Rohan Padhye created BCEL-310:
---------------------------------
Summary: ArrayIndexOutOfBounds in Verifier Pass 3A
Key: BCEL-310
URL: https://issues.apache.org/jira/browse/BCEL-310
Project: Commons BCEL
Issue Type: Bug
Components: Verifier
Affects Versions: 6.2
Reporter: Rohan Padhye
Attachments: Hello.class
Verifier throws OOB on malformed input instead of reporting verification
failure.
h1. Steps to reproduce:
Save the attached file as "Hello.class" and run:
java -cp <classpath> org.apache.bcel.verifier.Verifier Hello
The file Hello.class was generated automatically by the fuzzer JQF
([https://github.com/rohanpadhye/jqf]).
h2. Expected output:
VERIFIED_REJECTED
h2. Observed output:
JustIce by Enver Haase, (C) 2001-2002.
<http://bcel.sourceforge.net>
<http://commons.apache.org/bcel>
Now verifying: Hello
Pass 1:
VERIFIED_OK
Passed verification.
Pass 2:
VERIFIED_OK
Passed verification.
Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: -73
at org.apache.bcel.Const.getTypeName(Const.java:1799)
at org.apache.bcel.generic.NEWARRAY.toString(NEWARRAY.java:90)
at org.apache.bcel.generic.Instruction.toString(Instruction.java:101)
at java.lang.String.valueOf(String.java:2994)
at java.lang.StringBuilder.append(StringBuilder.java:131)
at
org.apache.bcel.verifier.statics.Pass3aVerifier$InstOperandConstraintVisitor.constraintViolated(Pass3aVerifier.java:499)
at
org.apache.bcel.verifier.statics.Pass3aVerifier$InstOperandConstraintVisitor.visitNEWARRAY(Pass3aVerifier.java:835)
at org.apache.bcel.generic.NEWARRAY.accept(NEWARRAY.java:125)
at org.apache.bcel.generic.InstructionHandle.accept(InstructionHandle.java:302)
at
org.apache.bcel.verifier.statics.Pass3aVerifier.pass3StaticInstructionOperandsChecks(Pass3aVerifier.java:443)
at
org.apache.bcel.verifier.statics.Pass3aVerifier.do_verify(Pass3aVerifier.java:208)
at org.apache.bcel.verifier.PassVerifier.verify(PassVerifier.java:71)
at org.apache.bcel.verifier.Verifier.doPass3a(Verifier.java:8
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
