Mantis Bugtracker
  

Viewing Issue Advanced Details Jump to Notes ] View Simple ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0000837 [Resin] major always 01-06-06 15:27 02-02-06 10:15
Reporter koreth View Status public  
Assigned To ferg
Priority normal Resolution fixed Platform
Status closed   OS
Projection none   OS Version
ETA none Fixed in Version 3.0.18 Product Version 3.0.17
  Product Build
Summary 0000837: ArrayIndexOutOfBoundsException when deploying EJB (with patch)
Description I posted this patch to the mailing list, but it was around Christmastime and I never saw a reply. This is basically the same bug report as bug 0000131 -- an ArrayIndexOutOfBoundsException is thrown while the bytecode scanner is parsing an EJB class -- but I disagree with the resolution on that bug, which is to just swallow the exception. The exception is due to a real bug: an array is not being grown large enough to hold the data that the bytecode parser is trying to put there, because the code makes assumptions about the kinds of objects it'll see in the constant pool. I believe if there are too many constants in a row of types other than String or Object, this error will occur.

Here's the patch I sent out to the mailing list, which fixes the underlying problem.

--- modules/resin/src/com/caucho/bytecode/ByteCodeClassScanner.java- 2005-12-25 01:16:54.697243868 -0800
+++ modules/resin/src/com/caucho/bytecode/ByteCodeClassScanner.java 2005-12-25 01:29:01.530261520 -0800
@@ -180,7 +180,7 @@
     case ByteCodeParser.CP_CLASS:
       {
     if (_cpOffset.length <= i) {
- int []offset = new int[2 * _cpOffset.length];
+ int []offset = new int[2 * i + 1];
       System.arraycopy(_cpOffset, 0, offset, 0, _cpOffset.length);
       _cpOffset = offset;
     }
@@ -272,7 +272,7 @@
     case ByteCodeParser.CP_UTF8:
       {
     if (_cpOffset.length <= i) {
- int []offset = new int[2 * _cpOffset.length];
+ int []offset = new int[2 * i + 1];
       System.arraycopy(_cpOffset, 0, offset, 0, _cpOffset.length);
       _cpOffset = offset;
     }

As you can see, the bug will happen whenever i > (2*_cpOffset.length). This patch grows the array based on the required size rather than based on its current size. The "+ 1" is so it will do the right thing if i == 0.
Steps To Reproduce
Additional Information
Attached Files

- Relationships

- Notes
(0000642)
koreth
01-06-06 17:38

This got filed under "Quercus" -- should be "Resin" but that wasn't in the category dropdown list for me when I filed it. (Actually, there was nothing in the dropdown at all; I guess Quercus is the default.)
 

- Issue History
Date Modified Username Field Change
01-06-06 15:27 koreth New Issue
01-06-06 15:27 koreth Issue Monitored: koreth
01-06-06 17:38 koreth Note Added: 0000642
01-07-06 16:08 ferg Project Quercus => Resin
02-02-06 10:15 ferg Assigned To  => ferg
02-02-06 10:15 ferg Status new => closed
02-02-06 10:15 ferg Resolution open => fixed
02-02-06 10:15 ferg Fixed in Version  => 3.0.18


Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
30 total queries executed.
26 unique queries executed.
Powered by Mantis Bugtracker