-
Bug
-
Resolution: Won't Fix
-
P4
-
None
-
13, 14
-
x86_64
-
windows_10
A DESCRIPTION OF THE PROBLEM :
A good description of this bug can be found at
https://github.com/ItzSomebody/StopDecompilingMyJava/blob/master/decompiler-tool-bugs/Entry-011/Entry.md
Copied here:
See: https://twitter.com/LeeAtBenf/status/1136035843955732486
Also see: https://github.com/ItzSomebody/openjdk-jdk8u/blob/e87709def542f064a7ab9fa75542230e40876310/hotspot/src/share/vm/classfile/classFileParser.cpp#L2137
Utilizes differences in the pre-Java 1 classfile format (major version 45, minor version 2 and below) and the modern Java classfile format.
Regularly, Java's Method Code Attribute obeys the following:
Code_attribute {
u2 attribute_name_index;
u4 attribute_length;
u2 max_stack;
u2 max_locals;
u4 code_length;
u1 code[code_length];
u2 exception_table_length;
{ u2 start_pc;
u2 end_pc;
u2 handler_pc;
u2 catch_type;
} exception_table[exception_table_length];
u2 attributes_count;
attribute_info attributes[attributes_count];
}
However, pre-Java 1 classfiles do not. In pre-Java 1, the max_stack, max_locals, and code_length use half size data types. This means pre-Java 1's classfiles follow this format:
Code_attribute {
u2 attribute_name_index;
u2 attribute_length;
u1 max_stack; // uint8_t vs. uint16_t
u1 max_locals; // uint8_t vs. uint16_t
u2 code_length; // uint16_t vs. uint32_t
u1 code[code_length];
u2 exception_table_length;
{ u2 start_pc;
u2 end_pc;
u2 handler_pc;
u2 catch_type;
} exception_table[exception_table_length];
u2 attributes_count;
attribute_info attributes[attributes_count];
}
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Download proof of concept jar file: https://github.com/ItzSomebody/StopDecompilingMyJava/blob/master/decompiler-tool-bugs/Entry-011/PoC.jar
2. execute java -jar PoC.jar, code gets executed without any problem
3. execute javap -cp PoC.jar Test or javap -c -v -p -cp PoC.jar, error gets shown
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
disassembled bytecode
ACTUAL -
Error of javap -cp PoC.jar Test:
Error: Unexpected or invalid value for Code attribute
Error of javap -v -p -c -cp PoC.jar Test:
Error: Unexpected or invalid value for Code attribute
Error: java.lang.reflect.InvocationTargetException
Code: length = 0x11
0A 05 00 09 B2 00 07 12 01 B6 00 08 B1 00 00 00
00
}
---------- BEGIN SOURCE ----------
Proof of concept jar file: https://github.com/ItzSomebody/StopDecompilingMyJava/blob/master/decompiler-tool-bugs/Entry-011/PoC.jar
---------- END SOURCE ----------
FREQUENCY : always
A good description of this bug can be found at
https://github.com/ItzSomebody/StopDecompilingMyJava/blob/master/decompiler-tool-bugs/Entry-011/Entry.md
Copied here:
See: https://twitter.com/LeeAtBenf/status/1136035843955732486
Also see: https://github.com/ItzSomebody/openjdk-jdk8u/blob/e87709def542f064a7ab9fa75542230e40876310/hotspot/src/share/vm/classfile/classFileParser.cpp#L2137
Utilizes differences in the pre-Java 1 classfile format (major version 45, minor version 2 and below) and the modern Java classfile format.
Regularly, Java's Method Code Attribute obeys the following:
Code_attribute {
u2 attribute_name_index;
u4 attribute_length;
u2 max_stack;
u2 max_locals;
u4 code_length;
u1 code[code_length];
u2 exception_table_length;
{ u2 start_pc;
u2 end_pc;
u2 handler_pc;
u2 catch_type;
} exception_table[exception_table_length];
u2 attributes_count;
attribute_info attributes[attributes_count];
}
However, pre-Java 1 classfiles do not. In pre-Java 1, the max_stack, max_locals, and code_length use half size data types. This means pre-Java 1's classfiles follow this format:
Code_attribute {
u2 attribute_name_index;
u2 attribute_length;
u1 max_stack; // uint8_t vs. uint16_t
u1 max_locals; // uint8_t vs. uint16_t
u2 code_length; // uint16_t vs. uint32_t
u1 code[code_length];
u2 exception_table_length;
{ u2 start_pc;
u2 end_pc;
u2 handler_pc;
u2 catch_type;
} exception_table[exception_table_length];
u2 attributes_count;
attribute_info attributes[attributes_count];
}
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Download proof of concept jar file: https://github.com/ItzSomebody/StopDecompilingMyJava/blob/master/decompiler-tool-bugs/Entry-011/PoC.jar
2. execute java -jar PoC.jar, code gets executed without any problem
3. execute javap -cp PoC.jar Test or javap -c -v -p -cp PoC.jar, error gets shown
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
disassembled bytecode
ACTUAL -
Error of javap -cp PoC.jar Test:
Error: Unexpected or invalid value for Code attribute
Error of javap -v -p -c -cp PoC.jar Test:
Error: Unexpected or invalid value for Code attribute
Error: java.lang.reflect.InvocationTargetException
Code: length = 0x11
0A 05 00 09 B2 00 07 12 01 B6 00 08 B1 00 00 00
00
}
---------- BEGIN SOURCE ----------
Proof of concept jar file: https://github.com/ItzSomebody/StopDecompilingMyJava/blob/master/decompiler-tool-bugs/Entry-011/PoC.jar
---------- END SOURCE ----------
FREQUENCY : always
- relates to
-
-
- Resolved
-