You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Gary D. Gregory (Jira)" <ji...@apache.org> on 2023/06/17 18:18:00 UTC

[jira] [Resolved] (BCEL-307) ClassFormatException thrown in Pass 3A verification

     [ https://issues.apache.org/jira/browse/BCEL-307?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Gary D. Gregory resolved BCEL-307.
----------------------------------
    Fix Version/s: 6.8.0
       Resolution: Fixed

> ClassFormatException thrown in Pass 3A verification
> ---------------------------------------------------
>
>                 Key: BCEL-307
>                 URL: https://issues.apache.org/jira/browse/BCEL-307
>             Project: Commons BCEL
>          Issue Type: Bug
>          Components: Verifier
>    Affects Versions: 6.2
>            Reporter: Rohan Padhye
>            Priority: Major
>             Fix For: 6.8.0
>
>         Attachments: A.class
>
>
> The verifier throws a ClassFormatException during Pass 3A verification of a malformed class file even though Pass 1 and Pass 2 have completed successfully.
> Note that the input class file is indeed malformed, however the verifier should ideally just return a verification result of REJECTED instead of throwing an unchecked run-time exception.
> h1. Steps to reproduce:
>  
> Save the attached file as "example/A.class" and run:
> java -cp <classpath> org.apache.bcel.verifier.Verifier example.A
>  
> The file A.class was generated automatically by the fuzzer JQF ([https://github.com/rohanpadhye/jqf]).
> h2. Expected output:
> VERIFIED_REJECTED
> h2. Observed output:
> JustIce by Enver Haase, (C) 2001-2002.
> <http://bcel.sourceforge.net>
> <http://commons.apache.org/bcel>
>  
> Now verifying: example.A
>  
> Pass 1:
> VERIFIED_OK
> Passed verification.
>  
> Pass 2:
> VERIFIED_OK
> Passed verification.
>  
> Exception in thread "main" org.apache.bcel.classfile.ClassFormatException: Expected class `CONSTANT_InvokeDynamic' at index 14 and got CONSTANT_Methodref[10](class_index = 13, name_and_type_index = 11)
>  at org.apache.bcel.classfile.ConstantPool.getConstant(ConstantPool.java:261)
>  at org.apache.bcel.classfile.ConstantPool.constantToString(ConstantPool.java:207)
>  at org.apache.bcel.classfile.Utility.codeToString(Utility.java:373)
>  at org.apache.bcel.classfile.Utility.codeToString(Utility.java:157)
>  at org.apache.bcel.classfile.Code.toString(Code.java:306)
>  at org.apache.bcel.classfile.Code.toString(Code.java:328)
>  at java.lang.String.valueOf(String.java:2994)
>  at java.lang.StringBuilder.append(StringBuilder.java:131)
>  at org.apache.bcel.verifier.statics.Pass3aVerifier.delayedPass2Checks(Pass3aVerifier.java:289)
>  at org.apache.bcel.verifier.statics.Pass3aVerifier.do_verify(Pass3aVerifier.java:200)
>  at org.apache.bcel.verifier.PassVerifier.verify(PassVerifier.java:71)
>  at org.apache.bcel.verifier.Verifier.doPass3a(Verifier.java:89)
>  at org.apache.bcel.verifier.Verifier.main(Verifier.java:216)
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)