Channels ▼
RSS

JVM Languages

Signalling Integer Overflows in Java

Source Code Accompanies This Article. Download It Now.


Using the ASM Library

While it is possible to process bytecode files with no other support than reading/writing bytes, there are well-defined libraries that considerably simplify the work, by managing the details and bookkeeping, such as computing the maximal size of the stack operand, the index of a literal in the constant pool, or the precise offsets when inserting jump operations. ASM (asm.objectweb.org) is such a library, particularly small yet powerful and efficient, making heavy use of design patterns. ASM offers methods to process bytecode streams, either in the form of an editable structure holding the entire code (analogous to a DOM-like parser for XML files), or through an event model (a SAX-like parser).

The event model makes filtering easy; for instance, to replace every iadd by a method call. The library also offers a program named ASMifier, which takes an existing *.class file and generates the Java+ASM source code that generates the same bytecode sequence at runtime. Integrated in an Eclipse plug-in, this tool quickly becomes a must-have.

Example 2 is a fragment of Java source code, and the corresponding bytecode instructions, first in an abstracted syntax, then as an output of ASMifier.

<b></b>
(a)
public static double arraySum(double [] t) {
  double sum=0.0;
   for(int i=0; i<t.length; i++)
    sum+=t[i];
   return sum;
}

<b>(b)</b>
public static arraySum(double[]):double
L0 (0) LINENUMBER 11 L0
       DCONST_0
       DSTORE 1: sum
L1 (3) LINENUMBER 12 L1
       ICONST_0
       ISTORE 3: i
L2 (6) GOTO L3
L4 (8) LINENUMBER 13 L4
       DLOAD 1: sum
       ALOAD 0: t
       ILOAD 3: i
       DALOAD
       DADD
       DSTORE 1: sum
L5 (15) LINENUMBER 12 L5
       IINC 3: i 1
L3 (17) ILOAD 3: i
       ALOAD 0: t
       ARRAYLENGTH
       IF_ICMPLT L4
L6 (22) LINENUMBER 14 L6
       DLOAD 1: sum
       DRETURN
L7 (25) LOCALVARIABLE t double[] L0 L7 0
       LOCALVARIABLE sum double L1 L7 1
       LOCALVARIABLE i int L2 L6 3
       MAXSTACK = 4
       MAXLOCALS = 4

<b>(c)</b>
MethodVisitor mv;
mv = cw.visitMethod(ACC_PUBLIC + ACC_STATIC, 
  "arraySum", "([D)D", null, null);
mv.visitCode();
  Label l0=new Label(), l1=new Label(), l2=new Label(),...;
mv.visitLabel(l0); mv.visitLineNumber(11, l0);
mv.visitInsn(DCONST_0);
mv.visitVarInsn(DSTORE, 1);
mv.visitLabel(l1); mv.visitLineNumber(12, l1);
mv.visitInsn(ICONST_0);
mv.visitVarInsn(ISTORE, 3);
mv.visitJumpInsn(GOTO, l3);
mv.visitLabel(l4); mv.visitLineNumber(13, l4);
mv.visitVarInsn(DLOAD, 1);
mv.visitVarInsn(ALOAD, 0);
mv.visitVarInsn(ILOAD, 3);
mv.visitInsn(DALOAD);
mv.visitInsn(DADD);
mv.visitVarInsn(DSTORE, 1);
mv.visitLabel(l5); mv.visitLineNumber(12, l5);
mv.visitIincInsn(3, 1);
mv.visitLabel(l3);
mv.visitVarInsn(ILOAD, 3);
mv.visitVarInsn(ALOAD, 0);
mv.visitInsn(ARRAYLENGTH);
mv.visitJumpInsn(IF_ICMPLT, l4);
mv.visitLabel(l6); mv.visitLineNumber(14, l6);
mv.visitVarInsn(DLOAD, 1);
mv.visitInsn(DRETURN);
mv.visitLabel(l7);
mv.visitLocalVariable("t", "[D", null, l0, l7, 0);
mv.visitLocalVariable("sum", "D", null, l1, l7, 1);
mv.visitLocalVariable("i", "I", null, l2, l6, 3);
mv.visitMaxs(4, 4);
mv.visitEnd();

Example 2: (a) Source code, (b) bytecode, (c) ASMifier output.

Example 3 illustrates how to write a program that replaces every iadd by a call to the presumably existing method used in Example 1.


<b>(a)</b>
import org.objectweb.asm.*;
import java.io.*;
public class MyInstrumentation {
  public static void main(String[] args) throws IOException {
    String filename = args[0];
    FileInputStream fis = new FileInputStream(filename);
    ClassReader cr = new ClassReader(fis);
    ClassWriter cw = new ClassWriter(cr, ClassWriter.COMPUTE_FRAMES);
    ClassAdapter ca = new MyClassAdapter(cw);
    cr.accept(ca, 0);
    byte[] newByteCode = cw.toByteArray();
    fis.close();
    FileOutputStream fos = new FileOutputStream(filename);
    fos.write(newByteCode);
    fos.close();
  }
}
//————————————————————-
class MyMethodAdapter extends MethodAdapter implements Opcodes {
  public MyMethodAdapter(MethodVisitor mv) { super(mv); }
   //———————————————————————————
   public void visitInsn(int opcode) {
     final String METHOD_NAME= "checkedIADD";
     final String METHOD_LOCATION="utils/SecuredArithmetics";
     final String METHOD_SIGNATURE="(II)I";
     if (opcode == IADD) {
       mv.visitMethodInsn(INVOKESTATIC, METHOD_LOCATION,
               METHOD_NAME, METHOD_SIGNATURE);
     } else {
       mv.visitInsn(opcode);
     }
  }
}
//————————————————————-
class MyClassAdapter extends ClassAdapter {
   public MyClassAdapter(ClassVisitor cv) { super(cv); }
   //———————————————————————————
   public MethodVisitor visitMethod(int access, String name, 
          String desc, String signature, String[] exceptions) {
     MethodVisitor mv;
     mv = cv.visitMethod(access, name, desc, signature, exceptions);
     if (mv != null) {
       mv = new MyMethodAdapter(mv);
   }
   return mv;
 }
}

<b>(b)</b>
public class Hello {
  public static void main(String[] args) {
   int a=3, b=5, c=Integer.MAX_VALUE;
   System.out.println(a+c);
   System.out.println(a+b);
 }
}

<b>(c)</b>
prompt> javac Hello.java
prompt> java Hello
  -2147483646
  8
prompt> java MyInstrumentation "Hello.class"
prompt> java Hello
  Overflow!
  -2147483646
  8

Example 3: Simple instrumentation example: (a) instrumentation program, (b) instrumented test program, (c) commands and result.

The ASM library makes it easy to write a bytecode instrumentation program, but sketching the details of overflow management requires a careful analysis. For instance, you might not at first notice that unary integer negation or integer division are "dangerous" operations, or that incrementation has its own bytecode instruction. When playing with the operand stack instructions, it appears that some manipulations are possible on int values but not on long values, because the latter occupy two slots in the stack. The identifiers of added methods must be unique, even when processing an already instrumented class.


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Video