ADDITIONAL SYSTEM INFORMATION :
openjdk 11.0.4 2019-07-16
OpenJDK Runtime Environment (build 11.0.4+11-post-Ubuntu-1ubuntu218.04.3)
OpenJDK 64-Bit Server VM (build 11.0.4+11-post-Ubuntu-1ubuntu218.04.3, mixed mode, sharing)
Distributor ID: Ubuntu
Description: Ubuntu 18.04.3 LTS
Release: 18.04
Codename: bionic
A DESCRIPTION OF THE PROBLEM :
Jshell crashes completely on certain String.format calls.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Open jshell and run String.format("%s %s %s", (Object) Stream.of(1,2,3).toArray(Integer[]::new))
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
MissingFormatArgumentException exception but jshell should not crash.
ACTUAL -
| Exception java.util.MissingFormatArgumentException: Format specifier 'Exception in thread "main" java.util.MissingFormatArgumentException: Format specifier '%s'
at java.base/java.util.Formatter.format(Formatter.java:2672)
at java.base/java.io.PrintStream.format(PrintStream.java:1053)
at java.base/java.io.PrintStream.printf(PrintStream.java:949)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.error(JShellTool.java:728)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.errormsg(JShellTool.java:867)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.displayEvalException(JShellTool.java:3451)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.displayException(JShellTool.java:3425)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.displayException(JShellTool.java:3418)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.handleEvent(JShellTool.java:3582)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.processSource(JShellTool.java:3550)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.processSourceCatchingReset(JShellTool.java:1301)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.processInput(JShellTool.java:1203)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.run(JShellTool.java:1176)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.start(JShellTool.java:975)
at jdk.jshell/jdk.internal.jshell.tool.JShellToolBuilder.start(JShellToolBuilder.java:254)
at jdk.jshell/jdk.internal.jshell.tool.JShellToolProvider.main(JShellToolProvider.java:120)
FREQUENCY : always
openjdk 11.0.4 2019-07-16
OpenJDK Runtime Environment (build 11.0.4+11-post-Ubuntu-1ubuntu218.04.3)
OpenJDK 64-Bit Server VM (build 11.0.4+11-post-Ubuntu-1ubuntu218.04.3, mixed mode, sharing)
Distributor ID: Ubuntu
Description: Ubuntu 18.04.3 LTS
Release: 18.04
Codename: bionic
A DESCRIPTION OF THE PROBLEM :
Jshell crashes completely on certain String.format calls.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Open jshell and run String.format("%s %s %s", (Object) Stream.of(1,2,3).toArray(Integer[]::new))
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
MissingFormatArgumentException exception but jshell should not crash.
ACTUAL -
| Exception java.util.MissingFormatArgumentException: Format specifier 'Exception in thread "main" java.util.MissingFormatArgumentException: Format specifier '%s'
at java.base/java.util.Formatter.format(Formatter.java:2672)
at java.base/java.io.PrintStream.format(PrintStream.java:1053)
at java.base/java.io.PrintStream.printf(PrintStream.java:949)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.error(JShellTool.java:728)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.errormsg(JShellTool.java:867)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.displayEvalException(JShellTool.java:3451)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.displayException(JShellTool.java:3425)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.displayException(JShellTool.java:3418)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.handleEvent(JShellTool.java:3582)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.processSource(JShellTool.java:3550)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.processSourceCatchingReset(JShellTool.java:1301)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.processInput(JShellTool.java:1203)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.run(JShellTool.java:1176)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.start(JShellTool.java:975)
at jdk.jshell/jdk.internal.jshell.tool.JShellToolBuilder.start(JShellToolBuilder.java:254)
at jdk.jshell/jdk.internal.jshell.tool.JShellToolProvider.main(JShellToolProvider.java:120)
FREQUENCY : always
- duplicates
-
JDK-8214852 JShell tool vulnerable to printf format injection
-
- Closed
-