Details
-
Enhancement
-
Resolution: Fixed
-
P3
-
8
-
b68
-
generic
-
generic
-
Verified
Description
javac should ignore ignorable characters on input, and as a separate defensive measure, the file manager should prevent creating files which cannot be represented on the file system, including, in particular, files containing "null" in their name.
Placing a Null char (0x00) inside a Java class name is permitted by the javac
compiler. The compile class file contains only those characters up to the
null, i.e. nothing after the null //including the ".class" extension// is
present in the class file.
TEST_CASE
=========
The following example shows a simple class (CharTest.java) wrapper of an
inner class which contains an embedded null character. When compiled, only
two classes are generated, the wrapper class "CharTest.java" and the inner
class "CharTest$AA". Note the usual ".class" extension is missing from the
compiled class file name:
$ echo -e "public class CharTest { public class AA\x00BB {} }" >
CharTest.java
$ cat CharTest.java | grep -aoE "AA.*BB" | od -vAx -tx1
000000 41 41 00 42 42 0a <-- Null character between AA and BB (0x41 and
0x42)
-- This class compiles successfully
$ javac CharTest.java
$ ll CharTest*
-rw-r--r--. 1 hakzaw users 312 Dec 20 12:50 CharTest$AA <-- Truncated class
filename
-rw-r--r--. 1 hakzaw users 251 Dec 20 12:50 CharTest.class
-rw-r--r--. 1 hakzaw users 48 Dec 20 12:48 CharTest.java
$ file CharTest\$AA
CharTest$AA: compiled Java class data, version 50.0 (Java 1.6)
The following test shows that the class file representing the inner class is
successfully loaded by the java classloaded, despite it possessing a
truncated file name. We modify CharTest.java file by adding a main method
that calls an inner class method, forcing the loading of the inner class.
Note the "^@" symbols are single null characters.
public class CharTest {
public AA^@BB aabb;
public CharTest() {
aabb = new AA^@BB ();
}
public class AA^@BB {
public AA^@BB () {}
public void bar() { System.out.println("bar"); }
}
public void foo() {
System.out.println("foo");
aabb.bar();
}
public static void main(String[] args) {
CharTest ct = new CharTest();
ct.foo();
}
}
$ javac CharTest.java
$ java CharTest
foo
bar <-- Inner class has been loaded with method called successfully.
Placing a Null char (0x00) inside a Java class name is permitted by the javac
compiler. The compile class file contains only those characters up to the
null, i.e. nothing after the null //including the ".class" extension// is
present in the class file.
TEST_CASE
=========
The following example shows a simple class (CharTest.java) wrapper of an
inner class which contains an embedded null character. When compiled, only
two classes are generated, the wrapper class "CharTest.java" and the inner
class "CharTest$AA". Note the usual ".class" extension is missing from the
compiled class file name:
$ echo -e "public class CharTest { public class AA\x00BB {} }" >
CharTest.java
$ cat CharTest.java | grep -aoE "AA.*BB" | od -vAx -tx1
000000 41 41 00 42 42 0a <-- Null character between AA and BB (0x41 and
0x42)
-- This class compiles successfully
$ javac CharTest.java
$ ll CharTest*
-rw-r--r--. 1 hakzaw users 312 Dec 20 12:50 CharTest$AA <-- Truncated class
filename
-rw-r--r--. 1 hakzaw users 251 Dec 20 12:50 CharTest.class
-rw-r--r--. 1 hakzaw users 48 Dec 20 12:48 CharTest.java
$ file CharTest\$AA
CharTest$AA: compiled Java class data, version 50.0 (Java 1.6)
The following test shows that the class file representing the inner class is
successfully loaded by the java classloaded, despite it possessing a
truncated file name. We modify CharTest.java file by adding a main method
that calls an inner class method, forcing the loading of the inner class.
Note the "^@" symbols are single null characters.
public class CharTest {
public AA^@BB aabb;
public CharTest() {
aabb = new AA^@BB ();
}
public class AA^@BB {
public AA^@BB () {}
public void bar() { System.out.println("bar"); }
}
public void foo() {
System.out.println("foo");
aabb.bar();
}
public static void main(String[] args) {
CharTest ct = new CharTest();
ct.foo();
}
}
$ javac CharTest.java
$ java CharTest
foo
bar <-- Inner class has been loaded with method called successfully.
Attachments
Issue Links
- relates to
-
JDK-8024493 Some ASCII characters are not treated correctly in identifiers
-
- Resolved
-