jdk8-mips64-public/hotspot: comparison src/share/vm/classfile/classFileParser.cpp

-:57f957f4731d
+:fff265b31090
 generic_signature_index = parse_generic_signature_attribute(CHECK);
 } else if (attribute_name == vmSymbols::tag_runtime_visible_annotations()) {
 runtime_visible_annotations_length = attribute_length;
 runtime_visible_annotations = cfs->get_u1_buffer();
 assert(runtime_visible_annotations != NULL, "null visible annotations");
+cfs->guarantee_more(runtime_visible_annotations_length, CHECK);
 parse_annotations(runtime_visible_annotations,
 runtime_visible_annotations_length,
 parsed_annotations,
 CHECK);
-cfs->skip_u1(runtime_visible_annotations_length, CHECK);
+cfs->skip_u1_fast(runtime_visible_annotations_length);
 } else if (PreserveAllAnnotations && attribute_name == vmSymbols::tag_runtime_invisible_annotations()) {
 runtime_invisible_annotations_length = attribute_length;
 runtime_invisible_annotations = cfs->get_u1_buffer();
 assert(runtime_invisible_annotations != NULL, "null invisible annotations");
 cfs->skip_u1(runtime_invisible_annotations_length, CHECK);
 index = skip_annotation_value(buffer, limit, index);
 }
 return index;
 }
+// Safely increment index by val if does not pass limit
+#define SAFE_ADD(index, limit, val) \
+if (index >= limit - val) return limit; \
+index += val;
 // Skip an annotation value.  Return >=limit if there is any problem.
 int ClassFileParser::skip_annotation_value(u1* buffer, int limit, int index) {
 // value := switch (tag:u1) {
 //   case B, C, I, S, Z, D, F, J, c: con:u2;
 //   case e: e_class:u2 e_name:u2;
 //   case s: s_con:u2;
 //   case [: do(nval:u2) {value};
 //   case @: annotation;
 //   case s: s_con:u2;
 // }
-if ((index += 1) >= limit)  return limit;  // read tag
+SAFE_ADD(index, limit, 1); // read tag
 u1 tag = buffer[index-1];
 switch (tag) {
 case 'B': case 'C': case 'I': case 'S': case 'Z':
 case 'D': case 'F': case 'J': case 'c': case 's':
-index += 2;  // skip con or s_con
+SAFE_ADD(index, limit, 2);  // skip con or s_con
 break;
 case 'e':
-index += 4;  // skip e_class, e_name
+SAFE_ADD(index, limit, 4);  // skip e_class, e_name
 break;
 case '[':
 {
-if ((index += 2) >= limit)  return limit;  // read nval
+SAFE_ADD(index, limit, 2);  // read nval
 int nval = Bytes::get_Java_u2(buffer+index-2);
 while (--nval >= 0 && index < limit) {
 index = skip_annotation_value(buffer, limit, index);
 }
 }
 // Sift through annotations, looking for those significant to the VM:
 void ClassFileParser::parse_annotations(u1* buffer, int limit,
 ClassFileParser::AnnotationCollector* coll,
 TRAPS) {
 // annotations := do(nann:u2) {annotation}
-int index = 0;
+int index = 2;
-if ((index += 2) >= limit)  return;  // read nann
+if (index >= limit)  return;  // read nann
 int nann = Bytes::get_Java_u2(buffer+index-2);
 enum {  // initial annotation layout
 atype_off = 0,      // utf8 such as 'Ljava/lang/annotation/Retention;'
 count_off = 2,      // u2   such as 1 (one value)
 member_off = 4,     // utf8 such as 'value'
 s_tag_val = 's',    // payload is String
 s_con_off = 7,    // utf8 payload, such as 'Ljava/lang/String;'
 s_size = 9,
 min_size = 6        // smallest possible size (zero members)
 };
-while ((--nann) >= 0 && (index-2 + min_size <= limit)) {
+// Cannot add min_size to index in case of overflow MAX_INT
+while ((--nann) >= 0 && (index-2 <= limit - min_size)) {
 int index0 = index;
 index = skip_annotation(buffer, limit, index);
 u1* abase = buffer + index0;
 int atype = Bytes::get_Java_u2(abase + atype_off);
 int count = Bytes::get_Java_u2(abase + count_off);
 generic_signature_index = parse_generic_signature_attribute(CHECK_(nullHandle));
 } else if (method_attribute_name == vmSymbols::tag_runtime_visible_annotations()) {
 runtime_visible_annotations_length = method_attribute_length;
 runtime_visible_annotations = cfs->get_u1_buffer();
 assert(runtime_visible_annotations != NULL, "null visible annotations");
+cfs->guarantee_more(runtime_visible_annotations_length, CHECK_(nullHandle));
 parse_annotations(runtime_visible_annotations,
 runtime_visible_annotations_length, &parsed_annotations,
 CHECK_(nullHandle));
-cfs->skip_u1(runtime_visible_annotations_length, CHECK_(nullHandle));
+cfs->skip_u1_fast(runtime_visible_annotations_length);
 } else if (PreserveAllAnnotations && method_attribute_name == vmSymbols::tag_runtime_invisible_annotations()) {
 runtime_invisible_annotations_length = method_attribute_length;
 runtime_invisible_annotations = cfs->get_u1_buffer();
 assert(runtime_invisible_annotations != NULL, "null invisible annotations");
 cfs->skip_u1(runtime_invisible_annotations_length, CHECK_(nullHandle));
 parse_classfile_signature_attribute(CHECK);
 } else if (tag == vmSymbols::tag_runtime_visible_annotations()) {
 runtime_visible_annotations_length = attribute_length;
 runtime_visible_annotations = cfs->get_u1_buffer();
 assert(runtime_visible_annotations != NULL, "null visible annotations");
+cfs->guarantee_more(runtime_visible_annotations_length, CHECK);
 parse_annotations(runtime_visible_annotations,
 runtime_visible_annotations_length,
 parsed_annotations,
 CHECK);
-cfs->skip_u1(runtime_visible_annotations_length, CHECK);
+cfs->skip_u1_fast(runtime_visible_annotations_length);
 } else if (PreserveAllAnnotations && tag == vmSymbols::tag_runtime_invisible_annotations()) {
 runtime_invisible_annotations_length = attribute_length;
 runtime_invisible_annotations = cfs->get_u1_buffer();
 assert(runtime_invisible_annotations != NULL, "null invisible annotations");
 cfs->skip_u1(runtime_invisible_annotations_length, CHECK);

Mercurial > jdk8-mips64-public > hotspot / file comparison

comparison: src/share/vm/classfile/classFileParser.cpp

src/share/vm/classfile/classFileParser.cpp