Details
-
Bug
-
Resolution: Fixed
-
P4
-
None
-
b21
-
Not verified
Description
It is possible to make URLClassLoader.findClass() to throw unexpected IndexOutOfBoundsException.
This is because jdk.internal.loader.Resource.getBytes() fails to handle integer overflow when allocating memory.
Here's a simple reproducer:
$ touch LARGE.class
$ truncate -s 2147483647 LARGE.class
$ jar -c -f JAR.jar LARGE.class
$ javac POC.java
$ java -Xms5G POC
Exception in thread "main" java.lang.IndexOutOfBoundsException
at java.base/java.util.zip.InflaterInputStream.read(InflaterInputStream.java:147)
at java.base/jdk.internal.loader.Resource.getBytes(Resource.java:124)
at java.base/java.net.URLClassLoader.defineClass(URLClassLoader.java:510)
at java.base/java.net.URLClassLoader$1.run(URLClassLoader.java:423)
at java.base/java.net.URLClassLoader$1.run(URLClassLoader.java:417)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:690)
at java.base/java.net.URLClassLoader.findClass(URLClassLoader.java:416)
at MyCL.<init>(POC.java:13)
at POC.main(POC.java:6)
where POC.java is:
----------------
import java.net.*;
import java.io.*;
public class POC {
public static void main(String[] args) throws Throwable {
var cl = new MyCL();
}
}
class MyCL extends URLClassLoader {
public MyCL() throws Throwable {
super(new URL[] {new URL("file:JAR.jar")});
findClass("LARGE");
}
}
----------------
The expected exception here would be either OutOfMemoryError or ClassFormatError.
This is because jdk.internal.loader.Resource.getBytes() fails to handle integer overflow when allocating memory.
Here's a simple reproducer:
$ touch LARGE.class
$ truncate -s 2147483647 LARGE.class
$ jar -c -f JAR.jar LARGE.class
$ javac POC.java
$ java -Xms5G POC
Exception in thread "main" java.lang.IndexOutOfBoundsException
at java.base/java.util.zip.InflaterInputStream.read(InflaterInputStream.java:147)
at java.base/jdk.internal.loader.Resource.getBytes(Resource.java:124)
at java.base/java.net.URLClassLoader.defineClass(URLClassLoader.java:510)
at java.base/java.net.URLClassLoader$1.run(URLClassLoader.java:423)
at java.base/java.net.URLClassLoader$1.run(URLClassLoader.java:417)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:690)
at java.base/java.net.URLClassLoader.findClass(URLClassLoader.java:416)
at MyCL.<init>(POC.java:13)
at POC.main(POC.java:6)
where POC.java is:
----------------
import java.net.*;
import java.io.*;
public class POC {
public static void main(String[] args) throws Throwable {
var cl = new MyCL();
}
}
class MyCL extends URLClassLoader {
public MyCL() throws Throwable {
super(new URL[] {new URL("file:JAR.jar")});
findClass("LARGE");
}
}
----------------
The expected exception here would be either OutOfMemoryError or ClassFormatError.