packages/bcel
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix CVE-2022-34169 for xalan-j2

Browse Source
This commit is contained in:
wk333 2022-09-22 18:07:43 +08:00
parent 1fd89966f6
commit 53bc6af3e4
2 changed files with 90 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
CVE-2022-34169.patch Normal file
View File

@ -0,0 +1,84 @@
From 13bf52c8d876528a43be7cb77a1f452d29a21492 Mon Sep 17 00:00:00 2001
From: Aleksei Voitylov <avoitylov@openjdk.org>
Date: Mon, 30 May 2022 12:26:00 +0000
Subject: [PATCH] 8285407: Improve Xalan supports
Refer: https://github.com/openjdk/jdk11u/commit/13bf52c8d876528a43be7cb77a1f452d29a21492
---
.../java/org/apache/bcel/classfile/ConstantPool.java | 12 ++++++++++--
.../org/apache/bcel/generic/ConstantPoolGen.java | 12 +++++++++++-
2 files changed, 21 insertions(+), 3 deletions(-)
diff --git a/src/main/java/org/apache/bcel/classfile/ConstantPool.java b/src/main/java/org/apache/bcel/classfile/ConstantPool.java
index c2926c0..cb38cbc 100644
--- a/src/main/java/org/apache/bcel/classfile/ConstantPool.java
+++ b/src/main/java/org/apache/bcel/classfile/ConstantPool.java
@@ -22,6 +22,7 @@ import java.io.DataOutputStream;
import java.io.IOException;
import org.apache.bcel.Const;
+import org.apache.bcel.generic.ConstantPoolGen;
/**
* This class represents the constant pool, i.e., a table of constants, of
@@ -218,8 +219,15 @@ public class ConstantPool implements Cloneable, Node {
* @throws IOException
*/
public void dump( final DataOutputStream file ) throws IOException {
- file.writeShort(constantPool.length);
- for (int i = 1; i < constantPool.length; i++) {
+ /*
+ * Constants over the size of the constant pool shall not be written out.
+ * This is a redundant measure as the ConstantPoolGen should have already
+ * reported an error back in the situation.
+ */
+ int size = constantPool.length < ConstantPoolGen.CONSTANT_POOL_SIZE - 1 ?
+ constantPool.length : ConstantPoolGen.CONSTANT_POOL_SIZE - 1;
+ file.writeShort(size);
+ for (int i = 1; i < size; i++) {
if (constantPool[i] != null) {
constantPool[i].dump(file);
}
diff --git a/src/main/java/org/apache/bcel/generic/ConstantPoolGen.java b/src/main/java/org/apache/bcel/generic/ConstantPoolGen.java
index 5a09e0d..6f3d508 100644
--- a/src/main/java/org/apache/bcel/generic/ConstantPoolGen.java
+++ b/src/main/java/org/apache/bcel/generic/ConstantPoolGen.java
@@ -52,6 +52,7 @@ import org.apache.bcel.classfile.ConstantUtf8;
public class ConstantPoolGen {
private static final int DEFAULT_BUFFER_SIZE = 256;
+ public static final int CONSTANT_POOL_SIZE = 65536;
/**
* @deprecated (since 6.0) will be made private; do not access directly, use getter/setter
@@ -95,7 +96,7 @@ public class ConstantPoolGen {
public ConstantPoolGen(final Constant[] cs) {
final StringBuilder sb = new StringBuilder(DEFAULT_BUFFER_SIZE);
- size = Math.max(DEFAULT_BUFFER_SIZE, cs.length + 64);
+ size = Math.min(cs.length, CONSTANT_POOL_SIZE);
constants = new Constant[size];
System.arraycopy(cs, 0, constants, 0, cs.length);
@@ -224,9 +225,18 @@ public class ConstantPoolGen {
/** Resize internal array of constants.
*/
protected void adjustSize() {
+ // 3 extra spaces are needed as some entries may take 3 slots
+ if (index + 3 >= CONSTANT_POOL_SIZE) {
+ throw new RuntimeException("The number of constants " + (index + 3)
+ + " is over the size of the constant pool: "
+ + (CONSTANT_POOL_SIZE - 1));
+ }
+
if (index + 3 >= size) {
final Constant[] cs = constants;
size *= 2;
+ // the constant array shall not exceed the size of the constant pool
+ size = Math.min(size, CONSTANT_POOL_SIZE);
constants = new Constant[size];
System.arraycopy(cs, 0, constants, 0, index);
}
--
2.27.0

8
bcel.spec
View File

@ -1,10 +1,11 @@
Name: bcel Name: bcel
Version: 6.5.0 Version: 6.5.0
Release: 1 Release: 2
Summary: Byte Code Engineering Library Summary: Byte Code Engineering Library
License: Apache-2.0 License: Apache-2.0
URL: http://commons.apache.org/proper/commons-bcel/ URL: http://commons.apache.org/proper/commons-bcel/
Source0: http://archive.apache.org/dist/commons/bcel/source/bcel-%{version}-src.tar.gz Source0: http://archive.apache.org/dist/commons/bcel/source/bcel-%{version}-src.tar.gz
Patch0: CVE-2022-34169.patch
BuildArch: noarch BuildArch: noarch
BuildRequires: maven-local mvn(org.apache.commons:commons-parent:pom:) BuildRequires: maven-local mvn(org.apache.commons:commons-parent:pom:)
Obsoletes: bcel-javadoc < %{version}-%{release} Obsoletes: bcel-javadoc < %{version}-%{release}
@ -16,7 +17,7 @@ give users a convenient possibility to analyze, create, and manipulate (binary)
Java class files (those ending with .class). Java class files (those ending with .class).
%prep %prep
%autosetup -n %{name}-%{version}-src %autosetup -n %{name}-%{version}-src -p1
%pom_remove_plugin :maven-source-plugin %pom_remove_plugin :maven-source-plugin
%pom_remove_plugin :spotbugs-maven-plugin %pom_remove_plugin :spotbugs-maven-plugin
%mvn_alias : bcel: apache: %mvn_alias : bcel: apache:
@ -37,6 +38,9 @@ Java class files (those ending with .class).
%{_javadocdir}/%{name} %{_javadocdir}/%{name}
%changelog %changelog
* Thu Sep 22 2022 wangkai <wangkai385@h-partners.com> - 6.5.0-2
- Fix CVE-2022-34169 for xalan-j2
* Thu Jun 16 2022 Ge Wang <wangge20@h-partners.com> - 6.5.0-1 * Thu Jun 16 2022 Ge Wang <wangge20@h-partners.com> - 6.5.0-1
- Upgrade to version 6.5.0 - Upgrade to version 6.5.0