just invalid input
            Assume.assumeNoException(e);
            return;
        }

        // Any non-IOException thrown here should be marked a failure
        // (including ClassFormatException)
        verifyJavaClass(clazz);
    }



    private void verifyJavaClass( JavaClass javaClass) throws IOException {
        try {
            Repository.addClass(javaClass);
            Verifier verifier = 
StatelessVerifierFactory.getVerifier(javaClass.getClassName());
            VerificationResult result;
            result = verifier.doPass1();
            assumeThat(result.getMessage(), result.getStatus(), 
is(VerificationResult.VERIFIED_OK));
            result = verifier.doPass2();
            assumeThat(result.getMessage(), result.getStatus(), 
is(VerificationResult.VERIFIED_OK));
            for (int i = 0; i < javaClass.getMethods().length; i++) {
                result = verifier.doPass3a(i);
                assumeThat(result.getMessage(), result.getStatus(), 
is(VerificationResult.VERIFIED_OK));
            }
        } finally {
            Repository.clearCache();
        }
    }

    public static void main(String[] args) throws IOException {
        ParserTest pt = new ParserTest();
        FileInputStream fis = new FileInputStream(new 
File("/home/jamesk/bcel_bugs/classgen.input"));
        pt.testWithInputStream(fis);
    }

}
{code}

            Reporter: James Kukucka
         Attachments: classgen.input

Found while conducting fuzzing research. ClassGenException within 
Pass3aVerifier. 

{code:java}
Exception in thread "main" org.apache.bcel.generic.ClassGenException: 
org.apache.bcel.generic.ArrayType [[Ljava/util/List; does not represent an 
ObjectType
        at 
org.apache.bcel.generic.FieldOrMethod.getLoadClassType(FieldOrMethod.java:138)
        at 
org.apache.bcel.verifier.statics.Pass3aVerifier$InstOperandConstraintVisitor.visitLoadClass(Pass3aVerifier.java:521)
        at org.apache.bcel.generic.INVOKESPECIAL.accept(INVOKESPECIAL.java:85)
        at 
org.apache.bcel.generic.InstructionHandle.accept(InstructionHandle.java:293)
        at 
org.apache.bcel.verifier.statics.Pass3aVerifier.pass3StaticInstructionOperandsChecks(Pass3aVerifier.java:443)
        at 
org.apache.bcel.verifier.statics.Pass3aVerifier.do_verify(Pass3aVerifier.java:208)
        at org.apache.bcel.verifier.PassVerifier.verify(PassVerifier.java:70)
        at org.apache.bcel.verifier.Verifier.doPass3a(Verifier.java:88)
{code}




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to