[commons-bcel] 04/05: org.apache.bcel.classfile.Signature constructors now throw ClassFormatException on invalid length input

Tue, 15 Nov 2022 10:46:00 -0800 

This is an automated email from the ASF dual-hosted git repository.

ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-bcel.git

commit 1d06bedaa613894a3420ccdb59ae2e4819f40975
Author: Gary David Gregory (Code signing key) <ggreg...@apache.org>
AuthorDate: Tue Nov 15 13:37:25 2022 -0500

    org.apache.bcel.classfile.Signature constructors now throw
    ClassFormatException on invalid length input
---
 src/changes/changes.xml                                | 1 +
 src/main/java/org/apache/bcel/classfile/Signature.java | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 364de329..63d77e25 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -78,6 +78,7 @@ The <action> type attribute can be add,update,fix,remove.
       <action                  type="fix" dev="ggregory" due-to="Gary 
Gregory">org.apache.bcel.classfile.ConstantValue constructors now throw 
ClassFormatException on invalid length input.</action>
       <action                  type="fix" dev="ggregory" due-to="Gary 
Gregory">org.apache.bcel.classfile.EnclosingMethod constructors now throw 
ClassFormatException on invalid length, class index, or method index 
input.</action>
       <action                  type="fix" dev="ggregory" due-to="Gary 
Gregory">org.apache.bcel.classfile.Synthetic constructors now throw 
ClassFormatException on invalid length input.</action>
+      <action                  type="fix" dev="ggregory" due-to="Gary 
Gregory">org.apache.bcel.classfile.Signature constructors now throw 
ClassFormatException on invalid length input.</action>
       <!-- UPDATE -->
       <action                  type="update" dev="ggregory" due-to="Gary 
Gregory">Bump spotbugs-maven-plugin from 4.7.2.2 to 4.7.3.0 #167.</action>
     </release>
diff --git a/src/main/java/org/apache/bcel/classfile/Signature.java 
b/src/main/java/org/apache/bcel/classfile/Signature.java
index b2d71e1e..b8c51ad7 100644
--- a/src/main/java/org/apache/bcel/classfile/Signature.java
+++ b/src/main/java/org/apache/bcel/classfile/Signature.java
@@ -23,6 +23,7 @@ import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 
 import org.apache.bcel.Const;
+import org.apache.bcel.util.Args;
 
 /**
  * This class is derived from <em>Attribute</em> and represents a reference to 
a GJ attribute.
@@ -172,7 +173,7 @@ public final class Signature extends Attribute {
      * @param constantPool Array of constants
      */
     public Signature(final int nameIndex, final int length, final int 
signatureIndex, final ConstantPool constantPool) {
-        super(Const.ATTR_SIGNATURE, nameIndex, length, constantPool);
+        super(Const.ATTR_SIGNATURE, nameIndex, Args.require(length, 2, 
"Signature length attribute"), constantPool);
         this.signatureIndex = signatureIndex;
     }

Reply via email to