From 4af4a53545d619249fb4ccbfa3325ecedc009161 Mon Sep 17 00:00:00 2001 From: Eric Bruneton Date: Sun, 14 Jul 2019 15:55:45 +0200 Subject: [PATCH] Fix infinite loop with invalid arguments. --- asm/src/main/java/org/objectweb/asm/Type.java | 12 ++++++++---- asm/src/test/java/org/objectweb/asm/TypeTest.java | 10 ++++++++++ 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/asm/src/main/java/org/objectweb/asm/Type.java b/asm/src/main/java/org/objectweb/asm/Type.java index 8734bd004..01c68b460 100644 --- a/asm/src/main/java/org/objectweb/asm/Type.java +++ b/asm/src/main/java/org/objectweb/asm/Type.java @@ -305,7 +305,8 @@ public final class Type { } if (methodDescriptor.charAt(currentOffset++) == 'L') { // Skip the argument descriptor content. - currentOffset = methodDescriptor.indexOf(';', currentOffset) + 1; + int semiColumnOffset = methodDescriptor.indexOf(';', currentOffset); + currentOffset = Math.max(currentOffset, semiColumnOffset + 1); } ++numArgumentTypes; } @@ -323,7 +324,8 @@ public final class Type { } if (methodDescriptor.charAt(currentOffset++) == 'L') { // Skip the argument descriptor content. - currentOffset = methodDescriptor.indexOf(';', currentOffset) + 1; + int semiColumnOffset = methodDescriptor.indexOf(';', currentOffset); + currentOffset = Math.max(currentOffset, semiColumnOffset + 1); } argumentTypes[currentArgumentTypeIndex++] = getTypeInternal(methodDescriptor, currentArgumentTypeOffset, currentOffset); @@ -393,7 +395,8 @@ public final class Type { } if (methodDescriptor.charAt(currentOffset++) == 'L') { // Skip the argument descriptor content. - currentOffset = methodDescriptor.indexOf(';', currentOffset) + 1; + int semiColumnOffset = methodDescriptor.indexOf(';', currentOffset); + currentOffset = Math.max(currentOffset, semiColumnOffset + 1); } } return currentOffset + 1; @@ -737,7 +740,8 @@ public final class Type { } if (methodDescriptor.charAt(currentOffset++) == 'L') { // Skip the argument descriptor content. - currentOffset = methodDescriptor.indexOf(';', currentOffset) + 1; + int semiColumnOffset = methodDescriptor.indexOf(';', currentOffset); + currentOffset = Math.max(currentOffset, semiColumnOffset + 1); } argumentsSize += 1; } diff --git a/asm/src/test/java/org/objectweb/asm/TypeTest.java b/asm/src/test/java/org/objectweb/asm/TypeTest.java index 151435498..ecf1f071a 100644 --- a/asm/src/test/java/org/objectweb/asm/TypeTest.java +++ b/asm/src/test/java/org/objectweb/asm/TypeTest.java @@ -31,7 +31,9 @@ import static org.junit.jupiter.api.Assertions.assertArrayEquals; import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertNotEquals; import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.junit.jupiter.api.Assertions.assertTimeoutPreemptively; +import java.time.Duration; import java.util.Arrays; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.function.Executable; @@ -175,6 +177,14 @@ public class TypeTest implements Opcodes { assertEquals(returnType, methodType.getReturnType()); } + @Test + public void testGetArgumentTypesInvalidMethodDescriptor() { + Executable getArgumentTypes = () -> Type.getArgumentTypes("(Ljava/lang/String"); + + assertTimeoutPreemptively( + Duration.ofMillis(100), () -> assertThrows(RuntimeException.class, getArgumentTypes)); + } + @Test public void testGetReturnTypeFromDescriptor() { assertEquals(Type.INT_TYPE, Type.getReturnType("()I")); -- GitLab