1 /*
2 * Licensed to the Apache Software Foundation (ASF) under one or more
3 * contributor license agreements. See the NOTICE file distributed with
4 * this work for additional information regarding copyright ownership.
5 * The ASF licenses this file to You under the Apache License, Version 2.0
6 * (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17 package org.apache.bcel.verifier.statics;
18
19 import java.util.HashMap;
20 import java.util.HashSet;
21 import java.util.Locale;
22 import java.util.Map;
23 import java.util.Objects;
24 import java.util.Set;
25
26 import org.apache.bcel.Const;
27 import org.apache.bcel.Constants;
28 import org.apache.bcel.Repository;
29 import org.apache.bcel.classfile.Attribute;
30 import org.apache.bcel.classfile.ClassFormatException;
31 import org.apache.bcel.classfile.Code;
32 import org.apache.bcel.classfile.CodeException;
33 import org.apache.bcel.classfile.Constant;
34 import org.apache.bcel.classfile.ConstantClass;
35 import org.apache.bcel.classfile.ConstantDouble;
36 import org.apache.bcel.classfile.ConstantFieldref;
37 import org.apache.bcel.classfile.ConstantFloat;
38 import org.apache.bcel.classfile.ConstantInteger;
39 import org.apache.bcel.classfile.ConstantInterfaceMethodref;
40 import org.apache.bcel.classfile.ConstantLong;
41 import org.apache.bcel.classfile.ConstantMethodref;
42 import org.apache.bcel.classfile.ConstantNameAndType;
43 import org.apache.bcel.classfile.ConstantPool;
44 import org.apache.bcel.classfile.ConstantString;
45 import org.apache.bcel.classfile.ConstantUtf8;
46 import org.apache.bcel.classfile.ConstantValue;
47 import org.apache.bcel.classfile.Deprecated;
48 import org.apache.bcel.classfile.DescendingVisitor;
49 import org.apache.bcel.classfile.EmptyVisitor;
50 import org.apache.bcel.classfile.ExceptionTable;
51 import org.apache.bcel.classfile.Field;
52 import org.apache.bcel.classfile.InnerClass;
53 import org.apache.bcel.classfile.InnerClasses;
54 import org.apache.bcel.classfile.JavaClass;
55 import org.apache.bcel.classfile.LineNumber;
56 import org.apache.bcel.classfile.LineNumberTable;
57 import org.apache.bcel.classfile.LocalVariable;
58 import org.apache.bcel.classfile.LocalVariableTable;
59 import org.apache.bcel.classfile.Method;
60 import org.apache.bcel.classfile.Node;
61 import org.apache.bcel.classfile.SourceFile;
62 import org.apache.bcel.classfile.Synthetic;
63 import org.apache.bcel.classfile.Unknown;
64 import org.apache.bcel.classfile.Utility;
65 import org.apache.bcel.generic.ArrayType;
66 import org.apache.bcel.generic.ObjectType;
67 import org.apache.bcel.generic.Type;
68 import org.apache.bcel.verifier.PassVerifier;
69 import org.apache.bcel.verifier.VerificationResult;
70 import org.apache.bcel.verifier.Verifier;
71 import org.apache.bcel.verifier.VerifierFactory;
72 import org.apache.bcel.verifier.exc.AssertionViolatedException;
73 import org.apache.bcel.verifier.exc.ClassConstraintException;
74 import org.apache.bcel.verifier.exc.LocalVariableInfoInconsistentException;
75
76 /**
77 * This PassVerifier verifies a class file according to pass 2 as described in The Java Virtual Machine Specification,
78 * 2nd edition. More detailed information is to be found at the do_verify() method's documentation.
79 *
80 * @see #do_verify()
81 */
82 public final class Pass2Verifier extends PassVerifier implements Constants {
83
84 /**
85 * A Visitor class that ensures the constant pool satisfies the static constraints. The visitXXX() methods throw
86 * ClassConstraintException instances otherwise.
87 *
88 * @see #constantPoolEntriesSatisfyStaticConstraints()
89 */
90 private final class CPESSC_Visitor extends EmptyVisitor {
91 private final Class<?> CONST_Class;
92
93 /*
94 * private Class<?> CONST_Fieldref; private Class<?> CONST_Methodref; private Class<?> CONST_InterfaceMethodref;
95 */
96 private final Class<?> CONST_String;
97 private final Class<?> CONST_Integer;
98 private final Class<?> CONST_Float;
99 private final Class<?> CONST_Long;
100 private final Class<?> CONST_Double;
101 private final Class<?> CONST_NameAndType;
102 private final Class<?> CONST_Utf8;
103
104 private final JavaClass jc;
105 private final ConstantPool cp; // ==jc.getConstantPool() -- only here to save typing work and computing power.
106 private final int cplen; // == cp.getLength() -- to save computing power.
107 private final DescendingVisitor carrier;
108
109 private final Set<String> fieldNames = new HashSet<>();
110 private final Set<String> fieldNamesAndDesc = new HashSet<>();
111 private final Set<String> methodNamesAndDesc = new HashSet<>();
112
113 private CPESSC_Visitor(final JavaClass jc) {
114 this.jc = jc;
115 this.cp = jc.getConstantPool();
116 this.cplen = cp.getLength();
117
118 this.CONST_Class = ConstantClass.class;
119 /*
120 * CONST_Fieldref = ConstantFieldref.class; CONST_Methodref = ConstantMethodref.class; CONST_InterfaceMethodref =
121 * ConstantInterfaceMethodref.class;
122 */
123 this.CONST_String = ConstantString.class;
124 this.CONST_Integer = ConstantInteger.class;
125 this.CONST_Float = ConstantFloat.class;
126 this.CONST_Long = ConstantLong.class;
127 this.CONST_Double = ConstantDouble.class;
128 this.CONST_NameAndType = ConstantNameAndType.class;
129 this.CONST_Utf8 = ConstantUtf8.class;
130
131 this.carrier = new DescendingVisitor(jc, this);
132 this.carrier.visit();
133 }
134
135 private void checkIndex(final Node referrer, final int index, final Class<?> shouldbe) {
136 if (index < 0 || index >= cplen) {
137 throw new ClassConstraintException("Invalid index '" + index + "' used by '" + tostring(referrer) + "'.");
138 }
139 final Constant c = cp.getConstant(index);
140 if (!shouldbe.isInstance(c)) {
141 /* String isnot = shouldbe.toString().substring(shouldbe.toString().lastIndexOf(".")+1); //Cut all before last "." */
142 throw new ClassConstraintException(
143 "Illegal constant '" + tostring(c) + "' at index '" + index + "'. '" + tostring(referrer) + "' expects a '" + shouldbe + "'.");
144 }
145 }
146
147 // SYNTHETIC: see above
148 // DEPRECATED: see above
149 /////////////////////////////////////////////////////////
150 // method_info-structure-ATTRIBUTES (vmspec2 4.6, 4.7) //
151 /////////////////////////////////////////////////////////
152 @Override
153 public void visitCode(final Code obj) { // vmspec2 4.7.3
154 try {
155 // No code attribute allowed for native or abstract methods: see visitMethod(Method).
156 // Code array constraints are checked in Pass3 (3a and 3b).
157
158 checkIndex(obj, obj.getNameIndex(), CONST_Utf8);
159
160 final String name = ((ConstantUtf8) cp.getConstant(obj.getNameIndex())).getBytes();
161 if (!name.equals("Code")) {
162 throw new ClassConstraintException("The Code attribute '" + tostring(obj) + "' is not correctly named 'Code' but '" + name + "'.");
163 }
164
165 if (!(carrier.predecessor() instanceof Method)) {
166 addMessage("Code attribute '" + tostring(obj) + "' is not declared in a method_info structure but in '" + carrier.predecessor()
167 + "'. Ignored.");
168 return;
169 }
170 final Method m = (Method) carrier.predecessor(); // we can assume this method was visited before;
171 // i.e. the data consistency was verified.
172
173 if (obj.getCode().length == 0) {
174 throw new ClassConstraintException("Code array of Code attribute '" + tostring(obj) + "' (method '" + m + "') must not be empty.");
175 }
176
177 // In JustIce, the check for correct offsets into the code array is delayed to Pass 3a.
178 final CodeException[] excTable = obj.getExceptionTable();
179 for (final CodeException element : excTable) {
180 final int excIndex = element.getCatchType();
181 if (excIndex != 0) { // if 0, it catches all Throwables
182 checkIndex(obj, excIndex, CONST_Class);
183 final ConstantClass cc = (ConstantClass) cp.getConstant(excIndex);
184 // cannot be sure this ConstantClass has already been visited (checked)!
185 checkIndex(cc, cc.getNameIndex(), CONST_Utf8);
186 final String cname = Utility.pathToPackage(((ConstantUtf8) cp.getConstant(cc.getNameIndex())).getBytes());
187
188 Verifier v = VerifierFactory.getVerifier(cname);
189 VerificationResult vr = v.doPass1();
190
191 if (vr != VerificationResult.VR_OK) {
192 throw new ClassConstraintException("Code attribute '" + tostring(obj) + "' (method '" + m + "') has an exception_table entry '"
193 + tostring(element) + "' that references '" + cname + "' as an Exception but it does not pass verification pass 1: " + vr);
194 }
195 // We cannot safely trust any other "instanceof" mechanism. We need to transitively verify
196 // the ancestor hierarchy.
197 JavaClass e = Repository.lookupClass(cname);
198 final JavaClass t = Repository.lookupClass(Type.THROWABLE.getClassName());
199 final JavaClass o = Repository.lookupClass(Type.OBJECT.getClassName());
200 while (e != o) {
201 if (e == t) {
202 break; // It's a subclass of Throwable, OKAY, leave.
203 }
204
205 v = VerifierFactory.getVerifier(e.getSuperclassName());
206 vr = v.doPass1();
207 if (vr != VerificationResult.VR_OK) {
208 throw new ClassConstraintException("Code attribute '" + tostring(obj) + "' (method '" + m + "') has an exception_table entry '"
209 + tostring(element) + "' that references '" + cname + "' as an Exception but '" + e.getSuperclassName()
210 + "' in the ancestor hierachy does not pass verification pass 1: " + vr);
211 }
212 e = Repository.lookupClass(e.getSuperclassName());
213 }
214 if (e != t) {
215 throw new ClassConstraintException(
216 "Code attribute '" + tostring(obj) + "' (method '" + m + "') has an exception_table entry '" + tostring(element)
217 + "' that references '" + cname + "' as an Exception but it is not a subclass of '" + t.getClassName() + "'.");
218 }
219 }
220 }
221
222 // Create object for local variables information
223 // This is highly unelegant due to usage of the Visitor pattern.
224 // TODO: rework it.
225 int methodNumber = -1;
226 final Method[] ms = Repository.lookupClass(verifier.getClassName()).getMethods();
227 for (int mn = 0; mn < ms.length; mn++) {
228 if (m == ms[mn]) {
229 methodNumber = mn;
230 break;
231 }
232 }
233 // If the .class file is malformed the loop above may not find a method.
234 // Try matching names instead of pointers.
235 if (methodNumber < 0) {
236 for (int mn = 0; mn < ms.length; mn++) {
237 if (m.getName().equals(ms[mn].getName())) {
238 methodNumber = mn;
239 break;
240 }
241 }
242 }
243
244 if (methodNumber < 0) { // Mmmmh. Can we be sure BCEL does not sometimes instantiate new objects?
245 throw new AssertionViolatedException("Could not find a known BCEL Method object in the corresponding BCEL JavaClass object.");
246 }
247 localVariablesInfos[methodNumber] = new LocalVariablesInfo(obj.getMaxLocals());
248
249 int numOfLvtAttribs = 0;
250 // Now iterate through the attributes the Code attribute has.
251 final Attribute[] atts = obj.getAttributes();
252 for (final Attribute att : atts) {
253 if (!(att instanceof LineNumberTable) && !(att instanceof LocalVariableTable)) {
254 addMessage("Attribute '" + tostring(att) + "' as an attribute of Code attribute '" + tostring(obj) + "' (method '" + m
255 + "') is unknown and will therefore be ignored.");
256 } else { // LineNumberTable or LocalVariableTable
257 addMessage("Attribute '" + tostring(att) + "' as an attribute of Code attribute '" + tostring(obj) + "' (method '" + m
258 + "') will effectively be ignored and is only useful for debuggers and such.");
259 }
260
261 // LocalVariableTable check (partially delayed to Pass3a).
262 // Here because its easier to collect the information of the
263 // (possibly more than one) LocalVariableTables belonging to
264 // one certain Code attribute.
265 if (att instanceof LocalVariableTable) { // checks conforming to vmspec2 4.7.9
266
267 final LocalVariableTable lvt = (LocalVariableTable) att;
268
269 checkIndex(lvt, lvt.getNameIndex(), CONST_Utf8);
270
271 final String lvtname = ((ConstantUtf8) cp.getConstant(lvt.getNameIndex())).getBytes();
272 if (!lvtname.equals("LocalVariableTable")) {
273 throw new ClassConstraintException("The LocalVariableTable attribute '" + tostring(lvt)
274 + "' is not correctly named 'LocalVariableTable' but '" + lvtname + "'.");
275 }
276
277 // In JustIce, the check for correct offsets into the code array is delayed to Pass 3a.
278 for (final LocalVariable localvariable : lvt.getLocalVariableTable()) {
279 checkIndex(lvt, localvariable.getNameIndex(), CONST_Utf8);
280 final String localname = ((ConstantUtf8) cp.getConstant(localvariable.getNameIndex())).getBytes();
281 if (!validJavaIdentifier(localname)) {
282 throw new ClassConstraintException("LocalVariableTable '" + tostring(lvt) + "' references a local variable by the name '"
283 + localname + "' which is not a legal Java simple name.");
284 }
285
286 checkIndex(lvt, localvariable.getSignatureIndex(), CONST_Utf8);
287 final String localsig = ((ConstantUtf8) cp.getConstant(localvariable.getSignatureIndex())).getBytes(); // Local sig.(=descriptor)
288 Type t;
289 try {
290 t = Type.getType(localsig);
291 } catch (final ClassFormatException cfe) {
292 throw new ClassConstraintException("Illegal descriptor (==signature) '" + localsig + "' used by LocalVariable '"
293 + tostring(localvariable) + "' referenced by '" + tostring(lvt) + "'.", cfe);
294 }
295 final int localindex = localvariable.getIndex();
296 if ((t == Type.LONG || t == Type.DOUBLE ? localindex + 1 : localindex) >= obj.getMaxLocals()) {
297 throw new ClassConstraintException("LocalVariableTable attribute '" + tostring(lvt) + "' references a LocalVariable '"
298 + tostring(localvariable) + "' with an index that exceeds the surrounding Code attribute's max_locals value of '"
299 + obj.getMaxLocals() + "'.");
300 }
301
302 try {
303 localVariablesInfos[methodNumber].add(localindex, localname, localvariable.getStartPC(), localvariable.getLength(), t);
304 } catch (final LocalVariableInfoInconsistentException lviie) {
305 throw new ClassConstraintException("Conflicting information in LocalVariableTable '" + tostring(lvt)
306 + "' found in Code attribute '" + tostring(obj) + "' (method '" + tostring(m) + "'). " + lviie.getMessage(), lviie);
307 }
308 } // for all local variables localvariables[i] in the LocalVariableTable attribute atts[a] END
309
310 numOfLvtAttribs++;
311 if (!m.isStatic() && numOfLvtAttribs > obj.getMaxLocals()) {
312 throw new ClassConstraintException("Number of LocalVariableTable attributes of Code attribute '" + tostring(obj) + "' (method '"
313 + tostring(m) + "') exceeds number of local variable slots '" + obj.getMaxLocals()
314 + "' ('There may be at most one LocalVariableTable attribute per local variable in the Code attribute.').");
315 }
316 } // if atts[a] instanceof LocalVariableTable END
317 } // for all attributes atts[a] END
318
319 } catch (final ClassNotFoundException e) {
320 // FIXME: this might not be the best way to handle missing classes.
321 throw new AssertionViolatedException("Missing class: " + e, e);
322 }
323
324 } // visitCode(Code) END
325
326 @Override
327 public void visitCodeException(final CodeException obj) {
328 // Code constraints are checked in Pass3 (3a and 3b).
329 // This does not represent an Attribute but is only
330 // related to internal BCEL data representation.
331
332 // see visitCode(Code)
333 }
334
335 /////////////////////////////
336 // CONSTANTS (vmspec2 4.4) //
337 /////////////////////////////
338 @Override
339 public void visitConstantClass(final ConstantClass obj) {
340 if (obj.getTag() != Const.CONSTANT_Class) {
341 throw new ClassConstraintException("Wrong constant tag in '" + tostring(obj) + "'.");
342 }
343 checkIndex(obj, obj.getNameIndex(), CONST_Utf8);
344
345 }
346
347 @Override
348 public void visitConstantDouble(final ConstantDouble obj) {
349 if (obj.getTag() != Const.CONSTANT_Double) {
350 throw new ClassConstraintException("Wrong constant tag in '" + tostring(obj) + "'.");
351 }
352 // no indices to check
353 }
354
355 @Override
356 public void visitConstantFieldref(final ConstantFieldref obj) {
357 if (obj.getTag() != Const.CONSTANT_Fieldref) {
358 throw new ClassConstraintException("Wrong constant tag in '" + tostring(obj) + "'.");
359 }
360 checkIndex(obj, obj.getClassIndex(), CONST_Class);
361 checkIndex(obj, obj.getNameAndTypeIndex(), CONST_NameAndType);
362 }
363
364 @Override
365 public void visitConstantFloat(final ConstantFloat obj) {
366 if (obj.getTag() != Const.CONSTANT_Float) {
367 throw new ClassConstraintException("Wrong constant tag in '" + tostring(obj) + "'.");
368 }
369 // no indices to check
370 }
371
372 @Override
373 public void visitConstantInteger(final ConstantInteger obj) {
374 if (obj.getTag() != Const.CONSTANT_Integer) {
375 throw new ClassConstraintException("Wrong constant tag in '" + tostring(obj) + "'.");
376 }
377 // no indices to check
378 }
379
380 @Override
381 public void visitConstantInterfaceMethodref(final ConstantInterfaceMethodref obj) {
382 if (obj.getTag() != Const.CONSTANT_InterfaceMethodref) {
383 throw new ClassConstraintException("Wrong constant tag in '" + tostring(obj) + "'.");
384 }
385 checkIndex(obj, obj.getClassIndex(), CONST_Class);
386 checkIndex(obj, obj.getNameAndTypeIndex(), CONST_NameAndType);
387 }
388
389 @Override
390 public void visitConstantLong(final ConstantLong obj) {
391 if (obj.getTag() != Const.CONSTANT_Long) {
392 throw new ClassConstraintException("Wrong constant tag in '" + tostring(obj) + "'.");
393 }
394 // no indices to check
395 }
396
397 @Override
398 public void visitConstantMethodref(final ConstantMethodref obj) {
399 if (obj.getTag() != Const.CONSTANT_Methodref) {
400 throw new ClassConstraintException("Wrong constant tag in '" + tostring(obj) + "'.");
401 }
402 checkIndex(obj, obj.getClassIndex(), CONST_Class);
403 checkIndex(obj, obj.getNameAndTypeIndex(), CONST_NameAndType);
404 }
405
406 @Override
407 public void visitConstantNameAndType(final ConstantNameAndType obj) {
408 if (obj.getTag() != Const.CONSTANT_NameAndType) {
409 throw new ClassConstraintException("Wrong constant tag in '" + tostring(obj) + "'.");
410 }
411 checkIndex(obj, obj.getNameIndex(), CONST_Utf8);
412 // checkIndex(obj, obj.getDescriptorIndex(), CONST_Utf8); //inconsistently named in BCEL, see below.
413 checkIndex(obj, obj.getSignatureIndex(), CONST_Utf8);
414 }
415
416 @Override
417 public void visitConstantPool(final ConstantPool obj) {
418 // No need to. We're piggybacked by the DescendingVisitor.
419 // This does not represent an Attribute but is only
420 // related to internal BCEL data representation.
421 }
422
423 @Override
424 public void visitConstantString(final ConstantString obj) {
425 if (obj.getTag() != Const.CONSTANT_String) {
426 throw new ClassConstraintException("Wrong constant tag in '" + tostring(obj) + "'.");
427 }
428 checkIndex(obj, obj.getStringIndex(), CONST_Utf8);
429 }
430
431 @Override
432 public void visitConstantUtf8(final ConstantUtf8 obj) {
433 if (obj.getTag() != Const.CONSTANT_Utf8) {
434 throw new ClassConstraintException("Wrong constant tag in '" + tostring(obj) + "'.");
435 }
436 // no indices to check
437 }
438
439 ////////////////////////////////////////////////////////
440 // field_info-structure-ATTRIBUTES (vmspec2 4.5, 4.7) //
441 ////////////////////////////////////////////////////////
442 @Override
443 public void visitConstantValue(final ConstantValue obj) { // vmspec2 4.7.2
444 // Despite its name, this really is an Attribute,
445 // not a constant!
446 checkIndex(obj, obj.getNameIndex(), CONST_Utf8);
447
448 final String name = ((ConstantUtf8) cp.getConstant(obj.getNameIndex())).getBytes();
449 if (!name.equals("ConstantValue")) {
450 throw new ClassConstraintException(
451 "The ConstantValue attribute '" + tostring(obj) + "' is not correctly named 'ConstantValue' but '" + name + "'.");
452 }
453
454 final Object pred = carrier.predecessor();
455 if (pred instanceof Field) { // ConstantValue attributes are quite senseless if the predecessor is not a field.
456 final Field f = (Field) pred;
457 // Field constraints have been checked before -- so we are safe using their type information.
458 final Type fieldType = Type.getType(((ConstantUtf8) cp.getConstant(f.getSignatureIndex())).getBytes());
459
460 final int index = obj.getConstantValueIndex();
461 if (index < 0 || index >= cplen) {
462 throw new ClassConstraintException("Invalid index '" + index + "' used by '" + tostring(obj) + "'.");
463 }
464 final Constant c = cp.getConstant(index);
465
466 if (CONST_Long.isInstance(c) && fieldType.equals(Type.LONG) || CONST_Float.isInstance(c) && fieldType.equals(Type.FLOAT)) {
467 return;
468 }
469 if (CONST_Double.isInstance(c) && fieldType.equals(Type.DOUBLE)) {
470 return;
471 }
472 if (CONST_Integer.isInstance(c) && (fieldType.equals(Type.INT) || fieldType.equals(Type.SHORT) || fieldType.equals(Type.CHAR)
473 || fieldType.equals(Type.BYTE) || fieldType.equals(Type.BOOLEAN))) {
474 return;
475 }
476 if (CONST_String.isInstance(c) && fieldType.equals(Type.STRING)) {
477 return;
478 }
479
480 throw new ClassConstraintException("Illegal type of ConstantValue '" + obj + "' embedding Constant '" + c + "'. It is referenced by field '"
481 + tostring(f) + "' expecting a different type: '" + fieldType + "'.");
482 }
483 }
484
485 @Override
486 public void visitDeprecated(final Deprecated obj) { // vmspec2 4.7.10
487 checkIndex(obj, obj.getNameIndex(), CONST_Utf8);
488
489 final String name = ((ConstantUtf8) cp.getConstant(obj.getNameIndex())).getBytes();
490 if (!name.equals("Deprecated")) {
491 throw new ClassConstraintException("The Deprecated attribute '" + tostring(obj) + "' is not correctly named 'Deprecated' but '" + name + "'.");
492 }
493 }
494
495 @Override
496 public void visitExceptionTable(final ExceptionTable obj) { // vmspec2 4.7.4
497 try {
498 // incorrectly named, it's the Exceptions attribute (vmspec2 4.7.4)
499 checkIndex(obj, obj.getNameIndex(), CONST_Utf8);
500
501 final String name = ((ConstantUtf8) cp.getConstant(obj.getNameIndex())).getBytes();
502 if (!name.equals("Exceptions")) {
503 throw new ClassConstraintException(
504 "The Exceptions attribute '" + tostring(obj) + "' is not correctly named 'Exceptions' but '" + name + "'.");
505 }
506
507 final int[] excIndices = obj.getExceptionIndexTable();
508
509 for (final int excIndice : excIndices) {
510 checkIndex(obj, excIndice, CONST_Class);
511
512 final ConstantClass cc = (ConstantClass) cp.getConstant(excIndice);
513 checkIndex(cc, cc.getNameIndex(), CONST_Utf8); // can't be sure this ConstantClass has already been visited (checked)!
514 // convert internal notation on-the-fly to external notation:
515 final String cname = Utility.pathToPackage(((ConstantUtf8) cp.getConstant(cc.getNameIndex())).getBytes());
516
517 Verifier v = VerifierFactory.getVerifier(cname);
518 VerificationResult vr = v.doPass1();
519
520 if (vr != VerificationResult.VR_OK) {
521 throw new ClassConstraintException("Exceptions attribute '" + tostring(obj) + "' references '" + cname
522 + "' as an Exception but it does not pass verification pass 1: " + vr);
523 }
524 // We cannot safely trust any other "instanceof" mechanism. We need to transitively verify
525 // the ancestor hierarchy.
526 JavaClass e = Repository.lookupClass(cname);
527 final JavaClass t = Repository.lookupClass(Type.THROWABLE.getClassName());
528 final JavaClass o = Repository.lookupClass(Type.OBJECT.getClassName());
529 while (e != o) {
530 if (e == t) {
531 break; // It's a subclass of Throwable, OKAY, leave.
532 }
533
534 v = VerifierFactory.getVerifier(e.getSuperclassName());
535 vr = v.doPass1();
536 if (vr != VerificationResult.VR_OK) {
537 throw new ClassConstraintException("Exceptions attribute '" + tostring(obj) + "' references '" + cname + "' as an Exception but '"
538 + e.getSuperclassName() + "' in the ancestor hierachy does not pass verification pass 1: " + vr);
539 }
540 e = Repository.lookupClass(e.getSuperclassName());
541 }
542 if (e != t) {
543 throw new ClassConstraintException("Exceptions attribute '" + tostring(obj) + "' references '" + cname
544 + "' as an Exception but it is not a subclass of '" + t.getClassName() + "'.");
545 }
546 }
547
548 } catch (final ClassNotFoundException e) {
549 // FIXME: this might not be the best way to handle missing classes.
550 throw new AssertionViolatedException("Missing class: " + e, e);
551 }
552 }
553
554 //////////////////////////
555 // FIELDS (vmspec2 4.5) //
556 //////////////////////////
557 @Override
558 public void visitField(final Field obj) {
559
560 if (jc.isClass()) {
561 int maxone = 0;
562 if (obj.isPrivate()) {
563 maxone++;
564 }
565 if (obj.isProtected()) {
566 maxone++;
567 }
568 if (obj.isPublic()) {
569 maxone++;
570 }
571 if (maxone > 1) {
572 throw new ClassConstraintException(
573 "Field '" + tostring(obj) + "' must only have at most one of its ACC_PRIVATE, ACC_PROTECTED, ACC_PUBLIC modifiers set.");
574 }
575
576 if (obj.isFinal() && obj.isVolatile()) {
577 throw new ClassConstraintException(
578 "Field '" + tostring(obj) + "' must only have at most one of its ACC_FINAL, ACC_VOLATILE modifiers set.");
579 }
580 } else { // isInterface!
581 if (!obj.isPublic()) {
582 throw new ClassConstraintException("Interface field '" + tostring(obj) + "' must have the ACC_PUBLIC modifier set but hasn't!");
583 }
584 if (!obj.isStatic()) {
585 throw new ClassConstraintException("Interface field '" + tostring(obj) + "' must have the ACC_STATIC modifier set but hasn't!");
586 }
587 if (!obj.isFinal()) {
588 throw new ClassConstraintException("Interface field '" + tostring(obj) + "' must have the ACC_FINAL modifier set but hasn't!");
589 }
590 }
591
592 if ((obj.getAccessFlags() & ~(Const.ACC_PUBLIC | Const.ACC_PRIVATE | Const.ACC_PROTECTED | Const.ACC_STATIC | Const.ACC_FINAL | Const.ACC_VOLATILE |
593 Const.ACC_TRANSIENT)) > 0) {
594 addMessage("Field '" + tostring(obj) + "' has access flag(s) other than ACC_PUBLIC, ACC_PRIVATE, ACC_PROTECTED,"
595 + " ACC_STATIC, ACC_FINAL, ACC_VOLATILE, ACC_TRANSIENT set (ignored).");
596 }
597
598 checkIndex(obj, obj.getNameIndex(), CONST_Utf8);
599
600 final String name = obj.getName();
601 if (!validFieldName(name)) {
602 throw new ClassConstraintException("Field '" + tostring(obj) + "' has illegal name '" + obj.getName() + "'.");
603 }
604
605 // A descriptor is often named signature in BCEL
606 checkIndex(obj, obj.getSignatureIndex(), CONST_Utf8);
607
608 final String sig = ((ConstantUtf8) cp.getConstant(obj.getSignatureIndex())).getBytes(); // Field or Method sig.(=descriptor)
609
610 try {
611 Type.getType(sig); /* Don't need the return value */
612 } catch (final ClassFormatException cfe) {
613 throw new ClassConstraintException("Illegal descriptor (==signature) '" + sig + "' used by '" + tostring(obj) + "'.", cfe);
614 }
615
616 final String nameanddesc = name + sig;
617 if (fieldNamesAndDesc.contains(nameanddesc)) {
618 throw new ClassConstraintException("No two fields (like '" + tostring(obj) + "') are allowed have same names and descriptors!");
619 }
620 if (fieldNames.contains(name)) {
621 addMessage("More than one field of name '" + name + "' detected (but with different type descriptors). This is very unusual.");
622 }
623 fieldNamesAndDesc.add(nameanddesc);
624 fieldNames.add(name);
625
626 final Attribute[] atts = obj.getAttributes();
627 for (final Attribute att : atts) {
628 if (!(att instanceof ConstantValue) && !(att instanceof Synthetic) && !(att instanceof Deprecated)) {
629 addMessage("Attribute '" + tostring(att) + "' as an attribute of Field '" + tostring(obj) + "' is unknown and will therefore be ignored.");
630 }
631 if (!(att instanceof ConstantValue)) {
632 addMessage("Attribute '" + tostring(att) + "' as an attribute of Field '" + tostring(obj)
633 + "' is not a ConstantValue and is therefore only of use for debuggers and such.");
634 }
635 }
636 }
637
638 @Override
639 public void visitInnerClass(final InnerClass obj) {
640 // This does not represent an Attribute but is only
641 // related to internal BCEL data representation.
642 }
643
644 @Override
645 public void visitInnerClasses(final InnerClasses innerClasses) { // vmspec2 4.7.5
646
647 // exactly one InnerClasses attr per ClassFile if some inner class is refernced: see visitJavaClass()
648
649 checkIndex(innerClasses, innerClasses.getNameIndex(), CONST_Utf8);
650
651 final String name = ((ConstantUtf8) cp.getConstant(innerClasses.getNameIndex())).getBytes();
652 if (!name.equals("InnerClasses")) {
653 throw new ClassConstraintException(
654 "The InnerClasses attribute '" + tostring(innerClasses) + "' is not correctly named 'InnerClasses' but '" + name + "'.");
655 }
656
657 innerClasses.forEach(ic -> {
658 checkIndex(innerClasses, ic.getInnerClassIndex(), CONST_Class);
659 final int outerIdx = ic.getOuterClassIndex();
660 if (outerIdx != 0) {
661 checkIndex(innerClasses, outerIdx, CONST_Class);
662 }
663 final int innernameIdx = ic.getInnerNameIndex();
664 if (innernameIdx != 0) {
665 checkIndex(innerClasses, innernameIdx, CONST_Utf8);
666 }
667 int acc = ic.getInnerAccessFlags();
668 acc &= ~(Const.ACC_PUBLIC | Const.ACC_PRIVATE | Const.ACC_PROTECTED | Const.ACC_STATIC | Const.ACC_FINAL | Const.ACC_INTERFACE |
669 Const.ACC_ABSTRACT);
670 if (acc != 0) {
671 addMessage("Unknown access flag for inner class '" + tostring(ic) + "' set (InnerClasses attribute '" + tostring(innerClasses) + "').");
672 }
673 });
674 // Semantical consistency is not yet checked by Sun, see vmspec2 4.7.5.
675 // [marked TODO in JustIce]
676 }
677
678 ///////////////////////////////////////
679 // ClassFile structure (vmspec2 4.1) //
680 ///////////////////////////////////////
681 @Override
682 public void visitJavaClass(final JavaClass obj) {
683 final Attribute[] atts = obj.getAttributes();
684 boolean foundSourceFile = false;
685 boolean foundInnerClasses = false;
686
687 // Is there an InnerClass referenced?
688 // This is a costly check; existing verifiers don't do it!
689 final boolean hasInnerClass = new InnerClassDetector(jc).innerClassReferenced();
690
691 for (final Attribute att : atts) {
692 if (!(att instanceof SourceFile) && !(att instanceof Deprecated) && !(att instanceof InnerClasses) && !(att instanceof Synthetic)) {
693 addMessage("Attribute '" + tostring(att) + "' as an attribute of the ClassFile structure '" + tostring(obj)
694 + "' is unknown and will therefore be ignored.");
695 }
696
697 if (att instanceof SourceFile) {
698 if (foundSourceFile) {
699 throw new ClassConstraintException(
700 "A ClassFile structure (like '" + tostring(obj) + "') may have no more than one SourceFile attribute."); // vmspec2 4.7.7
701 }
702 foundSourceFile = true;
703 }
704
705 if (att instanceof InnerClasses) {
706 if (!foundInnerClasses) {
707 foundInnerClasses = true;
708 } else if (hasInnerClass) {
709 throw new ClassConstraintException("A Classfile structure (like '" + tostring(obj) + "') must have exactly one InnerClasses attribute"
710 + " if at least one Inner Class is referenced (which is the case)." + " More than one InnerClasses attribute was found.");
711 }
712 if (!hasInnerClass) {
713 addMessage("No referenced Inner Class found, but InnerClasses attribute '" + tostring(att)
714 + "' found. Strongly suggest removal of that attribute.");
715 }
716 }
717
718 }
719 if (hasInnerClass && !foundInnerClasses) {
720 // throw new ClassConstraintException("A Classfile structure (like '"+tostring(obj)+
721 // "') must have exactly one InnerClasses attribute if at least one Inner Class is referenced (which is the case)."+
722 // " No InnerClasses attribute was found.");
723 // vmspec2, page 125 says it would be a constraint: but existing verifiers
724 // don't check it and javac doesn't satisfy it when it comes to anonymous
725 // inner classes
726 addMessage("A Classfile structure (like '" + tostring(obj)
727 + "') must have exactly one InnerClasses attribute if at least one Inner Class is referenced (which is the case)."
728 + " No InnerClasses attribute was found.");
729 }
730 }
731
732 @Override
733 public void visitLineNumber(final LineNumber obj) {
734 // This does not represent an Attribute but is only
735 // related to internal BCEL data representation.
736
737 // see visitLineNumberTable(LineNumberTable)
738 }
739
740 // SYNTHETIC: see above
741 // DEPRECATED: see above
742 //////////////////////////////////////////////////////////////
743 // code_attribute-structure-ATTRIBUTES (vmspec2 4.7.3, 4.7) //
744 //////////////////////////////////////////////////////////////
745 @Override
746 public void visitLineNumberTable(final LineNumberTable obj) { // vmspec2 4.7.8
747 checkIndex(obj, obj.getNameIndex(), CONST_Utf8);
748
749 final String name = ((ConstantUtf8) cp.getConstant(obj.getNameIndex())).getBytes();
750 if (!name.equals("LineNumberTable")) {
751 throw new ClassConstraintException(
752 "The LineNumberTable attribute '" + tostring(obj) + "' is not correctly named 'LineNumberTable' but '" + name + "'.");
753 }
754
755 // In JustIce, this check is delayed to Pass 3a.
756 // LineNumber[] linenumbers = obj.getLineNumberTable();
757 // ...validity check...
758
759 }
760
761 //////////
762 // BCEL //
763 //////////
764 @Override
765 public void visitLocalVariable(final LocalVariable obj) {
766 // This does not represent an Attribute but is only
767 // related to internal BCEL data representation.
768
769 // see visitLocalVariableTable(LocalVariableTable)
770 }
771
772 @Override
773 public void visitLocalVariableTable(final LocalVariableTable obj) { // vmspec2 4.7.9
774 // In JustIce, this check is partially delayed to Pass 3a.
775 // The other part can be found in the visitCode(Code) method.
776 }
777
778 ///////////////////////////
779 // METHODS (vmspec2 4.6) //
780 ///////////////////////////
781 @Override
782 public void visitMethod(final Method obj) {
783
784 checkIndex(obj, obj.getNameIndex(), CONST_Utf8);
785
786 final String name = obj.getName();
787 if (!validMethodName(name, true)) {
788 throw new ClassConstraintException("Method '" + tostring(obj) + "' has illegal name '" + name + "'.");
789 }
790
791 // A descriptor is often named signature in BCEL
792 checkIndex(obj, obj.getSignatureIndex(), CONST_Utf8);
793
794 final String sig = ((ConstantUtf8) cp.getConstant(obj.getSignatureIndex())).getBytes(); // Method's signature(=descriptor)
795
796 Type t;
797 Type[] ts; // needed below the try block.
798 try {
799 t = Type.getReturnType(sig);
800 ts = Type.getArgumentTypes(sig);
801 } catch (final ClassFormatException cfe) {
802 throw new ClassConstraintException("Illegal descriptor (==signature) '" + sig + "' used by Method '" + tostring(obj) + "'.", cfe);
803 }
804
805 // Check if referenced objects exist.
806 Type act = t;
807 if (act instanceof ArrayType) {
808 act = ((ArrayType) act).getBasicType();
809 }
810 if (act instanceof ObjectType) {
811 final Verifier v = VerifierFactory.getVerifier(((ObjectType) act).getClassName());
812 final VerificationResult vr = v.doPass1();
813 if (vr != VerificationResult.VR_OK) {
814 throw new ClassConstraintException(
815 "Method '" + tostring(obj) + "' has a return type that does not pass verification pass 1: '" + vr + "'.");
816 }
817 }
818
819 for (final Type element : ts) {
820 act = element;
821 if (act instanceof ArrayType) {
822 act = ((ArrayType) act).getBasicType();
823 }
824 if (act instanceof ObjectType) {
825 final Verifier v = VerifierFactory.getVerifier(((ObjectType) act).getClassName());
826 final VerificationResult vr = v.doPass1();
827 if (vr != VerificationResult.VR_OK) {
828 throw new ClassConstraintException(
829 "Method '" + tostring(obj) + "' has an argument type that does not pass verification pass 1: '" + vr + "'.");
830 }
831 }
832 }
833
834 // Nearly forgot this! Funny return values are allowed, but a non-empty arguments list makes a different method out of
835 // it!
836 if (name.equals(Const.STATIC_INITIALIZER_NAME) && ts.length != 0) {
837 throw new ClassConstraintException("Method '" + tostring(obj) + "' has illegal name '" + name + "'."
838 + " Its name resembles the class or interface initialization method" + " which it isn't because of its arguments (==descriptor).");
839 }
840
841 if (jc.isClass()) {
842 int maxone = 0;
843 if (obj.isPrivate()) {
844 maxone++;
845 }
846 if (obj.isProtected()) {
847 maxone++;
848 }
849 if (obj.isPublic()) {
850 maxone++;
851 }
852 if (maxone > 1) {
853 throw new ClassConstraintException(
854 "Method '" + tostring(obj) + "' must only have at most one of its ACC_PRIVATE, ACC_PROTECTED, ACC_PUBLIC modifiers set.");
855 }
856
857 if (obj.isAbstract()) {
858 if (obj.isFinal()) {
859 throw new ClassConstraintException("Abstract method '" + tostring(obj) + "' must not have the ACC_FINAL modifier set.");
860 }
861 if (obj.isNative()) {
862 throw new ClassConstraintException("Abstract method '" + tostring(obj) + "' must not have the ACC_NATIVE modifier set.");
863 }
864 if (obj.isPrivate()) {
865 throw new ClassConstraintException("Abstract method '" + tostring(obj) + "' must not have the ACC_PRIVATE modifier set.");
866 }
867 if (obj.isStatic()) {
868 throw new ClassConstraintException("Abstract method '" + tostring(obj) + "' must not have the ACC_STATIC modifier set.");
869 }
870 if (obj.isStrictfp()) {
871 throw new ClassConstraintException("Abstract method '" + tostring(obj) + "' must not have the ACC_STRICT modifier set.");
872 }
873 if (obj.isSynchronized()) {
874 throw new ClassConstraintException("Abstract method '" + tostring(obj) + "' must not have the ACC_SYNCHRONIZED modifier set.");
875 }
876 }
877
878 // A specific instance initialization method... (vmspec2,Page 116).
879 // ..may have at most one of ACC_PRIVATE, ACC_PROTECTED, ACC_PUBLIC set: is checked above.
880 // ..may also have ACC_STRICT set, but none of the other flags in table 4.5 (vmspec2, page 115)
881 if (name.equals(Const.CONSTRUCTOR_NAME) && (obj.isStatic() || obj.isFinal() || obj.isSynchronized() || obj.isNative() || obj.isAbstract())) {
882 throw new ClassConstraintException("Instance initialization method '" + tostring(obj) + "' must not have"
883 + " any of the ACC_STATIC, ACC_FINAL, ACC_SYNCHRONIZED, ACC_NATIVE, ACC_ABSTRACT modifiers set.");
884 }
885 } else if (!name.equals(Const.STATIC_INITIALIZER_NAME)) { // vmspec2, p.116, 2nd paragraph
886 if (jc.getMajor() >= Const.MAJOR_1_8) {
887 if (obj.isPublic() == obj.isPrivate()) {
888 throw new ClassConstraintException(
889 "Interface method '" + tostring(obj) + "' must have" + " exactly one of its ACC_PUBLIC and ACC_PRIVATE modifiers set.");
890 }
891 if (obj.isProtected() || obj.isFinal() || obj.isSynchronized() || obj.isNative()) {
892 throw new ClassConstraintException("Interface method '" + tostring(obj) + "' must not have"
893 + " any of the ACC_PROTECTED, ACC_FINAL, ACC_SYNCHRONIZED, or ACC_NATIVE modifiers set.");
894 }
895
896 } else {
897 if (!obj.isPublic()) {
898 throw new ClassConstraintException("Interface method '" + tostring(obj) + "' must have the ACC_PUBLIC modifier set but hasn't!");
899 }
900 if (!obj.isAbstract()) {
901 throw new ClassConstraintException("Interface method '" + tostring(obj) + "' must have the ACC_ABSTRACT modifier set but hasn't!");
902 }
903 if (obj.isPrivate() || obj.isProtected() || obj.isStatic() || obj.isFinal() || obj.isSynchronized() || obj.isNative() || obj.isStrictfp()) {
904 throw new ClassConstraintException("Interface method '" + tostring(obj) + "' must not have"
905 + " any of the ACC_PRIVATE, ACC_PROTECTED, ACC_STATIC, ACC_FINAL, ACC_SYNCHRONIZED,"
906 + " ACC_NATIVE, ACC_ABSTRACT, ACC_STRICT modifiers set.");
907 }
908 }
909 }
910
911 if ((obj.getAccessFlags() & ~(Const.ACC_PUBLIC | Const.ACC_PRIVATE | Const.ACC_PROTECTED | Const.ACC_STATIC | Const.ACC_FINAL |
912 Const.ACC_SYNCHRONIZED | Const.ACC_NATIVE | Const.ACC_ABSTRACT | Const.ACC_STRICT)) > 0) {
913 addMessage("Method '" + tostring(obj) + "' has access flag(s) other than" + " ACC_PUBLIC, ACC_PRIVATE, ACC_PROTECTED, ACC_STATIC, ACC_FINAL,"
914 + " ACC_SYNCHRONIZED, ACC_NATIVE, ACC_ABSTRACT, ACC_STRICT set (ignored).");
915 }
916
917 final String nameanddesc = name + sig;
918 if (methodNamesAndDesc.contains(nameanddesc)) {
919 throw new ClassConstraintException("No two methods (like '" + tostring(obj) + "') are allowed have same names and desciptors!");
920 }
921 methodNamesAndDesc.add(nameanddesc);
922
923 final Attribute[] atts = obj.getAttributes();
924 int numCodeAtts = 0;
925 for (final Attribute att : atts) {
926 if (!(att instanceof Code) && !(att instanceof ExceptionTable) && !(att instanceof Synthetic) && !(att instanceof Deprecated)) {
927 addMessage("Attribute '" + tostring(att) + "' as an attribute of Method '" + tostring(obj) + "' is unknown and will therefore be ignored.");
928 }
929 if (!(att instanceof Code) && !(att instanceof ExceptionTable)) {
930 addMessage("Attribute '" + tostring(att) + "' as an attribute of Method '" + tostring(obj)
931 + "' is neither Code nor Exceptions and is therefore only of use for debuggers and such.");
932 }
933 if (att instanceof Code && (obj.isNative() || obj.isAbstract())) {
934 throw new ClassConstraintException(
935 "Native or abstract methods like '" + tostring(obj) + "' must not have a Code attribute like '" + tostring(att) + "'."); // vmspec2
936 // page120,
937 // 4.7.3
938 }
939 if (att instanceof Code) {
940 numCodeAtts++;
941 }
942 }
943 if (!obj.isNative() && !obj.isAbstract() && numCodeAtts != 1) {
944 throw new ClassConstraintException(
945 "Non-native, non-abstract methods like '" + tostring(obj) + "' must have exactly one Code attribute (found: " + numCodeAtts + ").");
946 }
947 }
948
949 ///////////////////////////////////////////////////////
950 // ClassFile-structure-ATTRIBUTES (vmspec2 4.1, 4.7) //
951 ///////////////////////////////////////////////////////
952 @Override
953 public void visitSourceFile(final SourceFile obj) { // vmspec2 4.7.7
954
955 // zero or one SourceFile attr per ClassFile: see visitJavaClass()
956
957 checkIndex(obj, obj.getNameIndex(), CONST_Utf8);
958
959 final String name = ((ConstantUtf8) cp.getConstant(obj.getNameIndex())).getBytes();
960 if (!name.equals("SourceFile")) {
961 throw new ClassConstraintException("The SourceFile attribute '" + tostring(obj) + "' is not correctly named 'SourceFile' but '" + name + "'.");
962 }
963
964 checkIndex(obj, obj.getSourceFileIndex(), CONST_Utf8);
965
966 final String sourceFileName = ((ConstantUtf8) cp.getConstant(obj.getSourceFileIndex())).getBytes(); // ==obj.getSourceFileName() ?
967 final String sourceFileNameLc = sourceFileName.toLowerCase(Locale.ENGLISH);
968
969 if (sourceFileName.indexOf('/') != -1 || sourceFileName.indexOf('\\') != -1 || sourceFileName.indexOf(':') != -1
970 || sourceFileNameLc.lastIndexOf(".java") == -1) {
971 addMessage("SourceFile attribute '" + tostring(obj)
972 + "' has a funny name: remember not to confuse certain parsers working on javap's output. Also, this name ('" + sourceFileName
973 + "') is considered an unqualified (simple) file name only.");
974 }
975 }
976
977 @Override
978 public void visitSynthetic(final Synthetic obj) { // vmspec2 4.7.6
979 checkIndex(obj, obj.getNameIndex(), CONST_Utf8);
980 final String name = ((ConstantUtf8) cp.getConstant(obj.getNameIndex())).getBytes();
981 if (!name.equals("Synthetic")) {
982 throw new ClassConstraintException("The Synthetic attribute '" + tostring(obj) + "' is not correctly named 'Synthetic' but '" + name + "'.");
983 }
984 }
985
986 ////////////////////////////////////////////////////
987 // MISC-structure-ATTRIBUTES (vmspec2 4.7.1, 4.7) //
988 ////////////////////////////////////////////////////
989 @Override
990 public void visitUnknown(final Unknown obj) { // vmspec2 4.7.1
991 // Represents an unknown attribute.
992 checkIndex(obj, obj.getNameIndex(), CONST_Utf8);
993
994 // Maybe only misnamed? Give a (warning) message.
995 addMessage("Unknown attribute '" + tostring(obj) + "'. This attribute is not known in any context!");
996 }
997 }
998
999 /**
1000 * A Visitor class that ensures the ConstantCP-subclassed entries of the constant pool are valid. <B>Precondition:
1001 * index-style cross referencing in the constant pool must be valid.</B>
1002 *
1003 * @see #constantPoolEntriesSatisfyStaticConstraints()
1004 * @see org.apache.bcel.classfile.ConstantCP
1005 */
1006 private final class FAMRAV_Visitor extends EmptyVisitor {
1007 private final ConstantPool cp; // ==jc.getConstantPool() -- only here to save typing work.
1008
1009 private FAMRAV_Visitor(final JavaClass jc) {
1010 this.cp = jc.getConstantPool();
1011 }
1012
1013 @Override
1014 public void visitConstantFieldref(final ConstantFieldref obj) {
1015 if (obj.getTag() != Const.CONSTANT_Fieldref) {
1016 throw new ClassConstraintException("ConstantFieldref '" + tostring(obj) + "' has wrong tag!");
1017 }
1018 final int nameAndTypeIndex = obj.getNameAndTypeIndex();
1019 final ConstantNameAndType cnat = (ConstantNameAndType) cp.getConstant(nameAndTypeIndex);
1020 final String name = ((ConstantUtf8) cp.getConstant(cnat.getNameIndex())).getBytes(); // Field or Method name
1021 if (!validFieldName(name)) {
1022 throw new ClassConstraintException("Invalid field name '" + name + "' referenced by '" + tostring(obj) + "'.");
1023 }
1024
1025 final int classIndex = obj.getClassIndex();
1026 final ConstantClass cc = (ConstantClass) cp.getConstant(classIndex);
1027 final String className = ((ConstantUtf8) cp.getConstant(cc.getNameIndex())).getBytes(); // Class Name in internal form
1028 if (!validClassName(className)) {
1029 throw new ClassConstraintException("Illegal class name '" + className + "' used by '" + tostring(obj) + "'.");
1030 }
1031
1032 final String sig = ((ConstantUtf8) cp.getConstant(cnat.getSignatureIndex())).getBytes(); // Field or Method sig.(=descriptor)
1033
1034 try {
1035 Type.getType(sig); /* Don't need the return value */
1036 } catch (final ClassFormatException cfe) {
1037 throw new ClassConstraintException("Illegal descriptor (==signature) '" + sig + "' used by '" + tostring(obj) + "'.", cfe);
1038 }
1039 }
1040
1041 @Override
1042 public void visitConstantInterfaceMethodref(final ConstantInterfaceMethodref obj) {
1043 if (obj.getTag() != Const.CONSTANT_InterfaceMethodref) {
1044 throw new ClassConstraintException("ConstantInterfaceMethodref '" + tostring(obj) + "' has wrong tag!");
1045 }
1046 final int nameAndTypeIndex = obj.getNameAndTypeIndex();
1047 final ConstantNameAndType cnat = (ConstantNameAndType) cp.getConstant(nameAndTypeIndex);
1048 final String name = ((ConstantUtf8) cp.getConstant(cnat.getNameIndex())).getBytes(); // Field or Method name
1049 if (!validInterfaceMethodName(name)) {
1050 throw new ClassConstraintException("Invalid (interface) method name '" + name + "' referenced by '" + tostring(obj) + "'.");
1051 }
1052
1053 final int classIndex = obj.getClassIndex();
1054 final ConstantClass cc = (ConstantClass) cp.getConstant(classIndex);
1055 final String className = ((ConstantUtf8) cp.getConstant(cc.getNameIndex())).getBytes(); // Class Name in internal form
1056 if (!validClassName(className)) {
1057 throw new ClassConstraintException("Illegal class name '" + className + "' used by '" + tostring(obj) + "'.");
1058 }
1059
1060 final String sig = ((ConstantUtf8) cp.getConstant(cnat.getSignatureIndex())).getBytes(); // Field or Method sig.(=descriptor)
1061
1062 try {
1063 final Type t = Type.getReturnType(sig);
1064 if (name.equals(Const.STATIC_INITIALIZER_NAME) && t != Type.VOID) {
1065 addMessage("Class or interface initialization method '" + Const.STATIC_INITIALIZER_NAME + "' usually has VOID return type instead of '" + t
1066 + "'. Note this is really not a requirement of The Java Virtual Machine Specification, Second Edition.");
1067 }
1068 } catch (final ClassFormatException cfe) {
1069 throw new ClassConstraintException("Illegal descriptor (==signature) '" + sig + "' used by '" + tostring(obj) + "'.", cfe);
1070 }
1071
1072 }
1073
1074 @Override
1075 public void visitConstantMethodref(final ConstantMethodref obj) {
1076 if (obj.getTag() != Const.CONSTANT_Methodref) {
1077 throw new ClassConstraintException("ConstantMethodref '" + tostring(obj) + "' has wrong tag!");
1078 }
1079 final int nameAndTypeIndex = obj.getNameAndTypeIndex();
1080 final ConstantNameAndType cnat = (ConstantNameAndType) cp.getConstant(nameAndTypeIndex);
1081 final String name = ((ConstantUtf8) cp.getConstant(cnat.getNameIndex())).getBytes(); // Field or Method name
1082 if (!validClassMethodName(name)) {
1083 throw new ClassConstraintException("Invalid (non-interface) method name '" + name + "' referenced by '" + tostring(obj) + "'.");
1084 }
1085
1086 final int classIndex = obj.getClassIndex();
1087 final ConstantClass cc = (ConstantClass) cp.getConstant(classIndex);
1088 final String className = ((ConstantUtf8) cp.getConstant(cc.getNameIndex())).getBytes(); // Class Name in internal form
1089 if (!validClassName(className)) {
1090 throw new ClassConstraintException("Illegal class name '" + className + "' used by '" + tostring(obj) + "'.");
1091 }
1092
1093 final String sig = ((ConstantUtf8) cp.getConstant(cnat.getSignatureIndex())).getBytes(); // Field or Method sig.(=descriptor)
1094
1095 try {
1096 final Type t = Type.getReturnType(sig);
1097 if (name.equals(Const.CONSTRUCTOR_NAME) && t != Type.VOID) {
1098 throw new ClassConstraintException("Instance initialization method must have VOID return type.");
1099 }
1100 } catch (final ClassFormatException cfe) {
1101 throw new ClassConstraintException("Illegal descriptor (==signature) '" + sig + "' used by '" + tostring(obj) + "'.", cfe);
1102 }
1103 }
1104
1105 }
1106
1107 /**
1108 * This class serves for finding out if a given JavaClass' ConstantPool references an Inner Class. The Java Virtual
1109 * Machine Specification, Second Edition is not very precise about when an "InnerClasses" attribute has to appear.
1110 * However, it states that there has to be exactly one InnerClasses attribute in the ClassFile structure if the constant
1111 * pool of a class or interface refers to any class or interface "that is not a member of a package". Sun does not mean
1112 * "member of the default package". In "Inner Classes Specification" they point out how a "bytecode name" is derived so
1113 * one has to deduce what a class name of a class "that is not a member of a package" looks like: there is at least one
1114 * character in the byte- code name that cannot be part of a legal Java Language Class name (and not equal to '/'). This
1115 * assumption is wrong as the delimiter is '$' for which Character.isJavaIdentifierPart() == true. Hence, you really run
1116 * into trouble if you have a toplevel class called "A$XXX" and another toplevel class called "A" with in inner class
1117 * called "XXX". JustIce cannot repair this; please note that existing verifiers at this time even fail to detect
1118 * missing InnerClasses attributes in pass 2.
1119 */
1120 private static final class InnerClassDetector extends EmptyVisitor {
1121 private boolean hasInnerClass;
1122 private final JavaClass jc;
1123 private final ConstantPool cp;
1124
1125 /** Constructs an InnerClassDetector working on the JavaClass _jc. */
1126 public InnerClassDetector(final JavaClass javaClass) {
1127 this.jc = javaClass;
1128 this.cp = jc.getConstantPool();
1129 new DescendingVisitor(jc, this).visit();
1130 }
1131
1132 /**
1133 * Returns if the JavaClass this InnerClassDetector is working on has an Inner Class reference in its constant pool.
1134 *
1135 * @return Whether this InnerClassDetector is working on has an Inner Class reference in its constant pool.
1136 */
1137 public boolean innerClassReferenced() {
1138 return hasInnerClass;
1139 }
1140
1141 /** This method casually visits ConstantClass references. */
1142 @Override
1143 public void visitConstantClass(final ConstantClass obj) {
1144 final Constant c = cp.getConstant(obj.getNameIndex());
1145 if (c instanceof ConstantUtf8) { // Ignore the case where it's not a ConstantUtf8 here, we'll find out later.
1146 final String className = ((ConstantUtf8) c).getBytes();
1147 if (className.startsWith(Utility.packageToPath(jc.getClassName()) + "$")) {
1148 hasInnerClass = true;
1149 }
1150 }
1151 }
1152 }
1153
1154 /**
1155 * This method is here to save typing work and improve code readability.
1156 */
1157 private static String tostring(final Node n) {
1158 return new StringRepresentation(n).toString();
1159 }
1160
1161 /**
1162 * This method returns true if and only if the supplied String represents a valid method name that may be referenced by
1163 * ConstantMethodref objects.
1164 */
1165 private static boolean validClassMethodName(final String name) {
1166 return validMethodName(name, false);
1167 }
1168
1169 /**
1170 * This method returns true if and only if the supplied String represents a valid Java class name.
1171 */
1172 private static boolean validClassName(final String name) {
1173 /*
1174 * TODO: implement. Are there any restrictions?
1175 */
1176 Objects.requireNonNull(name, "name");
1177 return true;
1178 }
1179
1180 /**
1181 * This method returns true if and only if the supplied String represents a valid Java field name.
1182 */
1183 private static boolean validFieldName(final String name) {
1184 // vmspec2 2.7, vmspec2 2.2
1185 return validJavaIdentifier(name);
1186 }
1187
1188 /**
1189 * This method returns true if and only if the supplied String represents a valid Java interface method name that may be
1190 * referenced by ConstantInterfaceMethodref objects.
1191 */
1192 private static boolean validInterfaceMethodName(final String name) {
1193 // I guess we should assume special names forbidden here.
1194 if (name.startsWith("<")) {
1195 return false;
1196 }
1197 return validJavaLangMethodName(name);
1198 }
1199
1200 /**
1201 * This method returns true if and only if the supplied String represents a valid Java identifier (so-called simple or
1202 * unqualified name).
1203 */
1204 private static boolean validJavaIdentifier(final String name) {
1205 // vmspec2 2.7, vmspec2 2.2
1206 if (name.isEmpty() || !Character.isJavaIdentifierStart(name.charAt(0))) {
1207 return false;
1208 }
1209
1210 for (int i = 1; i < name.length(); i++) {
1211 if (!Character.isJavaIdentifierPart(name.charAt(i))) {
1212 return false;
1213 }
1214 }
1215 return true;
1216 }
1217
1218 /**
1219 * This method returns true if and only if the supplied String represents a valid Java programming language method name
1220 * stored as a simple (non-qualified) name. Conforming to: The Java Virtual Machine Specification, Second Edition,
1221 * �2.7, �2.7.1, �2.2.
1222 */
1223 private static boolean validJavaLangMethodName(final String name) {
1224 return validJavaIdentifier(name);
1225 }
1226
1227 /**
1228 * This method returns true if and only if the supplied String represents a valid method name. This is basically the
1229 * same as a valid identifier name in the Java programming language, but the special name for the instance
1230 * initialization method is allowed and the special name for the class/interface initialization method may be allowed.
1231 */
1232 private static boolean validMethodName(final String name, final boolean allowStaticInit) {
1233 if (validJavaLangMethodName(name)) {
1234 return true;
1235 }
1236
1237 if (allowStaticInit) {
1238 return name.equals(Const.CONSTRUCTOR_NAME) || name.equals(Const.STATIC_INITIALIZER_NAME);
1239 }
1240 return name.equals(Const.CONSTRUCTOR_NAME);
1241 }
1242
1243 /**
1244 * The LocalVariableInfo instances used by Pass3bVerifier. localVariablesInfos[i] denotes the information for the local
1245 * variables of method number i in the JavaClass this verifier operates on.
1246 */
1247 private LocalVariablesInfo[] localVariablesInfos;
1248 /** The Verifier that created this. */
1249 private final Verifier verifier;
1250
1251 /**
1252 * Should only be instantiated by a Verifier.
1253 *
1254 * @see Verifier
1255 */
1256 public Pass2Verifier(final Verifier verifier) {
1257 this.verifier = verifier;
1258 }
1259
1260 /**
1261 * Ensures that the constant pool entries satisfy the static constraints as described in The Java Virtual Machine
1262 * Specification, 2nd Edition.
1263 *
1264 * @throws ClassConstraintException otherwise.
1265 */
1266 private void constantPoolEntriesSatisfyStaticConstraints() {
1267 try {
1268 // Most of the consistency is handled internally by BCEL; here
1269 // we only have to verify if the indices of the constants point
1270 // to constants of the appropriate type and such.
1271 final JavaClass jc = Repository.lookupClass(verifier.getClassName());
1272 new CPESSC_Visitor(jc); // constructor implicitly traverses jc
1273
1274 } catch (final ClassNotFoundException e) {
1275 // FIXME: this might not be the best way to handle missing classes.
1276 throw new AssertionViolatedException("Missing class: " + e, e);
1277 }
1278 }
1279
1280 /**
1281 * Pass 2 is the pass where static properties of the class file are checked without looking into "Code" arrays of
1282 * methods. This verification pass is usually invoked when a class is resolved; and it may be possible that this
1283 * verification pass has to load in other classes such as superclasses or implemented interfaces. Therefore, Pass 1 is
1284 * run on them.<BR>
1285 * Note that most referenced classes are <B>not</B> loaded in for verification or for an existance check by this pass;
1286 * only the syntactical correctness of their names and descriptors (a.k.a. signatures) is checked.<BR>
1287 * Very few checks that conceptually belong here are delayed until pass 3a in JustIce. JustIce does not only check for
1288 * syntactical correctness but also for semantical sanity - therefore it needs access to the "Code" array of methods in
1289 * a few cases. Please see the pass 3a documentation, too.
1290 *
1291 * @see Pass3aVerifier
1292 */
1293 @Override
1294 public VerificationResult do_verify() {
1295 try {
1296 final VerificationResult vr1 = verifier.doPass1();
1297 if (vr1.equals(VerificationResult.VR_OK)) {
1298
1299 // For every method, we could have information about the local variables out of LocalVariableTable attributes of
1300 // the Code attributes.
1301 localVariablesInfos = new LocalVariablesInfo[Repository.lookupClass(verifier.getClassName()).getMethods().length];
1302
1303 VerificationResult vr = VerificationResult.VR_OK; // default.
1304 try {
1305 constantPoolEntriesSatisfyStaticConstraints();
1306 fieldAndMethodRefsAreValid();
1307 everyClassHasAnAccessibleSuperclass();
1308 finalMethodsAreNotOverridden();
1309 } catch (final ClassConstraintException cce) {
1310 vr = new VerificationResult(VerificationResult.VERIFIED_REJECTED, cce.getMessage());
1311 }
1312 return vr;
1313 }
1314 return VerificationResult.VR_NOTYET;
1315
1316 } catch (final ClassNotFoundException e) {
1317 // FIXME: this might not be the best way to handle missing classes.
1318 throw new AssertionViolatedException("Missing class: " + e, e);
1319 }
1320 }
1321
1322 /**
1323 * Ensures that every class has a super class and that <B>final</B> classes are not subclassed. This means, the class
1324 * this Pass2Verifier operates on has proper super classes (transitively) up to {@link Object}. The reason for really
1325 * loading (and Pass1-verifying) all of those classes here is that we need them in Pass2 anyway to verify no final
1326 * methods are overridden (that could be declared anywhere in the ancestor hierarchy).
1327 *
1328 * @throws ClassConstraintException otherwise.
1329 */
1330 private void everyClassHasAnAccessibleSuperclass() {
1331 try {
1332 final Set<String> hs = new HashSet<>(); // save class names to detect circular inheritance
1333 JavaClass jc = Repository.lookupClass(verifier.getClassName());
1334 int supidx = -1;
1335
1336 while (supidx != 0) {
1337 supidx = jc.getSuperclassNameIndex();
1338
1339 if (supidx == 0) {
1340 if (jc != Repository.lookupClass(Type.OBJECT.getClassName())) {
1341 throw new ClassConstraintException(
1342 "Superclass of '" + jc.getClassName() + "' missing but not " + Type.OBJECT.getClassName() + " itself!");
1343 }
1344 } else {
1345 final String supername = jc.getSuperclassName();
1346 if (!hs.add(supername)) { // If supername already is in the list
1347 throw new ClassConstraintException("Circular superclass hierarchy detected.");
1348 }
1349 final Verifier v = VerifierFactory.getVerifier(supername);
1350 final VerificationResult vr = v.doPass1();
1351
1352 if (vr != VerificationResult.VR_OK) {
1353 throw new ClassConstraintException("Could not load in ancestor class '" + supername + "'.");
1354 }
1355 jc = Repository.lookupClass(supername);
1356
1357 if (jc.isFinal()) {
1358 throw new ClassConstraintException(
1359 "Ancestor class '" + supername + "' has the FINAL access modifier and must therefore not be subclassed.");
1360 }
1361 }
1362 }
1363
1364 } catch (final ClassNotFoundException e) {
1365 // FIXME: this might not be the best way to handle missing classes.
1366 throw new AssertionViolatedException("Missing class: " + e, e);
1367 }
1368 }
1369
1370 /**
1371 * Ensures that the ConstantCP-subclassed entries of the constant pool are valid. According to "Yellin: Low Level
1372 * Security in Java", this method does not verify the existence of referenced entities (such as classes) but only the
1373 * formal correctness (such as well-formed signatures). The visitXXX() methods throw ClassConstraintException instances
1374 * otherwise. <B>Precondition: index-style cross referencing in the constant pool must be valid. Simply invoke
1375 * constant_pool_entries_satisfy_static_constraints() before.</B>
1376 *
1377 * @throws ClassConstraintException otherwise.
1378 * @see #constantPoolEntriesSatisfyStaticConstraints()
1379 */
1380 private void fieldAndMethodRefsAreValid() {
1381 try {
1382 final JavaClass jc = Repository.lookupClass(verifier.getClassName());
1383 final DescendingVisitor v = new DescendingVisitor(jc, new FAMRAV_Visitor(jc));
1384 v.visit();
1385
1386 } catch (final ClassNotFoundException e) {
1387 // FIXME: this might not be the best way to handle missing classes.
1388 throw new AssertionViolatedException("Missing class: " + e, e);
1389 }
1390 }
1391
1392 /**
1393 * Ensures that <B>final</B> methods are not overridden. <B>Precondition to run this method:
1394 * constant_pool_entries_satisfy_static_constraints() and every_class_has_an_accessible_superclass() have to be invoked
1395 * before (in that order).</B>
1396 *
1397 * @throws ClassConstraintException otherwise.
1398 * @see #constantPoolEntriesSatisfyStaticConstraints()
1399 * @see #everyClassHasAnAccessibleSuperclass()
1400 */
1401 private void finalMethodsAreNotOverridden() {
1402 try {
1403 final Map<String, String> map = new HashMap<>();
1404 JavaClass jc = Repository.lookupClass(verifier.getClassName());
1405
1406 int supidx = -1;
1407 while (supidx != 0) {
1408 supidx = jc.getSuperclassNameIndex();
1409
1410 final Method[] methods = jc.getMethods();
1411 for (final Method method : methods) {
1412 final String nameAndSig = method.getName() + method.getSignature();
1413
1414 if (map.containsKey(nameAndSig) && method.isFinal()) {
1415 if (!method.isPrivate()) {
1416 throw new ClassConstraintException("Method '" + nameAndSig + "' in class '" + map.get(nameAndSig)
1417 + "' overrides the final (not-overridable) definition in class '" + jc.getClassName() + "'.");
1418 }
1419 addMessage("Method '" + nameAndSig + "' in class '" + map.get(nameAndSig)
1420 + "' overrides the final (not-overridable) definition in class '" + jc.getClassName()
1421 + "'. This is okay, as the original definition was private; however this constraint leverage"
1422 + " was introduced by JLS 8.4.6 (not vmspec2) and the behavior of the Sun verifiers.");
1423 } else if (!method.isStatic()) { // static methods don't inherit
1424 map.put(nameAndSig, jc.getClassName());
1425 }
1426 }
1427
1428 jc = Repository.lookupClass(jc.getSuperclassName());
1429 // Well, for OBJECT this returns OBJECT so it works (could return anything but must not throw an Exception).
1430 }
1431
1432 } catch (final ClassNotFoundException e) {
1433 // FIXME: this might not be the best way to handle missing classes.
1434 throw new AssertionViolatedException("Missing class: " + e, e);
1435 }
1436
1437 }
1438
1439 /**
1440 * Returns a LocalVariablesInfo object containing information about the usage of the local variables in the Code
1441 * attribute of the said method or <B>null</B> if the class file this Pass2Verifier operates on could not be
1442 * pass-2-verified correctly. The method number method_nr is the method you get using
1443 * <B>Repository.lookupClass(myOwner.getClassname()).getMethods()[method_nr];</B>. You should not add own information.
1444 * Leave that to JustIce.
1445 */
1446 public LocalVariablesInfo getLocalVariablesInfo(final int methodNr) {
1447 if (verify() != VerificationResult.VR_OK) {
1448 return null; // It's cached, don't worry.
1449 }
1450 if (methodNr < 0 || methodNr >= localVariablesInfos.length) {
1451 throw new AssertionViolatedException("Method number out of range.");
1452 }
1453 return localVariablesInfos[methodNr];
1454 }
1455 }