Name: viR10068 Date: 01/29/2004
RFC 2396 Uniform Resource Identifiers (URI): Generic Syntax
(for example see ftp://ftp.isi.edu/in-notes/rfc2396.txt) says:
"...
2. URI Characters and Escape Sequences
URI consist of a restricted set of characters, primarily chosen to
aid transcribability and usability both in computer systems and in
non-computer communications. Characters used conventionally as
delimiters around URI were excluded.
...
2.4.1. Escaped Encoding
An escaped octet is encoded as a character triplet, consisting of the
percent character "%" followed by the two hexadecimal digits
representing the octet code. For example, "%20" is the escaped
encoding for the US-ASCII space character.
..."
The API spec for the java.net.URI says:
"A character is encoded by replacing it with the sequence of escaped
octets that represent that character in the UTF-8 character set. The
Euro currency symbol ('\u20AC'), for example, is encoded as "%E2%82%AC".
(Deviation from RFC 2396, which does not specify any particular character
set.)".
So valid java application should use this URI syntax.
But if class name has an unicode character and the plugin/ appletviewer
uses the http protocol to load classes then the result is the ClassFormatError
instead of the NoClassDefFoundError, for example.
After short investigation I found that the following takes place:
1) the plugin tries to load class that extends an interface with the
unicode character in name (u1E00). Note, these class and interface have
empty bodies.
2) the http server receives the 'GET' command with unknown symbol instead
of the escaped unicode character [%E1%B8%80 for u1E00] even if the browser
is set to "Always send URLs as UTF-8". Note, in the http server log files
this looks like a '?' when browsing through the text editor and in
the java console log it looks like a '|'.
3) the http server returns the error code 301 (HTTP_STATUS_MOVED) and new
URI (in the log file it looks like '/?' instead of '?' or '|')
4) the plugin tries to load class with the new URI and receives the
directory listing. The name of the directory is a part of URL preceeding
the unicode character in the original request.
5) the plugin classloader receives directory listing, tries to use it as a
requested class file and throws the ClassFormatError (Bad magic number).
Note, this bug is reproducible under appletviewer too.
http server log:
'129.144.235.123 - - [28/Jan/2004:18:02:22 +0600] "GET
/net/novo79/export/home/plugin/javasoft/sqe/tests/vm/classfmt/cpl/cplcls002/cplcls00206m5?
/cplcls00206m5i.class HTTP/1.1" 301 427
129.144.235.123 - - [28/Jan/2004:18:02:22 +0600] "GET
/net/novo79/export/home/plugin/javasoft/sqe/tests/vm/classfmt/cpl/cplcls002/cplcls00206m5/
?/cplcls00206m5i.class HTTP/1.1" 200 1175'
Affected JCK tests are:
vm/classfmt/cpl/cplcls002/cplcls00206m2/cplcls00206m2.html
vm/classfmt/cpl/cplcls002/cplcls00206m4/cplcls00206m4.html
vm/classfmt/cpl/cplcls002/cplcls00206m5/cplcls00206m5.html
How to reproduce:
1) Start JavaTest (java -jar javatest.jar)
2) Start the plugin or apletviewer with loading class through the http. For example,
CODEBASE="http://sqeel/java/re/jck/1.5/qac/latest/binaries/JCK-runtime-15/classes"
3) run the test. For example, vm/classfmt/cpl/cplcls002/cplcls00206m2/cplcls00206m2.html
======================================================================
RFC 2396 Uniform Resource Identifiers (URI): Generic Syntax
(for example see ftp://ftp.isi.edu/in-notes/rfc2396.txt) says:
"...
2. URI Characters and Escape Sequences
URI consist of a restricted set of characters, primarily chosen to
aid transcribability and usability both in computer systems and in
non-computer communications. Characters used conventionally as
delimiters around URI were excluded.
...
2.4.1. Escaped Encoding
An escaped octet is encoded as a character triplet, consisting of the
percent character "%" followed by the two hexadecimal digits
representing the octet code. For example, "%20" is the escaped
encoding for the US-ASCII space character.
..."
The API spec for the java.net.URI says:
"A character is encoded by replacing it with the sequence of escaped
octets that represent that character in the UTF-8 character set. The
Euro currency symbol ('\u20AC'), for example, is encoded as "%E2%82%AC".
(Deviation from RFC 2396, which does not specify any particular character
set.)".
So valid java application should use this URI syntax.
But if class name has an unicode character and the plugin/ appletviewer
uses the http protocol to load classes then the result is the ClassFormatError
instead of the NoClassDefFoundError, for example.
After short investigation I found that the following takes place:
1) the plugin tries to load class that extends an interface with the
unicode character in name (u1E00). Note, these class and interface have
empty bodies.
2) the http server receives the 'GET' command with unknown symbol instead
of the escaped unicode character [%E1%B8%80 for u1E00] even if the browser
is set to "Always send URLs as UTF-8". Note, in the http server log files
this looks like a '?' when browsing through the text editor and in
the java console log it looks like a '|'.
3) the http server returns the error code 301 (HTTP_STATUS_MOVED) and new
URI (in the log file it looks like '/?' instead of '?' or '|')
4) the plugin tries to load class with the new URI and receives the
directory listing. The name of the directory is a part of URL preceeding
the unicode character in the original request.
5) the plugin classloader receives directory listing, tries to use it as a
requested class file and throws the ClassFormatError (Bad magic number).
Note, this bug is reproducible under appletviewer too.
http server log:
'129.144.235.123 - - [28/Jan/2004:18:02:22 +0600] "GET
/net/novo79/export/home/plugin/javasoft/sqe/tests/vm/classfmt/cpl/cplcls002/cplcls00206m5?
/cplcls00206m5i.class HTTP/1.1" 301 427
129.144.235.123 - - [28/Jan/2004:18:02:22 +0600] "GET
/net/novo79/export/home/plugin/javasoft/sqe/tests/vm/classfmt/cpl/cplcls002/cplcls00206m5/
?/cplcls00206m5i.class HTTP/1.1" 200 1175'
Affected JCK tests are:
vm/classfmt/cpl/cplcls002/cplcls00206m2/cplcls00206m2.html
vm/classfmt/cpl/cplcls002/cplcls00206m4/cplcls00206m4.html
vm/classfmt/cpl/cplcls002/cplcls00206m5/cplcls00206m5.html
How to reproduce:
1) Start JavaTest (java -jar javatest.jar)
2) Start the plugin or apletviewer with loading class through the http. For example,
CODEBASE="http://sqeel/java/re/jck/1.5/qac/latest/binaries/JCK-runtime-15/classes"
3) run the test. For example, vm/classfmt/cpl/cplcls002/cplcls00206m2/cplcls00206m2.html
======================================================================
- duplicates
-
JDK-4979820 cannot load class names containing some JSR 202 characters
-
- Resolved
-
- relates to
-
-
- Closed
-