[
https://issues.apache.org/jira/browse/BCEL-307?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16588361#comment-16588361
]
Rohan Padhye commented on BCEL-307:
-----------------------------------
The bug occurs when Pass 3A is attempting to internally throw a
ClassConstraintException (which if thrown properly would indeed result in the
expected VERIFICATION_REJECTED); however, the generation of the error message
for this exception itself fails when attempting to call the toString() method
on the Code attribute, leading to the uncaught ClassFormatException leaking out
of the API.
> ClassFormatException thrown in Pass 3A verification
> ---------------------------------------------------
>
> Key: BCEL-307
> URL: https://issues.apache.org/jira/browse/BCEL-307
> Project: Commons BCEL
> Issue Type: Bug
> Components: Verifier
> Affects Versions: 6.2
> Reporter: Rohan Padhye
> Priority: Major
> Attachments: A.class
>
>
> The verifier throws a ClassFormatException during Pass 3A verification of a
> malformed class file even though Pass 1 and Pass 2 have completed
> successfully.
> Note that the input class file is indeed malformed, however the verifier
> should ideally just return a verification result of REJECTED instead of
> throwing an unchecked run-time exception.
> h1. Steps to reproduce:
>
> Save the attached file as "example/A.class" and run:
> java -cp <classpath> org.apache.bcel.verifier.Verifier example.A
>
> The file A.class was generated automatically by the fuzzer JQF
> ([https://github.com/rohanpadhye/jqf]).
> h2. Expected output:
> VERIFIED_REJECTED
> h2. Observed output:
> JustIce by Enver Haase, (C) 2001-2002.
> <http://bcel.sourceforge.net>
> <http://commons.apache.org/bcel>
>
> Now verifying: example.A
>
> Pass 1:
> VERIFIED_OK
> Passed verification.
>
> Pass 2:
> VERIFIED_OK
> Passed verification.
>
> Exception in thread "main" org.apache.bcel.classfile.ClassFormatException:
> Expected class `CONSTANT_InvokeDynamic' at index 14 and got
> CONSTANT_Methodref[10](class_index = 13, name_and_type_index = 11)
> at org.apache.bcel.classfile.ConstantPool.getConstant(ConstantPool.java:261)
> at
> org.apache.bcel.classfile.ConstantPool.constantToString(ConstantPool.java:207)
> at org.apache.bcel.classfile.Utility.codeToString(Utility.java:373)
> at org.apache.bcel.classfile.Utility.codeToString(Utility.java:157)
> at org.apache.bcel.classfile.Code.toString(Code.java:306)
> at org.apache.bcel.classfile.Code.toString(Code.java:328)
> at java.lang.String.valueOf(String.java:2994)
> at java.lang.StringBuilder.append(StringBuilder.java:131)
> at
> org.apache.bcel.verifier.statics.Pass3aVerifier.delayedPass2Checks(Pass3aVerifier.java:289)
> at
> org.apache.bcel.verifier.statics.Pass3aVerifier.do_verify(Pass3aVerifier.java:200)
> at org.apache.bcel.verifier.PassVerifier.verify(PassVerifier.java:71)
> at org.apache.bcel.verifier.Verifier.doPass3a(Verifier.java:89)
> at org.apache.bcel.verifier.Verifier.main(Verifier.java:216)
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
