From e33d8a219811930492e684e19a73dadb09590052 Mon Sep 17 00:00:00 2001 From: Alex Menkov Date: Sat, 10 Feb 2024 00:56:59 +0000 Subject: [PATCH] 8311076: RedefineClasses doesn't check for ConstantPool overflow Reviewed-by: coleenp, lmesnik --- src/hotspot/share/prims/jvmtiRedefineClasses.cpp | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/hotspot/share/prims/jvmtiRedefineClasses.cpp b/src/hotspot/share/prims/jvmtiRedefineClasses.cpp index 3dcb026e785..f6f194fd66f 100644 --- a/src/hotspot/share/prims/jvmtiRedefineClasses.cpp +++ b/src/hotspot/share/prims/jvmtiRedefineClasses.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1823,6 +1823,12 @@ jvmtiError VM_RedefineClasses::merge_cp_and_rewrite( return JVMTI_ERROR_INTERNAL; } + // ensure merged constant pool size does not overflow u2 + if (merge_cp_length > 0xFFFF) { + log_warning(redefine, class, constantpool)("Merged constant pool overflow: %d entries", merge_cp_length); + return JVMTI_ERROR_INTERNAL; + } + // Set dynamic constants attribute from the original CP. if (old_cp->has_dynamic_constant()) { scratch_cp->set_has_dynamic_constant();