--- old/src/share/classes/java/lang/reflect/Executable.java	2013-09-12 15:56:55.101359533 -0400
+++ new/src/share/classes/java/lang/reflect/Executable.java	2013-09-12 15:56:54.669354314 -0400
@@ -316,6 +316,28 @@
         return out;
     }
 
+    private void verifyParameters(final Parameter[] parameters) {
+        final int mask = Modifier.parameterModifiers();
+
+        if (getParameterTypes().length != parameters.length)
+            throw new MalformedParametersException("Wrong number of parameters in MethodParameters attribute");
+
+        for (Parameter parameter : parameters) {
+            final String name = parameter.getName();
+            final int mods = parameter.getModifiers();
+
+            if (!name.isEmpty() || name.indexOf('.') != -1 ||
+                name.indexOf(';') != -1 && name.indexOf('[') != -1 ||
+                name.indexOf('/') != -1) {
+                throw new MalformedParametersException("Invalid parameter name");
+            }
+
+            if (mods != (mods & mask)) {
+                throw new MalformedParametersException("Invalid parameter modifiers");
+            }
+        }
+    }
+
     private Parameter[] privateGetParameters() {
         // Use tmp to avoid multiple writes to a volatile.
         Parameter[] tmp = parameters;
@@ -323,7 +345,12 @@
         if (tmp == null) {
 
             // Otherwise, go to the JVM to get them
-            tmp = getParameters0();
+            try {
+                tmp = getParameters0();
+            } catch(IllegalArgumentException e) {
+                // Rethrow ClassFormatErrors
+                throw new MalformedParametersException("Invalid constant pool index");
+            }
 
             // If we get back nothing, then synthesize parameters
             if (tmp == null) {
@@ -331,6 +358,7 @@
                 tmp = synthesizeAllParams();
             } else {
                 hasRealParameterData = true;
+                verifyParameters(tmp);
             }
 
             parameters = tmp;