|
Mantis - Resin
|
|||||
| Viewing Issue Advanced Details | |||||
|
|
|||||
| ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
| 837 | major | always | 01-06-06 15:27 | 02-02-06 10:15 | |
|
|
|||||
| Reporter: | koreth | Platform: | |||
| Assigned To: | ferg | OS: | |||
| Priority: | normal | OS Version: | |||
| Status: | closed | Product Version: | 3.0.17 | ||
| Product Build: | Resolution: | fixed | |||
| Projection: | none | ||||
| ETA: | none | Fixed in Version: | 3.0.18 | ||
|
|
|||||
| Summary: | 0000837: ArrayIndexOutOfBoundsException when deploying EJB (with patch) | ||||
| Description: |
I posted this patch to the mailing list, but it was around Christmastime and I never saw a reply. This is basically the same bug report as bug 0000131 -- an ArrayIndexOutOfBoundsException is thrown while the bytecode scanner is parsing an EJB class -- but I disagree with the resolution on that bug, which is to just swallow the exception. The exception is due to a real bug: an array is not being grown large enough to hold the data that the bytecode parser is trying to put there, because the code makes assumptions about the kinds of objects it'll see in the constant pool. I believe if there are too many constants in a row of types other than String or Object, this error will occur. Here's the patch I sent out to the mailing list, which fixes the underlying problem. --- modules/resin/src/com/caucho/bytecode/ByteCodeClassScanner.java- 2005-12-25 01:16:54.697243868 -0800 +++ modules/resin/src/com/caucho/bytecode/ByteCodeClassScanner.java 2005-12-25 01:29:01.530261520 -0800 @@ -180,7 +180,7 @@ case ByteCodeParser.CP_CLASS: { if (_cpOffset.length <= i) { - int []offset = new int[2 * _cpOffset.length]; + int []offset = new int[2 * i + 1]; System.arraycopy(_cpOffset, 0, offset, 0, _cpOffset.length); _cpOffset = offset; } @@ -272,7 +272,7 @@ case ByteCodeParser.CP_UTF8: { if (_cpOffset.length <= i) { - int []offset = new int[2 * _cpOffset.length]; + int []offset = new int[2 * i + 1]; System.arraycopy(_cpOffset, 0, offset, 0, _cpOffset.length); _cpOffset = offset; } As you can see, the bug will happen whenever i > (2*_cpOffset.length). This patch grows the array based on the required size rather than based on its current size. The "+ 1" is so it will do the right thing if i == 0. |
||||
| Steps To Reproduce: | |||||
| Additional Information: | |||||
| Relationships | |||||
| Attached Files: | |||||
| Notes | |||||
|
|
|||||
|
|
||||