Uploaded image for project: 'Commons BCEL'
  1. Commons BCEL
  2. BCEL-124

tableswitch/lookupswitch invalid alignment of 4-byte operands

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.2
    • Fix Version/s: 6.0
    • Component/s: Main
    • Labels:
      None
    • Environment:

      Operating System: All
      Platform: All

      Description

      It is possible, with BCEL, to generate invalid alignment of the 4-byte operands of the Select instructions. The problem is caused by the interaction of InstructionList.setPositions, the updatePosition methods of GOTO and JSR, and Select.updatePosition.

      In particular, the updatePosition methods of GOTO and JSR will always return the difference between the wide instruction length and the normal instruction length. Since this value ends up being added into the additional_bytes variable in InstructionList.setPositions and then eventually contributes to the value passed into Select.updatePosition as the offset, its incorrect value causes the padding field to be set incorrectly.

      It appears that in order to behave properly, the updatePosition method should return only the number of bytes of length that the instruction changed during this call to updatePosition.

      I am attaching a small example application that displays the bug.

      I will also be attaching a patch.

        Attachments

        1. bug45230.patch
          1 kB
          Timothy Alper
        2. SetPositionsBug.java
          2 kB
          Timothy Alper

          Activity

            People

            • Assignee:
              issues@commons.apache.org Apache Commons Developers
              Reporter:
              talper@coverity.com Timothy Alper
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: