Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/langtools/tools/javap/BadAttributeLength.java
41144 views
1
/*

2
 * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
/*

25
 * @test

26
 * @bug 8047072

27
 * @summary javap OOM on fuzzed classfile

28
 * @modules jdk.jdeps/com.sun.tools.javap

29
 * @run main BadAttributeLength

30
 */

31


32


33
import java.io.*;

34


35
public class BadAttributeLength {

36


37
    public static String source = "public class Test {\n" +

38
                                  "    public static void main(String[] args) {}\n" +

39
                                  "}";

40


41
    public static void main(String[] args) throws Exception {

42
        final File sourceFile = new File("Test.java");

43
        if (sourceFile.exists()) {

44
            if (!sourceFile.delete()) {

45
                throw new IOException("Can't override the Test.java file. " +

46
                        "Check permissions.");

47
            }

48
        }

49
        try (FileWriter fw = new FileWriter(sourceFile)) {

50
            fw.write(source);

51
        }

52


53
        final String[] javacOpts = {"Test.java"};

54


55
        if (com.sun.tools.javac.Main.compile(javacOpts) != 0) {

56
            throw new Exception("Can't compile embedded test.");

57
        }

58


59
        RandomAccessFile raf = new RandomAccessFile("Test.class", "rw");

60
        long attPos = getFirstAttributePos(raf);

61
        if (attPos < 0) {

62
            throw new Exception("The class file contains no attributes at all.");

63
        }

64
        raf.seek(attPos + 2); // Jump to the attribute length

65
        raf.writeInt(Integer.MAX_VALUE - 1);

66
        raf.close();

67


68
        String[] opts = { "-v", "Test.class" };

69
        StringWriter sw = new StringWriter();

70
        PrintWriter pout = new PrintWriter(sw);

71


72
        com.sun.tools.javap.Main.run(opts, pout);

73
        pout.flush();

74


75
        if (sw.getBuffer().indexOf("OutOfMemoryError") != -1) {

76
            throw new Exception("javap exited with OutOfMemoryError " +

77
                    "instead of giving the proper error message.");

78
        }

79
    }

80


81
    private static long getFirstAttributePos(RandomAccessFile cfile) throws Exception {

82
        cfile.seek(0);

83
        int v1, v2;

84
        v1 = cfile.readInt();

85
        // System.out.println("Magic: " + String.format("%X", v1));

86


87
        v1 = cfile.readUnsignedShort();

88
        v2 = cfile.readUnsignedShort();

89
        // System.out.println("Version: " + String.format("%d.%d", v1, v2));

90


91
        v1 = cfile.readUnsignedShort();

92
        // System.out.println("CPool size: " + v1);

93
        // Exhaust the constant pool

94
        for (; v1 > 1; v1--) {

95
            // System.out.print(".");

96
            byte tag = cfile.readByte();

97
            switch (tag) {

98
                case 7  : // Class

99
                case 8  : // String

100
                    // Data is 2 bytes long

101
                    cfile.skipBytes(2);

102
                    break;

103
                case 3  : // Integer

104
                case 4  : // Float

105
                case 9  : // FieldRef

106
                case 10 : // MethodRef

107
                case 11 : // InterfaceMethodRef

108
                case 12 : // Name and Type

109
                    // Data is 4 bytes long

110
                    cfile.skipBytes(4);

111
                    break;

112
                case 5  : // Long

113
                case 6  : // Double

114
                    // Data is 8 bytes long

115
                    cfile.skipBytes(8);

116
                    break;

117
                case 1  : // Utf8

118
                    v2 = cfile.readUnsignedShort(); // Read buffer size

119
                    cfile.skipBytes(v2); // Skip buffer

120
                    break;

121
                default :

122
                    throw new Exception("Unexpected tag in CPool: [" + tag + "] at "

123
                            + Long.toHexString(cfile.getFilePointer()));

124
            }

125
        }

126
        // System.out.println();

127


128
        cfile.skipBytes(6); // Access flags, this_class and super_class

129
        v1 = cfile.readUnsignedShort(); // Number of interfaces

130
        // System.out.println("Interfaces: " + v1);

131
        cfile.skipBytes(3 * v1); // Each interface_info record is 3 bytes long

132
        v1 = cfile.readUnsignedShort(); // Number of fields

133
        // System.out.println("Fields: " + v1);

134
        // Exhaust the fields table

135
        for (; v1 > 0; v1--) {

136
            // System.out.print(".");

137
            cfile.skipBytes(6); // Skip access_flags, name_index and descriptor_index

138
            v2 = cfile.readUnsignedShort(); // Field attributes count

139
            if (v2 > 0) {

140
                // This field has some attributes - suits our needs

141
                // System.out.println();

142
                return cfile.getFilePointer();

143
            }

144
        }

145
        // System.out.println();

146
        v1 = cfile.readUnsignedShort(); // Number of methods

147
        // System.out.println("Methods: " + v1);

148
        // Exhaust the methods table

149
        for (; v1 > 0; v1--) {

150
            // System.out.print(".");

151
            cfile.skipBytes(6); // Skip access_flags, name_index and descriptor_index

152
            v2 = cfile.readUnsignedShort(); // Method attributes count

153
            if (v2 > 0) {

154
                // This method got attributes - Ok with us,

155
                // return position of the first one

156
                // System.out.println();

157
                return cfile.getFilePointer();

158
            }

159
        }

160
        // System.out.println();

161
        // Class attributes section

162
        v1 = cfile.readUnsignedShort(); // Counts of attributes in class

163
        if (v1 > 0) {

164
            // Class has some attributes, return position of the first one

165
            return cfile.getFilePointer();

166
        }

167
        // Bummer! No attributes in the entire class file. Not fair!

168
        return -1L;

169
    }

170
}

171


172