On Fri, 1 Nov 2024 13:58:01 GMT, Chen Liang <li...@openjdk.org> wrote:
> In the patch for [JDK-8338544](https://bugs.openjdk.org/browse/JDK-8338544) > #20665, the validation methods `validateBinaryClassName` and > `validateInternalClassName` only checks if a separator char is the initial or > final char, or if it immediately follows another chars. This omitted the > case of empty strings, and allowed creation of invalid ClassDesc with empty > binary name, which is otherwise rejected by `ofDescriptor`. > > To better check for the separator char, the tracking mechanism is updated to > indicate a position where a separator char shouldn't appear, or where the > name string should not terminate. This is initially set to the initial > position 0, and upon each time of encountering a separator, this is updated > to the next char. > > This logic is similar to the existing one in `skipOverFieldSignature`, which > uses a boolean `legal` variable. Both reject empty strings, leading and > trailing separators, or consecutive separators. The new logic, however, does > not require repeated updates to the new `afterSeparator` variable upon > scanning each character. > > In addition, I noted the package name validation erroneously does not > prohibit leading, trailing, or consecutive separator chars. (Package names > are derived from class or interface names, so the same restrictions shall > apply) This patch also makes package name validation reuse class or > interface name validation in non-empty (unnamed package) cases, and added > those cases to the test suite. This pull request has now been integrated. Changeset: 1f7d524f Author: Chen Liang <li...@openjdk.org> URL: https://git.openjdk.org/jdk/commit/1f7d524fd3ecd932deb44b6fafdaa36c6bba4cb4 Stats: 109 lines in 5 files changed: 49 ins; 29 del; 31 mod 8343437: ClassDesc.of incorrectly permitting empty names Reviewed-by: mchung ------------- PR: https://git.openjdk.org/jdk/pull/21830
