[jira] [Commented] (BCEL-313) ClassFormatException: Invalid signature: Ljava/lang/String)V in Verifier Pass 3A

Wed, 16 Mar 2022 09:25:09 -0700 


    [ 
https://issues.apache.org/jira/browse/BCEL-313?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17507710#comment-17507710
 ] 

Mark Roberts commented on BCEL-313:
-----------------------------------

Fixed with https://github.com/apache/commons-bcel/pull/117

> ClassFormatException: Invalid signature: Ljava/lang/String)V in Verifier Pass 
> 3A
> --------------------------------------------------------------------------------
>
>                 Key: BCEL-313
>                 URL: https://issues.apache.org/jira/browse/BCEL-313
>             Project: Commons BCEL
>          Issue Type: Bug
>          Components: Verifier
>    Affects Versions: 6.2
>            Reporter: Rohan Padhye
>            Priority: Major
>         Attachments: Hello.class
>
>
> h1.  
> Verifier pass 3A throws an unchecked ClassFormatException when presented with 
> malformed input instead of returning a VERIFIER_REJECTED.
> h1. Steps to reproduce:
>  
> Save the attached file as "Hello.class" and run:
> java -cp <classpath> org.apache.bcel.verifier.Verifier Hello
>  
> The file Hello.class was generated automatically by the fuzzer JQF 
> ([https://github.com/rohanpadhye/jqf]).
> h2. Expected output:
> VERIFIED_REJECTED
> h2. Observed output:
> JustIce by Enver Haase, (C) 2001-2002.
> <http://bcel.sourceforge.net>
> <http://commons.apache.org/bcel>
> Now verifying: Hello
>  
> Pass 1:
> VERIFIED_OK
> Passed verification.
>  
> Pass 2:
> VERIFIED_OK
> Passed verification.
>  
> Pass 3a, method number 0 ['public void <init>()']:
> VERIFIED_OK
> Passed verification.
>  
> Pass 3b, method number 0 ['public void <init>()']:
> VERIFIED_OK
> Passed verification.
>  
> Exception in thread "main" org.apache.bcel.classfile.ClassFormatException: 
> Invalid signature: Ljava/lang/String)V
>  at org.apache.bcel.classfile.Utility.signatureToString(Utility.java:850)
>  at org.apache.bcel.generic.Type.getType(Type.java:217)
>  at org.apache.bcel.generic.Type.getArgumentTypes(Type.java:256)
>  at 
> org.apache.bcel.generic.InvokeInstruction.getArgumentTypes(InvokeInstruction.java:134)
>  at 
> org.apache.bcel.verifier.statics.Pass3aVerifier$InstOperandConstraintVisitor.visitInvokeInstruction(Pass3aVerifier.java:721)
>  at org.apache.bcel.generic.INVOKEVIRTUAL.accept(INVOKEVIRTUAL.java:88)
>  at 
> org.apache.bcel.generic.InstructionHandle.accept(InstructionHandle.java:302)
>  at 
> org.apache.bcel.verifier.statics.Pass3aVerifier.pass3StaticInstructionOperandsChecks(Pass3aVerifier.java:443)
>  at 
> org.apache.bcel.verifier.statics.Pass3aVerifier.do_verify(Pass3aVerifier.java:208)
>  at org.apache.bcel.verifier.PassVerifier.verify(PassVerifier.java:71)
>  at org.apache.bcel.verifier.Verifier.doPass3a(Verifier.java:89)
>  at org.apache.bcel.verifier.Verifier.main(Verifier.java:216)



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Reply via email to