[jira] [Created] (BCEL-307) ClassFormatException thrown in Pass 3A verification

Tue, 21 Aug 2018 21:06:15 -0700 

Rohan Padhye created BCEL-307:
---------------------------------

             Summary: ClassFormatException thrown in Pass 3A verification
                 Key: BCEL-307
                 URL: https://issues.apache.org/jira/browse/BCEL-307
             Project: Commons BCEL
          Issue Type: Bug
          Components: Verifier
    Affects Versions: 6.2
            Reporter: Rohan Padhye
         Attachments: A.class

The verifier throws a ClassFormatException during Pass 3A verification of a 
malformed class file even though Pass 1 and Pass 2 have completed successfully.

Note that the input class file is indeed malformed, however the verifier should 
ideally just return a verification result of REJECTED instead of throwing an 
unchecked run-time exception.
h1. Steps to reproduce:

 

Save the attached file as "example/A.class" and run:

java -cp <classpath> org.apache.bcel.verifier.Verifier example.A

 

The file A.class was generated automatically by the fuzzer JQF 
([https://github.com/rohanpadhye/jqf]).
h2. Expected output:

VERIFIED_REJECTED
h2. Observed output:

JustIce by Enver Haase, (C) 2001-2002.

<http://bcel.sourceforge.net>

<http://commons.apache.org/bcel>

 

Now verifying: example.A

 

Pass 1:

VERIFIED_OK

Passed verification.

 

Pass 2:

VERIFIED_OK

Passed verification.

 

Exception in thread "main" org.apache.bcel.classfile.ClassFormatException: 
Expected class `CONSTANT_InvokeDynamic' at index 14 and got 
CONSTANT_Methodref[10](class_index = 13, name_and_type_index = 11)

 at org.apache.bcel.classfile.ConstantPool.getConstant(ConstantPool.java:261)

 at 
org.apache.bcel.classfile.ConstantPool.constantToString(ConstantPool.java:207)

 at org.apache.bcel.classfile.Utility.codeToString(Utility.java:373)

 at org.apache.bcel.classfile.Utility.codeToString(Utility.java:157)

 at org.apache.bcel.classfile.Code.toString(Code.java:306)

 at org.apache.bcel.classfile.Code.toString(Code.java:328)

 at java.lang.String.valueOf(String.java:2994)

 at java.lang.StringBuilder.append(StringBuilder.java:131)

 at 
org.apache.bcel.verifier.statics.Pass3aVerifier.delayedPass2Checks(Pass3aVerifier.java:289)

 at 
org.apache.bcel.verifier.statics.Pass3aVerifier.do_verify(Pass3aVerifier.java:200)

 at org.apache.bcel.verifier.PassVerifier.verify(PassVerifier.java:71)

 at org.apache.bcel.verifier.Verifier.doPass3a(Verifier.java:89)

 at org.apache.bcel.verifier.Verifier.main(Verifier.java:216)

 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to