You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by gg...@apache.org on 2022/11/22 12:52:45 UTC
[commons-bcel] 11/11: Merge branch 'master' of https://gitbox.apache.org/repos/asf/commons-bcel.git
This is an automated email from the ASF dual-hosted git repository.
ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-bcel.git
commit e8c4bfbe0a00dc2c6b7d639c3880ca0d7faafbe4
Merge: f9e50479 7b5ac741
Author: Gary David Gregory (Code signing key) <gg...@apache.org>
AuthorDate: Tue Nov 22 07:52:29 2022 -0500
Merge branch 'master' of
https://gitbox.apache.org/repos/asf/commons-bcel.git
src/changes/changes.xml | 2 ++
.../java/org/apache/bcel/classfile/ElementValue.java | 12 +++++++++++-
src/test/java/org/apache/bcel/OssFuzzTestCase.java | 5 +++++
src/test/resources/ossfuzz/issue53620/Test.class | Bin 0 -> 227530 bytes
4 files changed, 18 insertions(+), 1 deletion(-)
diff --cc src/changes/changes.xml
index 6825dc62,ecd81f27..8bed5637
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@@ -75,42 -75,37 +75,44 @@@ The <action> type attribute can be add,
<action type="add" dev="ggregory" due-to="nbauma109, Gary Gregory">Add org.apache.bcel.classfile.JavaClass.getSourceFilePath().</action>
<action type="add" dev="ggregory" due-to="nbauma109, Gary Gregory">Add org.apache.bcel.generic.PUSH.PUSH(ConstantPoolGen, ArrayType).</action>
<!-- FIX -->
- <action type="fix" dev="ggregory" due-to="nbauma109, Gary Gregory">Typo in SimpleElementValue error message #161.</action>
- <action type="fix" dev="ggregory" due-to="Mark Roberts, Gary Gregory">Fix code duplication in org.apache.bcel.verifier.structurals.ExceptionHandlers.ExceptionHandlers(MethodGen).</action>
- <action type="fix" dev="ggregory" due-to="Sam Ng, Gary Gregory">Improve test coverage to bcel/generic and UtilityTest #162.</action>
- <action type="fix" dev="ggregory" due-to="nbauma109, Gary Gregory">Code coverage and unit tests on the verifier #166.</action>
- <action type="fix" dev="markt" due-to="OSS-Fuzz">References to constant pool entries that are not of the expected type should throw ClassFormatException, not ClassCastException.</action>
- <action type="fix" dev="markt" due-to="OSS-Fuzz">When parsing an invalid class, ensure ClassParser.parse() throws ClassFormatException, not IllegalArgumentException.</action>
- <action type="fix" dev="markt" due-to="OSS-Fuzz">org.apache.bcel.classfile.Code constructors now throw ClassFormatException on invalid input.</action>
- <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.Deprecated constructors now throw ClassFormatException on invalid length input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">Avoid internal NPE in org.apache.bcel.util.ClassPath.getInputStream(String, String).</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">InstructionConstants.ALOAD_0 value is wrong (regression from 6.6.0).</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">InstructionConstants.DCONST_0 value is wrong (regression from 6.6.0).</action>
<action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.Attribute constructors now throw ClassFormatException on invalid name index input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.CodeException constructors now throw ClassFormatException on invalid input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.ConstantInvokeDynamic.ConstantInvokeDynamic(DataInput).</action>
<action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.ConstantValue constructors now throw ClassFormatException on invalid length input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.Deprecated constructors now throw ClassFormatException on invalid length input.</action>
<action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.EnclosingMethod constructors now throw ClassFormatException on invalid length, class index, or method index input.</action>
- <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.Synthetic constructors now throw ClassFormatException on invalid length input.</action>
- <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.Signature constructors now throw ClassFormatException on invalid length input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.ExceptionTable constructors now throw ClassFormatException on invalid input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.InnerClasses constructors now throw ClassFormatException on invalid input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.LineNumber constructors now throw ClassFormatException on invalid input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.LocalVariable constructors now throw ClassFormatException on invalid input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.LocalVariableTable constructors now throw ClassFormatException on invalid input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.LocalVariableTypeTable constructors now throw ClassFormatException on invalid input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.ModuleMainClass constructors now throw ClassFormatException on invalid input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.ModulePackages constructors now throw ClassFormatException on invalid input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.NestHost constructors now throw ClassFormatException on invalid input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.NestMembers constructors now throw ClassFormatException on invalid input.</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.Signature constructors now throw ClassFormatException on invalid input.</action>
<action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.SourceFile constructors now throw ClassFormatException on invalid input.</action>
- <action type="fix" dev="ggregory" due-to="Gary Gregory">InstructionConstants.ALOAD_0 value is wrong (regression from 6.6.0).</action>
- <action type="fix" dev="ggregory" due-to="Gary Gregory">InstructionConstants.DCONST_0 value is wrong (regression from 6.6.0).</action>
- <action type="fix" dev="ggregory" due-to="Gary Gregory">Avoid internal NPE in org.apache.bcel.util.ClassPath.getInputStream(String, String).</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.StackMap constructors now throw ClassFormatException on invalid input.</action>
<action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.StackMapEntry.StackMapEntry(DataInput, ConstantPool) reads signed instead of unsigned shorts from its DataInput.</action>
<action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.StackMapType.StackMapType(DataInput, ConstantPool) reads signed instead of unsigned shorts from its DataInput.</action>
- <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.ConstantInvokeDynamic.ConstantInvokeDynamic(DataInput).</action>
+ <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.Synthetic constructors now throw ClassFormatException on invalid length input.</action>
<action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.util.ClassPath hashCode() and equals() don't match.</action>
- <action type="fix" dev="markt" due-to="OSS-Fuzz">org.apache.bcel.classfile.StackMapType constructors now throw ClassFormatException on invalid input.</action>
+ <action type="fix" dev="ggregory" due-to="Mark Roberts, Gary Gregory">Fix code duplication in org.apache.bcel.verifier.structurals.ExceptionHandlers.ExceptionHandlers(MethodGen).</action>
+ <action type="fix" dev="ggregory" due-to="Sam Ng, Gary Gregory">Improve test coverage to bcel/generic and UtilityTest #162.</action>
<action type="fix" dev="ggregory" due-to="nbauma109, Gary Gregory">Code coverage and bug fixes for bcelifier #171.</action>
+ <action type="fix" dev="ggregory" due-to="nbauma109, Gary Gregory">Code coverage and unit tests on the verifier #166.</action>
+ <action type="fix" dev="ggregory" due-to="nbauma109, Gary Gregory">Typo in SimpleElementValue error message #161.</action>
<action type="fix" dev="markt" due-to="Mark Thomas, Gary Gregory">org.apache.bcel.classfile.Attribute constructors now throw ClassFormatException on invalid length input.</action>
- <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.CodeException constructors now throw ClassFormatException on invalid input.</action>
- <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.ExceptionTable constructors now throw ClassFormatException on invalid input.</action>
- <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.InnerClasses constructors now throw ClassFormatException on invalid input.</action>
- <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.LineNumber constructors now throw ClassFormatException on invalid input.</action>
- <action type="fix" dev="ggregory" due-to="Gary Gregory">org.apache.bcel.classfile.LocalVariable constructors now throw ClassFormatException on invalid input.</action>
+ <action type="fix" dev="markt" due-to="OSS-Fuzz">References to constant pool entries that are not of the expected type should throw ClassFormatException, not ClassCastException.</action>
+ <action type="fix" dev="markt" due-to="OSS-Fuzz">When parsing an invalid class, ensure ClassParser.parse() throws ClassFormatException, not IllegalArgumentException.</action>
+ <action type="fix" dev="markt" due-to="OSS-Fuzz">org.apache.bcel.classfile.Code constructors now throw ClassFormatException on invalid input.</action>
+ <action type="fix" dev="markt" due-to="OSS-Fuzz">org.apache.bcel.classfile.StackMapType constructors now throw ClassFormatException on invalid input.</action> <!-- UPDATE -->
+ <action type="fix" dev="markt" due-to="OSS-Fuzz">When parsing class files, limit arrays to no more than 255 dimensions as per section 4.4.1 of the JVM specification</action>
+ <!-- UPDATE -->
<action type="update" dev="ggregory" due-to="Gary Gregory">Bump spotbugs-maven-plugin from 4.7.2.2 to 4.7.3.0 #167.</action>
<action type="update" dev="ggregory" due-to="Dependabot">Bump jmh.version from 1.35 to 1.36 #170.</action>
</release>