P4
There is some code in JShellTool.java that invokes String.format(x, ...) when x is some random String, but no escaping of embedded format specifiers (like "%s") inside x is performed. As a result, JShell crashes abruptly with (for example) java.util.MissingFormatArgumentException.
Reproducer:
$ cat xx.js
System.out.println(String.format("This is a %s.", "test"));
$ jshell --startup xx.js
This is a test.
| Welcome to JShell -- Version 24-internal
| For an introduction type: /help intro
jshell> /set
| /set editor /usr/bin/vi
| /set indent 4
| /set start xx.jsh
| ---- xx.jsh @ Oct 3, 2024, 4:20:56 PM ----
| System.out.println(String.format("This is a Exception in thread "main" java.util.MissingFormatArgumentException: Format specifier '%s'
at java.base/java.util.Formatter.format(Formatter.java:2800)
at java.base/java.io.PrintStream.implFormat(PrintStream.java:1369)
at java.base/java.io.PrintStream.format(PrintStream.java:1348)
at java.base/java.io.PrintStream.printf(PrintStream.java:1247)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.hard(JShellTool.java:747)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.showSetStart(JShellTool.java:2334)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.cmdSet(JShellTool.java:2024)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.processCommand(JShellTool.java:1418)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.processInput(JShellTool.java:1257)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.run(JShellTool.java:1235)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.start(JShellTool.java:1018)
at jdk.jshell/jdk.internal.jshell.tool.JShellToolBuilder.start(JShellToolBuilder.java:273)
at jdk.jshell/jdk.internal.jshell.tool.JShellToolProvider.main(JShellToolProvider.java:120)
Reproducer:
$ cat xx.js
System.out.println(String.format("This is a %s.", "test"));
$ jshell --startup xx.js
This is a test.
| Welcome to JShell -- Version 24-internal
| For an introduction type: /help intro
jshell> /set
| /set editor /usr/bin/vi
| /set indent 4
| /set start xx.jsh
| ---- xx.jsh @ Oct 3, 2024, 4:20:56 PM ----
| System.out.println(String.format("This is a Exception in thread "main" java.util.MissingFormatArgumentException: Format specifier '%s'
at java.base/java.util.Formatter.format(Formatter.java:2800)
at java.base/java.io.PrintStream.implFormat(PrintStream.java:1369)
at java.base/java.io.PrintStream.format(PrintStream.java:1348)
at java.base/java.io.PrintStream.printf(PrintStream.java:1247)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.hard(JShellTool.java:747)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.showSetStart(JShellTool.java:2334)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.cmdSet(JShellTool.java:2024)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.processCommand(JShellTool.java:1418)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.processInput(JShellTool.java:1257)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.run(JShellTool.java:1235)
at jdk.jshell/jdk.internal.jshell.tool.JShellTool.start(JShellTool.java:1018)
at jdk.jshell/jdk.internal.jshell.tool.JShellToolBuilder.start(JShellToolBuilder.java:273)
at jdk.jshell/jdk.internal.jshell.tool.JShellToolProvider.main(JShellToolProvider.java:120)
- links to
-
Commit(master)
openjdk/jdk/bcebb0c5
-
Review(master)
openjdk/jdk/21339