[commons-bcel] 02/02: org.apache.bcel.classfile.EnclosingMethod constructors now throw ClassFormatException on invalid length, class index, or method index input.

Tue, 15 Nov 2022 10:30:19 -0800 

This is an automated email from the ASF dual-hosted git repository.

ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-bcel.git

commit 0f599351bb2ca774d057282b278246d86dfd1a1a
Author: Gary David Gregory (Code signing key) <ggreg...@apache.org>
AuthorDate: Tue Nov 15 13:29:54 2022 -0500

    org.apache.bcel.classfile.EnclosingMethod constructors now throw
    ClassFormatException on invalid length, class index, or method index
    input.
---
 src/changes/changes.xml                                      | 1 +
 src/main/java/org/apache/bcel/classfile/EnclosingMethod.java | 9 +++++----
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 79fc98e9..4d8cbd37 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -76,6 +76,7 @@ The <action> type attribute can be add,update,fix,remove.
       <action                  type="fix" dev="ggregory" due-to="Gary 
Gregory">org.apache.bcel.classfile.Deprecated constructors now throw 
ClassFormatException on invalid length input.</action>
       <action                  type="fix" dev="ggregory" due-to="Gary 
Gregory">org.apache.bcel.classfile.Attribute constructors now throw 
ClassFormatException on invalid name index input.</action>
       <action                  type="fix" dev="ggregory" due-to="Gary 
Gregory">org.apache.bcel.classfile.ConstantValue constructors now throw 
ClassFormatException on invalid length input.</action>
+      <action                  type="fix" dev="ggregory" due-to="Gary 
Gregory">org.apache.bcel.classfile.EnclosingMethod constructors now throw 
ClassFormatException on invalid length, class index, or method index 
input.</action>
       <!-- UPDATE -->
       <action                  type="update" dev="ggregory" due-to="Gary 
Gregory">Bump spotbugs-maven-plugin from 4.7.2.2 to 4.7.3.0 #167.</action>
     </release>
diff --git a/src/main/java/org/apache/bcel/classfile/EnclosingMethod.java 
b/src/main/java/org/apache/bcel/classfile/EnclosingMethod.java
index ec9b6542..537f6507 100644
--- a/src/main/java/org/apache/bcel/classfile/EnclosingMethod.java
+++ b/src/main/java/org/apache/bcel/classfile/EnclosingMethod.java
@@ -21,6 +21,7 @@ import java.io.DataOutputStream;
 import java.io.IOException;
 
 import org.apache.bcel.Const;
+import org.apache.bcel.util.Args;
 
 /**
  * This attribute exists for local or anonymous classes and ... there can be 
only one.
@@ -48,10 +49,10 @@ public class EnclosingMethod extends Attribute {
         this(nameIndex, len, input.readUnsignedShort(), 
input.readUnsignedShort(), cpool);
     }
 
-    private EnclosingMethod(final int nameIndex, final int len, final int 
classIdx, final int methodIdx, final ConstantPool cpool) {
-        super(Const.ATTR_ENCLOSING_METHOD, nameIndex, len, cpool);
-        classIndex = classIdx;
-        methodIndex = methodIdx;
+    private EnclosingMethod(final int nameIndex, final int len, final int 
classIndex, final int methodIndex, final ConstantPool cpool) {
+        super(Const.ATTR_ENCLOSING_METHOD, nameIndex, Args.require(len, 4, 
"EnclosingMethod attribute length"), cpool);
+        this.classIndex = Args.requireU2(classIndex, 0, cpool.getLength(), 
"EnclosingMethod class index");
+        this.methodIndex = Args.requireU2(methodIndex, "EnclosingMethod method 
index");
     }
 
     @Override

Reply via email to