jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp
Print this page
rev 5678 : 7186957: Improve Pack200 data validation
Reviewed-by: jrose, jjh, mschoene
@@ -265,15 +265,17 @@
siglen += 1;
}
}
inline cpindex* cpool::getFieldIndex(entry* classRef) {
+ if (classRef == NULL) { abort("missing class reference"); return NULL; }
assert(classRef->tagMatches(CONSTANT_Class));
assert((uint)classRef->inord < (uint)tag_count[CONSTANT_Class]);
return &member_indexes[classRef->inord*2+0];
}
inline cpindex* cpool::getMethodIndex(entry* classRef) {
+ if (classRef == NULL) { abort("missing class reference"); return NULL; }
assert(classRef->tagMatches(CONSTANT_Class));
assert((uint)classRef->inord < (uint)tag_count[CONSTANT_Class]);
return &member_indexes[classRef->inord*2+1];
}
@@ -1236,10 +1238,11 @@
CHECK;
for (int i = 0; i < len; i++) {
entry& e = cpMap[i];
e.refs = U_NEW(entry*, e.nrefs = 2);
e.refs[0] = cp_band1.getRef();
+ CHECK;
e.refs[1] = cp_band2.getRef();
CHECK;
}
//cp_band1.done();
//cp_band2.done();
@@ -1961,10 +1964,11 @@
for (i = 0; i < attr_definition_count; i++) {
int header = attr_definition_headers.getByte();
int attrc = ADH_BYTE_CONTEXT(header);
int idx = ADH_BYTE_INDEX(header);
entry* name = attr_definition_name.getRef();
+ CHECK;
entry* layout = attr_definition_layout.getRef();
CHECK;
attr_defs[attrc].defineLayout(idx, name, layout->value.b.strval());
}
}
@@ -2065,11 +2069,13 @@
ic_name.readData(long_forms);
for (i = 0; i < ic_count; i++) {
if (ics[i].name == NO_ENTRY_YET) {
// Long form.
ics[i].outer = ic_outer_class.getRefN();
+ CHECK;
ics[i].name = ic_name.getRefN();
+ CHECK;
} else {
// Fill in outer and name based on inner.
bytes& n = ics[i].inner->value.b;
bytes pkgOuter;
bytes number;
@@ -2581,10 +2587,11 @@
assert(le_kind == EK_REF);
if (b.ixTag == CONSTANT_Literal)
e = b.getRefUsing(cp.getKQIndex());
else
e = b.getRefN();
+ CHECK;
switch (b.le_len) {
case 0: break;
case 1: putu1ref(e); break;
case 2: putref(e); break;
case 4: putu2(0); putref(e); break;
@@ -2962,11 +2969,11 @@
code_count));
}
void unpacker::read_bands() {
byte* rp0 = rp;
-
+ CHECK;
read_file_header();
CHECK;
if (cp.nentries == 0) {
// read_file_header failed to read a CP, because it copied a JAR.
@@ -3630,14 +3637,16 @@
// Usage: unpack a byte buffer
// packptr is a reference to byte buffer containing a
// packed file and len is the length of the buffer.
// If null, the callback is used to fill an internal buffer.
void unpacker::start(void* packptr, size_t len) {
+ CHECK;
NOT_PRODUCT(debug_u = this);
if (packptr != null && len != 0) {
inbytes.set((byte*) packptr, len);
}
+ CHECK;
read_bands();
}
void unpacker::check_options() {
const char* strue = "true";
@@ -3764,10 +3773,11 @@
bc_supermethod.setIndex(cp.getMethodIndex(superClass));
} else {
NOT_PRODUCT(bc_superfield.setIndex(null));
NOT_PRODUCT(bc_supermethod.setIndex(null));
}
+ CHECK;
for (int curIP = 0; ; curIP++) {
int curPC = (int)(wpoffset() - codeBase);
bcimap.add(curPC);
ensure_put_space(10); // covers most instrs w/o further bounds check
@@ -3877,11 +3887,12 @@
}
wp[-1] = origBC; // overwrite with origBC
int coding = bc_initref.getInt();
// Find the nth overloading of <init> in classRef.
entry* ref = null;
- cpindex* ix = (classRef == null)? null: cp.getMethodIndex(classRef);
+ cpindex* ix = cp.getMethodIndex(classRef);
+ CHECK;
for (int j = 0, which_init = 0; ; j++) {
ref = (ix == null)? null: ix->get(j);
if (ref == null) break; // oops, bad input
assert(ref->tag == CONSTANT_Methodref);
if (ref->memberDescr()->descrName() == cp.sym[cpool::s_lt_init_gt]) {
@@ -4148,10 +4159,11 @@
break;
case ADH_BYTE(ATTR_CONTEXT_CLASS, CLASS_ATTR_EnclosingMethod):
aname = cp.sym[cpool::s_EnclosingMethod];
putref(class_EnclosingMethod_RC.getRefN());
+ CHECK_0;
putref(class_EnclosingMethod_RDN.getRefN());
break;
case ADH_BYTE(ATTR_CONTEXT_FIELD, FIELD_ATTR_ConstantValue):
aname = cp.sym[cpool::s_ConstantValue];
@@ -4166,10 +4178,11 @@
case ADH_BYTE(ATTR_CONTEXT_METHOD, METHOD_ATTR_Exceptions):
aname = cp.sym[cpool::s_Exceptions];
putu2(count = method_Exceptions_N.getInt());
for (j = 0; j < count; j++) {
putref(method_Exceptions_RC.getRefN());
+ CHECK_0;
}
break;
case ADH_BYTE(ATTR_CONTEXT_CODE, CODE_ATTR_StackMapTable):
aname = cp.sym[cpool::s_StackMapTable];
@@ -4189,20 +4202,22 @@
} else if (tag <= 254) {
// (252) [(1)(2)]
// (253) [(1)(2)(2)]
// (254) [(1)(2)(2)(2)]
putu2(code_StackMapTable_offset.getInt());
+ CHECK_0;
for (int k = (tag - 251); k > 0; k--) {
put_stackmap_type();
+ CHECK_0;
}
} else {
// (255) [(1)NH[(2)]NH[(2)]]
putu2(code_StackMapTable_offset.getInt());
putu2(j2 = code_StackMapTable_local_N.getInt());
- while (j2-- > 0) put_stackmap_type();
+ while (j2-- > 0) {put_stackmap_type(); CHECK_0;}
putu2(j2 = code_StackMapTable_stack_N.getInt());
- while (j2-- > 0) put_stackmap_type();
+ while (j2-- > 0) {put_stackmap_type(); CHECK_0;}
}
}
break;
case ADH_BYTE(ATTR_CONTEXT_CODE, CODE_ATTR_LineNumberTable):
@@ -4222,11 +4237,13 @@
int bci = to_bci(bii);
putu2(bci);
bii += code_LocalVariableTable_span_O.getInt();
putu2(to_bci(bii) - bci);
putref(code_LocalVariableTable_name_RU.getRefN());
+ CHECK_0;
putref(code_LocalVariableTable_type_RS.getRefN());
+ CHECK_0;
putu2(code_LocalVariableTable_slot.getInt());
}
break;
case ADH_BYTE(ATTR_CONTEXT_CODE, CODE_ATTR_LocalVariableTypeTable):
@@ -4237,11 +4254,13 @@
int bci = to_bci(bii);
putu2(bci);
bii += code_LocalVariableTypeTable_span_O.getInt();
putu2(to_bci(bii) - bci);
putref(code_LocalVariableTypeTable_name_RU.getRefN());
+ CHECK_0;
putref(code_LocalVariableTypeTable_type_RS.getRefN());
+ CHECK_0;
putu2(code_LocalVariableTypeTable_slot.getInt());
}
break;
case ADH_BYTE(ATTR_CONTEXT_CLASS, X_ATTR_Signature):
@@ -4265,11 +4284,11 @@
aname = cp.sym[cpool::s_Deprecated];
// no data
break;
}
}
-
+ CHECK_0;
if (aname == null) {
// Unparse a compressor-defined attribute.
layout_definition* lo = ad.getLayout(idx);
if (lo == null) {
abort("bad layout index");
@@ -4364,10 +4383,11 @@
bool haveLongFlags = ad.haveLongFlags();
julong kflags = class_flags_hi.getLong(class_flags_lo, haveLongFlags);
julong indexMask = ad.flagIndexMask();
cur_class = class_this.getRef();
+ CHECK;
cur_super = class_super.getRef();
CHECK;
if (cur_super == cur_class) cur_super = null;
@@ -4378,10 +4398,11 @@
putref(cur_super);
putu2(num = class_interface_count.getInt());
for (i = 0; i < num; i++) {
putref(class_interface.getRef());
+ CHECK;
}
write_members(class_field_count.getInt(), ATTR_CONTEXT_FIELD);
write_members(class_method_count.getInt(), ATTR_CONTEXT_METHOD);
CHECK;
@@ -4458,11 +4479,13 @@
extra_ic = (*global_ic); // fill in rest of fields
} else {
flags &= ~ACC_IC_LONG_FORM; // clear high bit if set to get clean zero
extra_ic.flags = flags;
extra_ic.outer = class_InnerClasses_outer_RCN.getRefN();
+ CHECK;
extra_ic.name = class_InnerClasses_name_RUN.getRefN();
+ CHECK;
// Detect if this is an exact copy of the global tuple.
if (global_ic != null) {
if (global_ic->flags != extra_ic.flags ||
global_ic->outer != extra_ic.outer ||
global_ic->name != extra_ic.name) {