[commons-bcel] 05/05: org.apache.bcel.classfile.SourceFile constructors now throw ClassFormatException on invalid input

Tue, 15 Nov 2022 10:45:58 -0800 

This is an automated email from the ASF dual-hosted git repository.

ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-bcel.git

commit ff95f51856cbf05207e72abc9fd877fb62872ad8
Author: Gary David Gregory (Code signing key) <ggreg...@apache.org>
AuthorDate: Tue Nov 15 13:45:22 2022 -0500

    org.apache.bcel.classfile.SourceFile constructors now throw
    ClassFormatException on invalid input
---
 src/changes/changes.xml                                 | 1 +
 src/main/java/org/apache/bcel/classfile/SourceFile.java | 5 +++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 63d77e25..72f8b4e3 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -79,6 +79,7 @@ The <action> type attribute can be add,update,fix,remove.
       <action                  type="fix" dev="ggregory" due-to="Gary 
Gregory">org.apache.bcel.classfile.EnclosingMethod constructors now throw 
ClassFormatException on invalid length, class index, or method index 
input.</action>
       <action                  type="fix" dev="ggregory" due-to="Gary 
Gregory">org.apache.bcel.classfile.Synthetic constructors now throw 
ClassFormatException on invalid length input.</action>
       <action                  type="fix" dev="ggregory" due-to="Gary 
Gregory">org.apache.bcel.classfile.Signature constructors now throw 
ClassFormatException on invalid length input.</action>
+      <action                  type="fix" dev="ggregory" due-to="Gary 
Gregory">org.apache.bcel.classfile.SourceFile constructors now throw 
ClassFormatException on invalid input.</action>
       <!-- UPDATE -->
       <action                  type="update" dev="ggregory" due-to="Gary 
Gregory">Bump spotbugs-maven-plugin from 4.7.2.2 to 4.7.3.0 #167.</action>
     </release>
diff --git a/src/main/java/org/apache/bcel/classfile/SourceFile.java 
b/src/main/java/org/apache/bcel/classfile/SourceFile.java
index 0b46b213..1ac137c1 100644
--- a/src/main/java/org/apache/bcel/classfile/SourceFile.java
+++ b/src/main/java/org/apache/bcel/classfile/SourceFile.java
@@ -21,6 +21,7 @@ import java.io.DataOutputStream;
 import java.io.IOException;
 
 import org.apache.bcel.Const;
+import org.apache.bcel.util.Args;
 
 /**
  * This class is derived from <em>Attribute</em> and represents a reference to 
the source file of this class. At most
@@ -56,8 +57,8 @@ public final class SourceFile extends Attribute {
      *        in many cases, the JVM.
      */
     public SourceFile(final int nameIndex, final int length, final int 
sourceFileIndex, final ConstantPool constantPool) {
-        super(Const.ATTR_SOURCE_FILE, nameIndex, length, constantPool);
-        this.sourceFileIndex = sourceFileIndex;
+        super(Const.ATTR_SOURCE_FILE, nameIndex, Args.require(length, 2, 
"SourceFile length attribute"), constantPool);
+        this.sourceFileIndex = Args.requireU2(sourceFileIndex, 0, 
constantPool.getLength(), "SourceFile source file index");
     }
 
     /**

Reply via email to