Avoid UB in installer and check manifest data in advance #1628
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
InitAuther97
changed the title
IzzelAliz
reviewed
Jan 21, 2025
| var cw = new ClassWriter(ClassWriter.COMPUTE_MAXS); | ||
| asmClass.accept(cw); | ||
| var bytes = cw.toByteArray(); | ||
| Unsafe.defineClass(cpwClassName, bytes, 0, bytes.length, cl, domain); |
There was a problem hiding this comment.
Unsafe 现在已经 deprecated for removal 了,看能不能不用
|
现在改成用ClassLoader拦截类加载了,但是有点取巧,把它的模块信息全扔掉了(不然要用cpw的ModuleClassLoader,需要自己处理所有库,就变成另一个BL了),标记了一下 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In the latest release of Trials, modifying the forge installer jar file may corrupt the manifest data, exposing a potential issue of relying on an undefined order of ServiceLoader.load(...).stream() between different modules in the same layer.
The issue will cause a conditional crash that depends on the archive file name when the installer is modified externally. The module name will also be related to the file name.
In this PR: