On Tue, 24 Nov 2020 10:58:43 GMT, Alan Bateman <[email protected]> wrote:
> The attribute_length of known ModuleXXXX attributes in the module-info.class
> is currently ignored. It should be checked and the class rejected if the
> attribute length doesn't exactly match the length of the info in the
> attribute.
>
> There are several ways to fix this. I initially limited the reading of the
> attribute_info to the attribute length but this resulted in confusing
> exception messages as the attribute appears truncated. The exception messages
> are clearer when it checks that the attribute length corresponds to the
> number of bytes read.
src/java.base/share/classes/jdk/internal/module/ModuleInfo.java line 288:
> 286:
> 287: long newPosition = in.count();
> 288: if (newPosition != (initialPosition + length)) {
should this be:
if ((newPosition - intialPosition) != length) {
just to make it clear that no overflow can happen?
-------------
PR: https://git.openjdk.java.net/jdk/pull/1407
