Description
Verifier pass 2 throws an INTERNAL ERROR on malformed input instead of reporting verification failure.
Steps to reproduce:
Save the attached file as "Hello.class" and run:
java -cp <classpath> org.apache.bcel.verifier.Verifier Hello
The file Hello.class was generated automatically by the fuzzer JQF (https://github.com/rohanpadhye/jqf).
Expected output:
VERIFIED_REJECTED
Observed output:
JustIce by Enver Haase, (C) 2001-2002.
<http://commons.apache.org/bcel>
Now verifying: Hello
Pass 1:
VERIFIED_OK
Passed verification.
Exception in thread "main" org.apache.bcel.verifier.exc.AssertionViolatedException: INTERNAL ERROR: Please adapt 'class org.apache.bcel.verifier.statics.StringRepresentation' to deal with objects of class 'class org.apache.bcel.classfile.ConstantPackage'.
at org.apache.bcel.verifier.statics.StringRepresentation.toString(StringRepresentation.java:110)
at org.apache.bcel.verifier.statics.Pass2Verifier.tostring(Pass2Verifier.java:1569)
at org.apache.bcel.verifier.statics.Pass2Verifier.access$100(Pass2Verifier.java:86)
at org.apache.bcel.verifier.statics.Pass2Verifier$CPESSC_Visitor.checkIndex(Pass2Verifier.java:371)
at org.apache.bcel.verifier.statics.Pass2Verifier$CPESSC_Visitor.visitConstantFieldref(Pass2Verifier.java:452)
at org.apache.bcel.classfile.ConstantFieldref.accept(ConstantFieldref.java:69)
at org.apache.bcel.classfile.DescendingVisitor.visitConstantFieldref(DescendingVisitor.java:295)
at org.apache.bcel.classfile.ConstantFieldref.accept(ConstantFieldref.java:69)
at org.apache.bcel.classfile.DescendingVisitor.visitConstantPool(DescendingVisitor.java:269)
at org.apache.bcel.classfile.ConstantPool.accept(ConstantPool.java:91)
at org.apache.bcel.classfile.DescendingVisitor.visitJavaClass(DescendingVisitor.java:105)
at org.apache.bcel.classfile.JavaClass.accept(JavaClass.java:213)
at org.apache.bcel.classfile.DescendingVisitor.visit(DescendingVisitor.java:85)
at org.apache.bcel.verifier.statics.Pass2Verifier$CPESSC_Visitor.<init>(Pass2Verifier.java:361)
at org.apache.bcel.verifier.statics.Pass2Verifier$CPESSC_Visitor.<init>(Pass2Verifier.java:317)
at org.apache.bcel.verifier.statics.Pass2Verifier.constant_pool_entries_satisfy_static_constraints(Pass2Verifier.java:302)
at org.apache.bcel.verifier.statics.Pass2Verifier.do_verify(Pass2Verifier.java:161)
at org.apache.bcel.verifier.PassVerifier.verify(PassVerifier.java:71)
at org.apache.bcel.verifier.Verifier.doPass2(Verifier.java:76)
at org.apache.bcel.verifier.Verifier.main(Verifier.java:211)