On Tue, 21 Apr 2026 07:38:32 GMT, Serguei Spitsyn <[email protected]> wrote:
>> If an invalid JDWP command set number or command number is sent to the debug >> agent, it can result in branching to an unknown location, usually resulting >> in a crash. See first comment for details. >> >> Tested with CI tier1, tier2 svc, and tier5 svc. >> >> --------- >> - [x] I confirm that I make this contribution in accordance with the >> [OpenJDK Interim AI Policy](https://openjdk.org/legal/ai). > > src/jdk.jdwp.agent/share/native/libjdwp/debugDispatch.c line 101: > >> 99: *cmdName_p = "<Unknown Command>"; >> 100: >> 101: if (cmdSetNum < 0 || cmdSetNum > JDWP_HIGHEST_COMMAND_SET) { > > Q: I wonder why the check for command set number is not: `cmdSetNum < 1` as > for the command number below at line 111? We subtract 1 from cmdNum so therefore we need to check for < 1. We don't subtract 1 from cmdSetNum, so we check for < 0. As it turns out however, a < 1 check would work because 0 indexes the first entry, which is always NULL. We catch this already on line 106. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/30827#discussion_r3118949191
