[BCEL-357] StringIndexOutOfBoundsException when Verifying Java Method Name in Pass2Verifier - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: 6.5.0
Fix Version/s: None
Component/s: Verifier
Labels:
None

Environment:

Hide

public class ParserTest {


    public void testWithInputStream(InputStream inputStream) throws IOException {
        JavaClass clazz;
        try {
            clazz = new ClassParser(inputStream, "Hello.class").parse();
        } catch (ClassFormatException e) {
            // ClassFormatException thrown by the parser is just invalid input
            Assume.assumeNoException(e);
            return;
        }

        // Any non-IOException thrown here should be marked a failure
        // (including ClassFormatException)
        verifyJavaClass(clazz);
    }



    private void verifyJavaClass( JavaClass javaClass) throws IOException {
        try {
            Repository.addClass(javaClass);
            Verifier verifier = StatelessVerifierFactory.getVerifier(javaClass.getClassName());
            VerificationResult result;
            result = verifier.doPass1();
            assumeThat(result.getMessage(), result.getStatus(), is(VerificationResult.VERIFIED_OK));
            result = verifier.doPass2();
            assumeThat(result.getMessage(), result.getStatus(), is(VerificationResult.VERIFIED_OK));
            for (int i = 0; i < javaClass.getMethods().length; i++) {
                result = verifier.doPass3a(i);
                assumeThat(result.getMessage(), result.getStatus(), is(VerificationResult.VERIFIED_OK));
            }
        } finally {
            Repository.clearCache();
        }
    }

    public static void main(String[] args) throws IOException {
        ParserTest pt = new ParserTest();
        FileInputStream fis = new FileInputStream(new File("/home/jamesk/bcel_bugs/str_index.input"));
        pt.testWithInputStream(fis);
    }

}

Show

public class ParserTest { public void testWithInputStream(InputStream inputStream) throws IOException { JavaClass clazz; try { clazz = new ClassParser(inputStream, "Hello.class" ).parse(); } catch (ClassFormatException e) { // ClassFormatException thrown by the parser is just invalid input Assume.assumeNoException(e); return ; } // Any non-IOException thrown here should be marked a failure // (including ClassFormatException) verifyJavaClass(clazz); } private void verifyJavaClass( JavaClass javaClass) throws IOException { try { Repository.addClass(javaClass); Verifier verifier = StatelessVerifierFactory.getVerifier(javaClass.getClassName()); VerificationResult result; result = verifier.doPass1(); assumeThat(result.getMessage(), result.getStatus(), is(VerificationResult.VERIFIED_OK)); result = verifier.doPass2(); assumeThat(result.getMessage(), result.getStatus(), is(VerificationResult.VERIFIED_OK)); for ( int i = 0; i < javaClass.getMethods().length; i++) { result = verifier.doPass3a(i); assumeThat(result.getMessage(), result.getStatus(), is(VerificationResult.VERIFIED_OK)); } } finally { Repository.clearCache(); } } public static void main( String [] args) throws IOException { ParserTest pt = new ParserTest(); FileInputStream fis = new FileInputStream( new File( "/home/jamesk/bcel_bugs/str_index.input" )); pt.testWithInputStream(fis); } }

Description

StringIndexOutOfBoundsException found during fuzzing research. Attaching file that triggred the Exception.

Stack trace:

Exception in thread "main" java.lang.StringIndexOutOfBoundsException: String index out of range: 0
	at java.lang.String.charAt(String.java:658)
	at org.apache.bcel.verifier.statics.Pass2Verifier.validJavaLangMethodName(Pass2Verifier.java:1458)
	at org.apache.bcel.verifier.statics.Pass2Verifier.validMethodName(Pass2Verifier.java:1432)
	at org.apache.bcel.verifier.statics.Pass2Verifier.validClassMethodName(Pass2Verifier.java:1448)
	at org.apache.bcel.verifier.statics.Pass2Verifier.access$900(Pass2Verifier.java:85)
	at org.apache.bcel.verifier.statics.Pass2Verifier$FAMRAV_Visitor.visitConstantMethodref(Pass2Verifier.java:1350)
	at org.apache.bcel.classfile.ConstantMethodref.accept(ConstantMethodref.java:68)
	at org.apache.bcel.classfile.DescendingVisitor.visitConstantMethodref(DescendingVisitor.java:347)
	at org.apache.bcel.classfile.ConstantMethodref.accept(ConstantMethodref.java:68)
	at org.apache.bcel.classfile.DescendingVisitor.visitConstantPool(DescendingVisitor.java:268)
	at org.apache.bcel.classfile.ConstantPool.accept(ConstantPool.java:87)
	at org.apache.bcel.classfile.DescendingVisitor.visitJavaClass(DescendingVisitor.java:104)
	at org.apache.bcel.classfile.JavaClass.accept(JavaClass.java:213)
	at org.apache.bcel.classfile.DescendingVisitor.visit(DescendingVisitor.java:84)
	at org.apache.bcel.verifier.statics.Pass2Verifier.field_and_method_refs_are_valid(Pass2Verifier.java:1290)
	at org.apache.bcel.verifier.statics.Pass2Verifier.do_verify(Pass2Verifier.java:161)
	at org.apache.bcel.verifier.PassVerifier.verify(PassVerifier.java:70)
	at org.apache.bcel.verifier.Verifier.doPass2(Verifier.java:75)

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

str_index.input
03/Sep/21 15:41
0.3 kB
James Kukucka

Activity

People

Assignee:: Unassigned

Reporter:: James Kukucka

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 03/Sep/21 15:41

Updated:: 03/Sep/21 15:41