Enforce class definition ordering rules in v37 Dex files.
These new checks also reject classes extending or
implementing themselves directly or transitively within
a single Dex file.
Bug: 28812524
Bug: 28797012
Bug: 28685551
Bug: 27682580
Change-Id: I51c43f8b4b6a7abaade63682411e61f21767f5d4
diff --git a/runtime/dex_file_verifier.cc b/runtime/dex_file_verifier.cc
index bbffbbb..d2e84ad 100644
--- a/runtime/dex_file_verifier.cc
+++ b/runtime/dex_file_verifier.cc
@@ -1956,6 +1956,31 @@
}
if (item->superclass_idx_ != DexFile::kDexNoIndex16) {
+ if (header_->GetVersion() >= DexFile::kClassDefinitionOrderEnforcedVersion) {
+ // Check that a class does not inherit from itself directly (by having
+ // the same type idx as its super class).
+ if (UNLIKELY(item->superclass_idx_ == item->class_idx_)) {
+ ErrorStringPrintf("Class with same type idx as its superclass: '%d'", item->class_idx_);
+ return false;
+ }
+
+ // Check that a class is defined after its super class (if the
+ // latter is defined in the same Dex file).
+ const DexFile::ClassDef* superclass_def = dex_file_->FindClassDef(item->superclass_idx_);
+ if (superclass_def != nullptr) {
+ // The superclass is defined in this Dex file.
+ if (superclass_def > item) {
+ // ClassDef item for super class appearing after the class' ClassDef item.
+ ErrorStringPrintf("Invalid class definition ordering:"
+ " class with type idx: '%d' defined before"
+ " superclass with type idx: '%d'",
+ item->class_idx_,
+ item->superclass_idx_);
+ return false;
+ }
+ }
+ }
+
LOAD_STRING_BY_TYPE(superclass_descriptor, item->superclass_idx_,
"inter_class_def_item superclass_idx")
if (UNLIKELY(!IsValidDescriptor(superclass_descriptor) || superclass_descriptor[0] != 'L')) {
@@ -1964,12 +1989,39 @@
}
}
+ // Check interfaces.
const DexFile::TypeList* interfaces = dex_file_->GetInterfacesList(*item);
if (interfaces != nullptr) {
uint32_t size = interfaces->Size();
-
- // Ensure that all interfaces refer to classes (not arrays or primitives).
for (uint32_t i = 0; i < size; i++) {
+ if (header_->GetVersion() >= DexFile::kClassDefinitionOrderEnforcedVersion) {
+ // Check that a class does not implement itself directly (by having the
+ // same type idx as one of its immediate implemented interfaces).
+ if (UNLIKELY(interfaces->GetTypeItem(i).type_idx_ == item->class_idx_)) {
+ ErrorStringPrintf("Class with same type idx as implemented interface: '%d'",
+ item->class_idx_);
+ return false;
+ }
+
+ // Check that a class is defined after the interfaces it implements
+ // (if they are defined in the same Dex file).
+ const DexFile::ClassDef* interface_def =
+ dex_file_->FindClassDef(interfaces->GetTypeItem(i).type_idx_);
+ if (interface_def != nullptr) {
+ // The interface is defined in this Dex file.
+ if (interface_def > item) {
+ // ClassDef item for interface appearing after the class' ClassDef item.
+ ErrorStringPrintf("Invalid class definition ordering:"
+ " class with type idx: '%d' defined before"
+ " implemented interface with type idx: '%d'",
+ item->class_idx_,
+ interfaces->GetTypeItem(i).type_idx_);
+ return false;
+ }
+ }
+ }
+
+ // Ensure that the interface refers to a class (not an array nor a primitive type).
LOAD_STRING_BY_TYPE(inf_descriptor, interfaces->GetTypeItem(i).type_idx_,
"inter_class_def_item interface type_idx")
if (UNLIKELY(!IsValidDescriptor(inf_descriptor) || inf_descriptor[0] != 'L')) {