The verifier throws a ClassFormatException during Pass 3A verification of a malformed class file even though Pass 1 and Pass 2 have completed successfully.

Note that the input class file is indeed malformed, however the verifier should ideally just return a verification result of REJECTED instead of throwing an unchecked run-time exception.

Steps to reproduce:

 

Save the attached file as "example/A.class" and run:

java -cp <classpath> org.apache.bcel.verifier.Verifier example.A

 

The file A.class was generated automatically by the fuzzer JQF (https://github.com/rohanpadhye/jqf).

Expected output:

VERIFIED_REJECTED

Observed output:

JustIce by Enver Haase, (C) 2001-2002.

<http://bcel.sourceforge.net>

<http://commons.apache.org/bcel>

 

Now verifying: example.A

 

Pass 1:

VERIFIED_OK

Passed verification.

 

Pass 2:

VERIFIED_OK

Passed verification.

 

Exception in thread "main" org.apache.bcel.classfile.ClassFormatException: Expected class `CONSTANT_InvokeDynamic' at index 14 and got CONSTANT_Methodref[10](class_index = 13, name_and_type_index = 11)

at org.apache.bcel.classfile.ConstantPool.getConstant(ConstantPool.java:261)

at org.apache.bcel.classfile.ConstantPool.constantToString(ConstantPool.java:207)

at org.apache.bcel.classfile.Utility.codeToString(Utility.java:373)

at org.apache.bcel.classfile.Utility.codeToString(Utility.java:157)

at org.apache.bcel.classfile.Code.toString(Code.java:306)

at org.apache.bcel.classfile.Code.toString(Code.java:328)

at java.lang.String.valueOf(String.java:2994)

at java.lang.StringBuilder.append(StringBuilder.java:131)

at org.apache.bcel.verifier.statics.Pass3aVerifier.delayedPass2Checks(Pass3aVerifier.java:289)

at org.apache.bcel.verifier.statics.Pass3aVerifier.do_verify(Pass3aVerifier.java:200)

at org.apache.bcel.verifier.PassVerifier.verify(PassVerifier.java:71)

at org.apache.bcel.verifier.Verifier.doPass3a(Verifier.java:89)

at org.apache.bcel.verifier.Verifier.main(Verifier.java:216)