On Fri, 27 May 2005 at 15:11:56 +1200, Adam Warner wrote:
> In writing a buffer overflow demo for a comp.lang.lisp participant I
> discovered that ABCL never detected it at any level of safety. I
> suggest that ABCL should detect it at a positive (1+) level of safety
> while continuing to omit any check at safety 0 in the interests of
Displaced array index validity is now checked at all safety settings.
When dealing with non-displaced arrays, the JVM itself always checks
for array index validity. There's no way to disable this checking, and
there's no added overhead to catch the ArrayIndexOutOfBoundsException
that gets signalled when an invalid index is detected.
In the special case of a displaced array, where an invalid index in the
displaced array might still refer to a valid location in what Java
thinks of as the real array, an extra check needs to be done. I had
omitted this check before, leading to the problem you pointed out.
There is apparently no test in the ANSI test suite that detects this
situation. Even without the current fix, ABCL passes all the tests in
Currently there is no fast path in the library code that the compiler
can use if safety is 0. Such a fast path could be added later, but it's
really more in the spirit of Java to check array index validity at all
times, so I'm not sure it's a good idea.