78 // pool and when parsing line number tables.
79
80 // We add assert in debug mode when class format is not checked.
81
82 #define JAVA_CLASSFILE_MAGIC 0xCAFEBABE
83 #define JAVA_MIN_SUPPORTED_VERSION 45
84 #define JAVA_MAX_SUPPORTED_VERSION 53
85 #define JAVA_MAX_SUPPORTED_MINOR_VERSION 0
86
87 // Used for two backward compatibility reasons:
88 // - to check for new additions to the class file format in JDK1.5
89 // - to check for bug fixes in the format checker in JDK1.5
90 #define JAVA_1_5_VERSION 49
91
92 // Used for backward compatibility reasons:
93 // - to check for javac bug fixes that happened after 1.5
94 // - also used as the max version when running in jdk6
95 #define JAVA_6_VERSION 50
96
97 // Used for backward compatibility reasons:
98 // - to check NameAndType_info signatures more aggressively
99 // - to disallow argument and require ACC_STATIC for <clinit> methods
100 #define JAVA_7_VERSION 51
101
102 // Extension method support.
103 #define JAVA_8_VERSION 52
104
105 #define JAVA_9_VERSION 53
106
107 void ClassFileParser::parse_constant_pool_entries(const ClassFileStream* const stream,
108 ConstantPool* cp,
109 const int length,
110 TRAPS) {
111 assert(stream != NULL, "invariant");
112 assert(cp != NULL, "invariant");
113
114 // Use a local copy of ClassFileStream. It helps the C++ compiler to optimize
115 // this function (_current can be allocated in a register, with scalar
116 // replacement of aggregates). The _current pointer is copied back to
117 // stream() when this function returns. DON'T call another method within
118 // this method that uses stream().
547 }
548 }
549 }
550
551 if (!_need_verify) {
552 return;
553 }
554
555 // second verification pass - checks the strings are of the right format.
556 // but not yet to the other entries
557 for (index = 1; index < length; index++) {
558 const jbyte tag = cp->tag_at(index).value();
559 switch (tag) {
560 case JVM_CONSTANT_UnresolvedClass: {
561 const Symbol* const class_name = cp->klass_name_at(index);
562 // check the name, even if _cp_patches will overwrite it
563 verify_legal_class_name(class_name, CHECK);
564 break;
565 }
566 case JVM_CONSTANT_NameAndType: {
567 if (_need_verify && _major_version >= JAVA_7_VERSION) {
568 const int sig_index = cp->signature_ref_index_at(index);
569 const int name_index = cp->name_ref_index_at(index);
570 const Symbol* const name = cp->symbol_at(name_index);
571 const Symbol* const sig = cp->symbol_at(sig_index);
572 guarantee_property(sig->utf8_length() != 0,
573 "Illegal zero length constant pool entry at %d in class %s",
574 sig_index, CHECK);
575 if (sig->byte_at(0) == JVM_SIGNATURE_FUNC) {
576 verify_legal_method_signature(name, sig, CHECK);
577 } else {
578 verify_legal_field_signature(name, sig, CHECK);
579 }
580 }
581 break;
582 }
583 case JVM_CONSTANT_InvokeDynamic:
584 case JVM_CONSTANT_Fieldref:
585 case JVM_CONSTANT_Methodref:
586 case JVM_CONSTANT_InterfaceMethodref: {
587 const int name_and_type_ref_index =
588 cp->name_and_type_ref_index_at(index);
589 // already verified to be utf8
590 const int name_ref_index =
591 cp->name_ref_index_at(name_and_type_ref_index);
592 // already verified to be utf8
593 const int signature_ref_index =
594 cp->signature_ref_index_at(name_and_type_ref_index);
595 const Symbol* const name = cp->symbol_at(name_ref_index);
596 const Symbol* const signature = cp->symbol_at(signature_ref_index);
597 if (tag == JVM_CONSTANT_Fieldref) {
598 verify_legal_field_name(name, CHECK);
599 if (_need_verify && _major_version >= JAVA_7_VERSION) {
600 // Signature is verified above, when iterating NameAndType_info.
601 // Need only to be sure it's non-zero length and the right type.
602 if (signature->utf8_length() == 0 ||
603 signature->byte_at(0) == JVM_SIGNATURE_FUNC) {
604 throwIllegalSignature(
605 "Field", name, signature, CHECK);
606 }
607 } else {
608 verify_legal_field_signature(name, signature, CHECK);
609 }
610 } else {
611 verify_legal_method_name(name, CHECK);
612 if (_need_verify && _major_version >= JAVA_7_VERSION) {
613 // Signature is verified above, when iterating NameAndType_info.
614 // Need only to be sure it's non-zero length and the right type.
615 if (signature->utf8_length() == 0 ||
616 signature->byte_at(0) != JVM_SIGNATURE_FUNC) {
617 throwIllegalSignature(
618 "Method", name, signature, CHECK);
619 }
620 } else {
621 verify_legal_method_signature(name, signature, CHECK);
622 }
623 if (tag == JVM_CONSTANT_Methodref) {
624 // 4509014: If a class method name begins with '<', it must be "<init>".
625 assert(name != NULL, "method name in constant pool is null");
626 const unsigned int name_len = name->utf8_length();
627 if (name_len != 0 && name->byte_at(0) == '<') {
628 if (name != vmSymbols::object_initializer_name()) {
629 classfile_parse_error(
630 "Bad method name at constant pool index %u in class file %s",
631 name_ref_index, CHECK);
632 }
633 }
634 }
635 }
636 break;
637 }
638 case JVM_CONSTANT_MethodHandle: {
639 const int ref_index = cp->method_handle_index_at(index);
640 const int ref_kind = cp->method_handle_ref_kind_at(index);
641 switch (ref_kind) {
642 case JVM_REF_invokeVirtual:
643 case JVM_REF_invokeStatic:
644 case JVM_REF_invokeSpecial:
645 case JVM_REF_newInvokeSpecial: {
646 const int name_and_type_ref_index =
647 cp->name_and_type_ref_index_at(ref_index);
648 const int name_ref_index =
649 cp->name_ref_index_at(name_and_type_ref_index);
650 const Symbol* const name = cp->symbol_at(name_ref_index);
651 if (ref_kind == JVM_REF_newInvokeSpecial) {
652 if (name != vmSymbols::object_initializer_name()) {
653 classfile_parse_error(
654 "Bad constructor name at constant pool index %u in class file %s",
655 name_ref_index, CHECK);
4826 case JVM_SIGNATURE_BOOLEAN:
4827 case JVM_SIGNATURE_BYTE:
4828 case JVM_SIGNATURE_CHAR:
4829 case JVM_SIGNATURE_SHORT:
4830 case JVM_SIGNATURE_INT:
4831 case JVM_SIGNATURE_FLOAT:
4832 case JVM_SIGNATURE_LONG:
4833 case JVM_SIGNATURE_DOUBLE:
4834 return signature + 1;
4835 case JVM_SIGNATURE_CLASS: {
4836 if (_major_version < JAVA_1_5_VERSION) {
4837 // Skip over the class name if one is there
4838 const char* const p = skip_over_field_name(signature + 1, true, --length);
4839
4840 // The next character better be a semicolon
4841 if (p && (p - signature) > 1 && p[0] == ';') {
4842 return p + 1;
4843 }
4844 }
4845 else {
4846 // 4900761: For class version > 48, any unicode is allowed in class name.
4847 length--;
4848 signature++;
4849 while (length > 0 && signature[0] != ';') {
4850 if (signature[0] == '.') {
4851 classfile_parse_error("Class name contains illegal character '.' in descriptor in class file %s", CHECK_0);
4852 }
4853 length--;
4854 signature++;
4855 }
4856 if (signature[0] == ';') { return signature + 1; }
4857 }
4858
4859 return NULL;
4860 }
4861 case JVM_SIGNATURE_ARRAY:
4862 array_dim++;
4863 if (array_dim > 255) {
4864 // 4277370: array descriptor is valid only if it represents 255 or fewer dimensions.
4865 classfile_parse_error("Array type descriptor has more than 255 dimensions in class file %s", CHECK_0);
4866 }
4867 // The rest of what's there better be a legal signature
4868 signature++;
4869 length--;
4870 void_ok = false;
4871 break;
4872
4873 default:
4874 return NULL;
4875 }
4876 }
4877 return NULL;
4878 }
4879
4880 // Checks if name is a legal class name.
4881 void ClassFileParser::verify_legal_class_name(const Symbol* name, TRAPS) const {
4882 if (!_need_verify || _relax_verify) { return; }
4883
4884 char buf[fixed_buffer_size];
4885 char* bytes = name->as_utf8_flexible_buffer(THREAD, buf, fixed_buffer_size);
4886 unsigned int length = name->utf8_length();
4887 bool legal = false;
4888
4889 if (length > 0) {
4890 const char* p;
4891 if (bytes[0] == JVM_SIGNATURE_ARRAY) {
4892 p = skip_over_field_signature(bytes, false, length, CHECK);
|
78 // pool and when parsing line number tables.
79
80 // We add assert in debug mode when class format is not checked.
81
82 #define JAVA_CLASSFILE_MAGIC 0xCAFEBABE
83 #define JAVA_MIN_SUPPORTED_VERSION 45
84 #define JAVA_MAX_SUPPORTED_VERSION 53
85 #define JAVA_MAX_SUPPORTED_MINOR_VERSION 0
86
87 // Used for two backward compatibility reasons:
88 // - to check for new additions to the class file format in JDK1.5
89 // - to check for bug fixes in the format checker in JDK1.5
90 #define JAVA_1_5_VERSION 49
91
92 // Used for backward compatibility reasons:
93 // - to check for javac bug fixes that happened after 1.5
94 // - also used as the max version when running in jdk6
95 #define JAVA_6_VERSION 50
96
97 // Used for backward compatibility reasons:
98 // - to disallow argument and require ACC_STATIC for <clinit> methods
99 #define JAVA_7_VERSION 51
100
101 // Extension method support.
102 #define JAVA_8_VERSION 52
103
104 #define JAVA_9_VERSION 53
105
106 void ClassFileParser::parse_constant_pool_entries(const ClassFileStream* const stream,
107 ConstantPool* cp,
108 const int length,
109 TRAPS) {
110 assert(stream != NULL, "invariant");
111 assert(cp != NULL, "invariant");
112
113 // Use a local copy of ClassFileStream. It helps the C++ compiler to optimize
114 // this function (_current can be allocated in a register, with scalar
115 // replacement of aggregates). The _current pointer is copied back to
116 // stream() when this function returns. DON'T call another method within
117 // this method that uses stream().
546 }
547 }
548 }
549
550 if (!_need_verify) {
551 return;
552 }
553
554 // second verification pass - checks the strings are of the right format.
555 // but not yet to the other entries
556 for (index = 1; index < length; index++) {
557 const jbyte tag = cp->tag_at(index).value();
558 switch (tag) {
559 case JVM_CONSTANT_UnresolvedClass: {
560 const Symbol* const class_name = cp->klass_name_at(index);
561 // check the name, even if _cp_patches will overwrite it
562 verify_legal_class_name(class_name, CHECK);
563 break;
564 }
565 case JVM_CONSTANT_NameAndType: {
566 if (_need_verify) {
567 const int sig_index = cp->signature_ref_index_at(index);
568 const int name_index = cp->name_ref_index_at(index);
569 const Symbol* const name = cp->symbol_at(name_index);
570 const Symbol* const sig = cp->symbol_at(sig_index);
571 guarantee_property(sig->utf8_length() != 0,
572 "Illegal zero length constant pool entry at %d in class %s",
573 sig_index, CHECK);
574 guarantee_property(name->utf8_length() != 0,
575 "Illegal zero length constant pool entry at %d in class %s",
576 name_index, CHECK);
577
578 if (sig->byte_at(0) == JVM_SIGNATURE_FUNC) {
579 // Format check Methodref name and signature
580 verify_legal_method_name(name, CHECK);
581 verify_legal_method_signature(name, sig, CHECK);
582 } else {
583 // Format check Fieldref name and signature
584 verify_legal_field_name(name, CHECK);
585 verify_legal_field_signature(name, sig, CHECK);
586 }
587 }
588 break;
589 }
590 case JVM_CONSTANT_InvokeDynamic:
591 case JVM_CONSTANT_Fieldref:
592 case JVM_CONSTANT_Methodref:
593 case JVM_CONSTANT_InterfaceMethodref: {
594 const int name_and_type_ref_index =
595 cp->name_and_type_ref_index_at(index);
596 // already verified to be utf8
597 const int name_ref_index =
598 cp->name_ref_index_at(name_and_type_ref_index);
599 // already verified to be utf8
600 const int signature_ref_index =
601 cp->signature_ref_index_at(name_and_type_ref_index);
602 const Symbol* const name = cp->symbol_at(name_ref_index);
603 const Symbol* const signature = cp->symbol_at(signature_ref_index);
604 if (tag == JVM_CONSTANT_Fieldref) {
605 if (_need_verify) {
606 // Field name and signature are verified above, when iterating NameAndType_info.
607 // Need only to be sure signature is non-zero length and the right type.
608 if (signature->utf8_length() == 0 ||
609 signature->byte_at(0) == JVM_SIGNATURE_FUNC) {
610 throwIllegalSignature("Field", name, signature, CHECK);
611 }
612 }
613 } else {
614 if (_need_verify) {
615 // Method name and signature are verified above, when iterating NameAndType_info.
616 // Need only to be sure signature is non-zero length and the right type.
617 if (signature->utf8_length() == 0 ||
618 signature->byte_at(0) != JVM_SIGNATURE_FUNC) {
619 throwIllegalSignature("Method", name, signature, CHECK);
620 }
621 }
622 // 4509014: If a class method name begins with '<', it must be "<init>"
623 const unsigned int name_len = name->utf8_length();
624 if (tag == JVM_CONSTANT_Methodref &&
625 name_len != 0 &&
626 name->byte_at(0) == '<' &&
627 name != vmSymbols::object_initializer_name()) {
628 classfile_parse_error(
629 "Bad method name at constant pool index %u in class file %s",
630 name_ref_index, CHECK);
631 }
632 }
633 break;
634 }
635 case JVM_CONSTANT_MethodHandle: {
636 const int ref_index = cp->method_handle_index_at(index);
637 const int ref_kind = cp->method_handle_ref_kind_at(index);
638 switch (ref_kind) {
639 case JVM_REF_invokeVirtual:
640 case JVM_REF_invokeStatic:
641 case JVM_REF_invokeSpecial:
642 case JVM_REF_newInvokeSpecial: {
643 const int name_and_type_ref_index =
644 cp->name_and_type_ref_index_at(ref_index);
645 const int name_ref_index =
646 cp->name_ref_index_at(name_and_type_ref_index);
647 const Symbol* const name = cp->symbol_at(name_ref_index);
648 if (ref_kind == JVM_REF_newInvokeSpecial) {
649 if (name != vmSymbols::object_initializer_name()) {
650 classfile_parse_error(
651 "Bad constructor name at constant pool index %u in class file %s",
652 name_ref_index, CHECK);
4823 case JVM_SIGNATURE_BOOLEAN:
4824 case JVM_SIGNATURE_BYTE:
4825 case JVM_SIGNATURE_CHAR:
4826 case JVM_SIGNATURE_SHORT:
4827 case JVM_SIGNATURE_INT:
4828 case JVM_SIGNATURE_FLOAT:
4829 case JVM_SIGNATURE_LONG:
4830 case JVM_SIGNATURE_DOUBLE:
4831 return signature + 1;
4832 case JVM_SIGNATURE_CLASS: {
4833 if (_major_version < JAVA_1_5_VERSION) {
4834 // Skip over the class name if one is there
4835 const char* const p = skip_over_field_name(signature + 1, true, --length);
4836
4837 // The next character better be a semicolon
4838 if (p && (p - signature) > 1 && p[0] == ';') {
4839 return p + 1;
4840 }
4841 }
4842 else {
4843 // Skip leading 'L' and ignore first appearance of ';'
4844 length--;
4845 signature++;
4846 char* c = strchr((char*) signature, ';');
4847 // Format check signature
4848 if (c != NULL) {
4849 int newlen = c - (char*) signature;
4850 char* sig = NEW_RESOURCE_ARRAY(char, newlen + 1);
4851 strncpy(sig, signature, newlen);
4852 sig[newlen] = '\0';
4853
4854 bool legal = verify_unqualified_name(sig, newlen, LegalClass);
4855 if (!legal) {
4856 ResourceMark rm(THREAD);
4857 classfile_parse_error("Class name contains illegal character "
4858 "in descriptor in class file %s",
4859 CHECK_0);
4860 return NULL;
4861 }
4862 return signature + newlen + 1;
4863 }
4864 }
4865 return NULL;
4866 }
4867 case JVM_SIGNATURE_ARRAY:
4868 array_dim++;
4869 if (array_dim > 255) {
4870 // 4277370: array descriptor is valid only if it represents 255 or fewer dimensions.
4871 classfile_parse_error("Array type descriptor has more than 255 dimensions in class file %s", CHECK_0);
4872 }
4873 // The rest of what's there better be a legal signature
4874 signature++;
4875 length--;
4876 void_ok = false;
4877 break;
4878 default:
4879 return NULL;
4880 }
4881 }
4882 return NULL;
4883 }
4884
4885 // Checks if name is a legal class name.
4886 void ClassFileParser::verify_legal_class_name(const Symbol* name, TRAPS) const {
4887 if (!_need_verify || _relax_verify) { return; }
4888
4889 char buf[fixed_buffer_size];
4890 char* bytes = name->as_utf8_flexible_buffer(THREAD, buf, fixed_buffer_size);
4891 unsigned int length = name->utf8_length();
4892 bool legal = false;
4893
4894 if (length > 0) {
4895 const char* p;
4896 if (bytes[0] == JVM_SIGNATURE_ARRAY) {
4897 p = skip_over_field_signature(bytes, false, length, CHECK);
|