You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bcel-dev@jakarta.apache.org by bu...@apache.org on 2008/04/25 22:00:34 UTC
DO NOT REPLY [Bug 44876] New: ArrayIndexOutOfBoundsException thrown
from TABLESWITCH.initFromFile
https://issues.apache.org/bugzilla/show_bug.cgi?id=44876
Summary: ArrayIndexOutOfBoundsException thrown from
TABLESWITCH.initFromFile
Product: BCEL
Version: 5.2
Platform: PC
OS/Version: Windows XP
Status: NEW
Keywords: PatchAvailable
Severity: normal
Priority: P2
Component: Main
AssignedTo: bcel-dev@jakarta.apache.org
ReportedBy: talper@coverity.com
Created an attachment (id=21856)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=21856)
Proposed patch
BCEL throws the ArrayIndexOutOfBoundsException when trying to construct a new
org.apache.bcel.generic.MethodGen on a method containing the bytes compiled
from the following code:
switch (i) {
case Integer.MAX_VALUE:
break;
default:
b = true;
}
The method that does not handle this corner case correctly is
org.apache.bcel.generic.TABLESWITCH.initFromFile(ByteSequence, boolean).
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bcel-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: bcel-dev-help@jakarta.apache.org
DO NOT REPLY [Bug 44876] ArrayIndexOutOfBoundsException thrown from
TABLESWITCH.initFromFile
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=44876
Torsten Curdt <tc...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #3 from Torsten Curdt <tc...@apache.org> 2010-01-10 13:27:51 UTC ---
Fixed. Thx.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bcel-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: bcel-dev-help@jakarta.apache.org
DO NOT REPLY [Bug 44876] ArrayIndexOutOfBoundsException thrown from
TABLESWITCH.initFromFile
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=44876
Timothy Alper <ta...@coverity.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |NEW
--- Comment #2 from Timothy Alper <ta...@coverity.com> 2008-04-28 08:54:16 PST ---
Sorry about that, I was in a bit of a rush.
The corner case is if the low and high values (signed ints) are the same and
their value is 0x7fffffff (Integer.MAX_VALUE). This occurs only if there is one
case (aside from the default) in the switch and it happens to be MAX_VALUE.
Here's the code in BCEL that causes the problem:
for (int i = low; i <= high; i++) {
match[i - low] = i; //ArrayIndexOutOfBoundsException thrown here
}
The loop boundaries are the problem. 'i' is initialized to MAX_VALUE, then
match[0] is set correctly to MAX_VALUE, i is incremented causing overflow,
since i is still <= MAX_VALUE the loop continues. Then on the next time through
the loop (i - low) == (0x80000000 - 0x7fffffff) == 1, but match[1] is invalid
because it was initialized to have only 1 element by "match_length = high - low
+ 1" and "match = new int[match_length]".
As you can see, my patch resolves this corner case and has the added benefit of
eliminating an extra for loop.
By the way, the actual exception that finally bubbles up isn't too helpful
because the ArrayIndexOutOfBoundsException gets converted into a
ClassGenException without having the whole ArrayIndexOutOfBoundsException
wrapped. Anyway, for the sake of being complete, it looks like this:
org.apache.bcel.generic.ClassGenException:
java.lang.ArrayIndexOutOfBoundsException: 1
at
org.apache.bcel.generic.Instruction.readInstruction(Instruction.java:177)
at
org.apache.bcel.generic.InstructionList.<init>(InstructionList.java:167)
at org.apache.bcel.generic.MethodGen.<init>(MethodGen.java:164)
at ...
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bcel-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: bcel-dev-help@jakarta.apache.org
DO NOT REPLY [Bug 44876] ArrayIndexOutOfBoundsException thrown from
TABLESWITCH.initFromFile
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=44876
Torsten Curdt <tc...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |NEEDINFO
--- Comment #1 from Torsten Curdt <tc...@apache.org> 2008-04-28 06:46:04 PST ---
Could you please provide the exception or describe the corner case.
It's not exactly obvious why your patch fixes this problem.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bcel-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: bcel-dev-help@jakarta.apache.org
DO NOT REPLY [Bug 44876] ArrayIndexOutOfBoundsException thrown from
TABLESWITCH.initFromFile
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=44876
Torsten Curdt <tc...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bcel-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: bcel-dev-help@jakarta.apache.org