-
Bug
-
Resolution: Unresolved
-
P4
-
25
-
In Review
Currently, Class-File API only simply validates the input lists with a copy to avoid tampering. It does not validate the stored list is actually representable in the class file format given the size constraints (u1, u2, etc.). These constraints should be respected, and we should fail fast if such lists cannot be encoded instead of producing malformed data.
- csr for
-
JDK-8361906 Missing List length validation in the Class-File API
-
- Provisional
-
- relates to
-
JDK-8361703 Release Note: Class-File API Rejects Unrepresentable Integer Data
-
- Open
-
-
JDK-8361614 Missing sub-int value validation in the Class-File API
-
- In Progress
-
- links to
-
Review(pr/26201) openjdk/jdk/26252